User Profile
Redsman13
Copper Contributor
Joined 3 years ago
User Widgets
Recent Discussions
Azure Virtual Desktop - Restricting Access based on the Remote Desktop Client App Version
Morning, What are the current options for restricting access to the AVD Service based on the version of the Remote Desktop Client App? I would have thought CA policy could achieve this, but it doesnt seem to be granualar enough. Thanks in advance. AVD - Win10 Multi-User Identity - Entra Domain Services (AAD-DS)1.4KViews0likes4CommentsWindows 10 Enterprise for Virtual Desktop August Marketplace Image Issues
Over the last few weeks, our users have been experiencing M365 issues on our Virtual Desktop Platform. The main Issues seem to be related to authenticating M365 apps. Two main errors in the application logs are as follows: Failure to load the application settings for package Microsoft.AAD.BrokerPlugin. Error Code: -2147024893 Triggered repair of state locations because operation SettingsInitialize against package Microsoft.AAD.BrokerPlugin hit error -2147009096. We didn't see these issues in the July Marketplace Image and are now waiting on the September Image which hopefully addresses the above issue. Image - win10-21h2-avd-m365-g2 Version - 19044.3086 M365 Apps for Enterprise Version - 16.0.16529.20226 Has anyone else experienced this or a similar issue in the Windows 10 + M365 Virtual Desktop August Marketplace Image? Thanks in advance.704Views0likes0CommentsNew AVD environment on 25. address space
We currently have a number of AVD environments on 10. address ranges. We have a new requirement for a 25. address range. Initial thoughts are as follows: - Standing up new VNET with a 25. subnet - New Host Pool, DAG, etc - New Subnet on the AADDS VNET with a 25. address range - DNS configuration on AADDS so Session Host VM's can resolve. - Traffic will route out from an Azure Hub Firewall over express route Are there any glaring holes with this approach? Thanks in advance.383Views0likes0CommentsSession Host Virtual Machine Health Check Status - TURNRelayAccessHealthCheck
Whilst carrying out some standard healthchecks this morning on our environment we have come across the following in the Health Check Status: - TURNRelayAccessHealthCheck This has appeared out of the blue and we have never seen it before on any of the other Session Host Virtual Machines. How anyone come across this before and if so what was the cause and resolution? Thanks in advance, PhilSolved13KViews0likes2CommentsAzure Virtual Desktop - Optional Rules for Session Host Virtual Machines
Hi all, Just wondering if it is standard practise to include the optional rules for the Session Host VM's (see table below): Address Outbound TCP port Purpose login.windows.net 443 Sign in to Microsoft Online Services and Microsoft 365 *.events.data.microsoft.com 443 Telemetry Service www.msftconnecttest.com 443 Detects if the session host is connected to the internet *.prod.do.dsp.mp.microsoft.com 443 Windows Update *.sfx.ms 443 Updates for OneDrive client software *.digicert.com 443 Certificate revocation check *.azure-dns.com 443 Azure DNS resolution *.azure-dns.net 443 Azure DNS resolution Microsoft state that these optional rule MIGHT also be required to access other services: https://learn.microsoft.com/en-us/azure/virtual-desktop/safe-url-list?tabs=azure Would just like to hear other engineers experience on whether to implement or not. Thanks in advance.568Views0likes1CommentAzure Virtual Desktop - Restricting Device Platform Versions
Hi all, What are the current options (if any) for restricting specific device platform versions (Windows & MacOS) from acessing a Virtual Desktop environment. Users are coming in through the Remote Desktop Client (Desktop App). It looks like Conditional Access Policies are not granular enough to restrict specific versions of Windows and MacOS. We are using Azure AD DS Identity so dont have the opportunity to utilise Intune Policies, etc. Thanks in advance2.2KViews0likes3CommentsAzure Virtual Desktop - Feed Subscription Logging
Is there any way to obtain the following logs for Azure Virtual Desktop when a user doesnt have sufficient permissions to access any resources: Azure Active Directory authenticates the user and returns the token used to enumerate resources available to a user Client passes token to the Azure Virtual Desktop feed subscription service Azure Virtual Desktop feed subscription service validates the token Azure Virtual Desktop feed subscription service passes the list of available desktops and RemoteApps back to the client in the form of digitally signed connection configuration I can see the Azure AD sign in logs to the tenant but am trying to understand if/where there is specific logging from AVD in the portal to understand if a user has access to a Workspace, etc. Thanks in adavance1KViews0likes0Comments
Groups
Recent Blog Articles
No content to show