Forum Widgets
Latest Discussions
Windows App - RDP channel crashes when printing on a redirected canon printer
Hey team, I would like to know, if anyone else struggles with the following scenario: A canon printer is installed on a local client. The user is working in the AVD environment. The printers are redirected into the AVD-Session via "printer redirect". Since the users are migrating to the new "Windows App", the AVD session breaks as soon as the user is printing on a redirected Canon-Printer. When printing on another printer, there is no issue. Also: With the "Microsoft-Remotedesktop" Application, everything works as it should. A Microsoft ticket is already raised. I would like to know if there are other environments, which are encountering the same issue.
Fido2 from macOS client to Windows VD
Hello,I would like to know if it's possible to use FIDO2 keys from macOS client to a Virtual Windows Azure Machine I'm using the Microsoft Remote Desktop and Beta for accessing it but unfortunately when trying to use the Fido2 token for MFA i get error: We couldn't verify your identity or you are using private mode. Please ensure you are not in a private browsing window and please try again. Thanks in advance.
Uninstalling Remote Desktop client closes users' Windows App connections
We have our users working from Windows App now to meet the 3/27 out of support date. We are beginning to uninstall the Remote Desktop from their laptops and are finding it closes active Windows App connections on uninstall (of Remote Desktop). That is less than ideal. Looking to see if any way around that, but wondered if others had seen the same?
Feature request: allow setting web client features from direct-launch-url
We use the "direct launch URL" feature of the AVD web client to deep link users to a session desktop (https://learn.microsoft.com/en-us/windows-app/direct-launch-urls?tabs=avd). One of the reason we use the web client is because we use AVD in exam halls on Chromebooks in kiosk-mode. The ChromeOS kiosk-mode only supports websites. Students are faced with a connection dialog in which they can toggle IME and Special Keys. The students have to enable IME, but since these are university-owned devices, they do not know and just click "Connect". We would like to be able to configure these client options automatically. For example, as query parameters in the direct-launch-url. Ideally, we would also skip the "Connect" dialog entirely and just go strait into the session once the direct-launch-url is loaded.
Outlook Requires Password Every New Session - FSLogix
Outlook on our RDS servers (Office 2019 Standard Volume License) requires the user to enter their password every time they login to a new RDS session. If I login as a user excluded from FSLogix it saves the password and I don't need to re-enter it every time. I must be missing a simple setting somewhere. Anyone with a similar setup got some best practice GPOs? It must be something simple in there I'm missing.Azure Virtual Desktop(AVD) - Enable Cloud Kerberos for storage accounts question
I need to enable Cloud Kerberos for storage accounts used for AVD host pool. I am thinking of following the following instruction. Is that correct steps and is that all that is required?:- After enabling AADKERB on the storage account :- 1a. Find the AADKERB Service Principal Use Azure CLI to log into correct tenant az login –tenant <tenantName> 1b. Find the AADKERB Service Principal Look up by display name pattern az ad sp list --filter "startswith(displayName,'[Storage Account]')" --query "[?contains(displayName,'<storageAccountName>')].{id:id,appId:appId,name:displayName}" -o table 1c. Grant Admin Consent The AADKERB SP requires the following delegated permissions on Microsoft Graph: openid profile User.Read ← This is often overlooked but required Get the Microsoft Graph SP ID $graphSpId=$(az ad sp list --filter "appId eq '00000003-0000-0000-c000-000000000000'" --query "[0].id" -o tsv) Get the AADKERB SP ID $aadkerbSpId=<from step 1a> Check existing grants az rest --method GET --url "https://graph.microsoft.com/v1.0/oauth2PermissionGrants?$filter=clientId eq '$aadkerbSpId' and resourceId eq '$graphSpId'" Create or update the grant az rest --method POST --url "https://graph.microsoft.com/v1.0/oauth2PermissionGrants" --body "{ "clientId": "$aadkerbSpId", "consentType": "AllPrincipals", "resourceId": "$graphSpId", "scope": "openid profile User.Read" }"Convert Azure Files Storage account to AES256
Hi, Mild panic attack, so storage accounts used for Azure files were oriignally set up without AES256, looks like the hybrid join script now defaults to AES256. Which is great. So following this guide: Use Azure Active Directory Domain Services (Azure AD DS) to authorize user access to Azure Files over SMB | Microsoft Learn Looks like the original storage accounts were set up with RC4, we need to convert our existing storage accounts from RC4 to AES256. As a test, I created a new storage account on RC4, ran the PowerShell command to convert to AES256. Looks like it worked fine. Did this on the production AVD storage account. Lost access to the share, my heart sank. I can see KerberosEncryptionType was originally empty: Get-AdComputer avdprofilestorage -KerberosEncryptionType ran the command Set-AdComputer avdprofilestorage -KerberosEncryptionType AES256 few moments later, lost access. To revert there was no way to set a null command so ran: Set-AdComputer avdprofilestorage -KerberosEncryptionType RC4 then everything came back. Maximum compatibility is set on the storage account. Just wondering if there is anything else I have missed? Worst case scenario is being locked out of the share. Thanks
RD Client fails to connect if Screen Capture Protection enabled
Hi there, I have tested this by disabling the reg key (fEnableScreenCaptureProtect) that the policy applies, and I can then connect via my Android app. Is this something that will be addressed as my organization enables Screen Capture Protection but it prevents me from using my Android phone.
