SOLVED

WVD Role Assignments - can't determine who can do what.

Copper Contributor

We have three Techs trying to set up and test aspects of WVD. One user asked me if his account was in RDSOwners / RDSContributors group for our tenant. Is powershell the only way to find this out? I didn't see anything from the Azure portal or under the users entry in Azure AD. I couldn't find these as groups either.

 

In Powershell I tried Get-RdsRoleAssignment for our WVD tenant and only my username was listed as RDSOwner. No other names were listed. I tried to Set-RdsRoleAssignment and got an error that it isn't recognized as a cmdlet. I spent the last hour down the MS Docs rabbit hole for WVD and Azure with no clear cut answers.

 

Are some of the cmdlets not active yet since WVD is still in preview? How can I set other users as RDSOwner or RDSContributor?

5 Replies
best response confirmed by Roger_Cox (Copper Contributor)
Solution

@Roger_Cox yes, I believe PS is the only way.  try this:

 

Get-RDSRoleAssignment will list your WVD owners/contributors

 

Add another owner:

 

New-RdsRoleAssignment -TenantID <tenant> -RoleDefinitionName "RDS Owner" -SignInName username@domain.com

 

I just had to do this as I was training our app person on this preview and it worked just fine.

@stevenzelenko  As WVD is now publicly available, does this have capability to support security group account access?

Is there a way to add an Azure AD group an RDS Owner ?

@Yuukan I'm the wrong guy to ask.  I'm just a customer.  Looks like we can't just yet.  I find it hard to believe that this service doesn't do group membership out of the box.  I would vote for this on teh user voice.

 

https://windowsvirtualdesktop.uservoice.com/forums/921118-general

@Yuukan 

Hi,

Yes - this is possible with the following powershell:

 

New-RdsRoleAssignment -RoleDefinitionName "RDS Owner" -GroupObjectId "<the GUID of your AD Group>" -TenantGroupName "<your WVD Tenant Group Name>" -TenantName "<your WVD Tenant Name>"

 

Hope this helps you.

 

BR,

Chris

1 best response

Accepted Solutions
best response confirmed by Roger_Cox (Copper Contributor)
Solution

@Roger_Cox yes, I believe PS is the only way.  try this:

 

Get-RDSRoleAssignment will list your WVD owners/contributors

 

Add another owner:

 

New-RdsRoleAssignment -TenantID <tenant> -RoleDefinitionName "RDS Owner" -SignInName username@domain.com

 

I just had to do this as I was training our app person on this preview and it worked just fine.

View solution in original post