Conditional access policy Azure Virtual Desktop Require MFA and Sign-in frequency

Steel Contributor

Hi all,

 

I want to share this information:

 

Conditional access policy settings:

- Users: all or selected group of users

- Cloud apps:

Azure Virtual Desktop (9cdead84-a844-4324-93f2-b2e6bb768d07)

Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c)

- Conditions > Client apps > Modern authentication clients: Browser and Mobile apps and desktop clients

- Control: Grant access > Require multifactor authentication

- Session: Sign-in frequentie > Periodic reauthentication


A notification will be shown: "Some of the applications currently selected are not compatible with the "Sign-in frequency" option of "Every time"".  

 

I had a call with MS support regarding this notification: Microsoft doesn't see Azure Virtual Desktop as a "Microsoft native app" but as a "third-party app", however Azure Virtual Desktop can be used in combination with the "Sign-in frequency" option.

 

https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access...

6 Replies

@MathieuVandenHautte 

 

Hi 

 

where can i find this app cloud Microsoft Remote Desktop with ID a4a365df-50f1-4397-bc59-1a1564b8bb9c 

in my entra portal  Entreprises Applications i cannot find it 

 

i try to install RDP with security Keys FIDO 

The complete guide to RDP with Security Keys | by Jonas Markström | Medium (swjm.blog)

 

Br

Alain 

Sorry

but i try first to install conditionnal access apps cloud before to test the RDP SSO Fido

i don't kown how to add CLOUD APPS Microsoft remote desktop in my Entra
it 's not listed on apps cloud

Br

hi,

you must go to Entra ID > Enterprise Application > remove the filter for enterprise apps and than you can search for "microsoft remote"

Hi tommykneetz 

Thankt but not listed , i get 134 apps after remove the filter but not Microsoft Remote Desktop 

 

Br

 

@ALAIN_CH69 

Hi ALAIN_CH69

 

Please check the attached print screen regarding the configured conditional access policy.