User Profile
Redsman13
Copper Contributor
Joined Jul 13, 2022
User Widgets
Recent Discussions
Re: Azure Virtual Desktop - Restricting Access based on the Remote Desktop Client App Version
Restricting the version. Good example would be to prevent users from coming into the AVD environment when they are using a version of the Remote Desktop Client app that is 2 years out of date or more. I'm aware that in the past Microsoft have blocked older unsupported versions from accessing the AVD Service: https://techcommunity.microsoft.com/t5/azure-virtual-desktop/update-blocking-older-and-unsupported-remote-desktop-clients/m-p/2498179 Thanks in advance.1.7KViews0likes0CommentsAzure Virtual Desktop - Restricting Access based on the Remote Desktop Client App Version
Morning, What are the current options for restricting access to the AVD Service based on the version of the Remote Desktop Client App? I would have thought CA policy could achieve this, but it doesnt seem to be granualar enough. Thanks in advance. AVD - Win10 Multi-User Identity - Entra Domain Services (AAD-DS)2.5KViews0likes4CommentsRe: FSLogix Profile exclusions for Win10 Multi-User Sessions
Is there any update to date Microsoft guidance on FSLogix best practices for a Windows 10 Multi User Session Environment? We are experiencing the following issue at the moment and are working through the implementation of some additional exclusions detailed in the article: https://learn.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/cannot-sign-in-microsoft-365-desktop-apps Thanks in advance.4.8KViews0likes0CommentsWindows 10 Enterprise for Virtual Desktop August Marketplace Image Issues
Over the last few weeks, our users have been experiencing M365 issues on our Virtual Desktop Platform. The main Issues seem to be related to authenticating M365 apps. Two main errors in the application logs are as follows: Failure to load the application settings for package Microsoft.AAD.BrokerPlugin. Error Code: -2147024893 Triggered repair of state locations because operation SettingsInitialize against package Microsoft.AAD.BrokerPlugin hit error -2147009096. We didn't see these issues in the July Marketplace Image and are now waiting on the September Image which hopefully addresses the above issue. Image - win10-21h2-avd-m365-g2 Version - 19044.3086 M365 Apps for Enterprise Version - 16.0.16529.20226 Has anyone else experienced this or a similar issue in the Windows 10 + M365 Virtual Desktop August Marketplace Image? Thanks in advance.851Views0likes0CommentsRe: Network Security Group - Outbound Security Rules for VNET isolation
Hi kjones. So we currently have environments on seperate VNETs., host pools, etc, however the default nsg outbound security rules allows traffic outbound to any other VNET. More than likely we just need a deny rule that takes precendence over the default VNET to VNET allow. Thanks16KViews0likes1CommentNew AVD environment on 25. address space
We currently have a number of AVD environments on 10. address ranges. We have a new requirement for a 25. address range. Initial thoughts are as follows: - Standing up new VNET with a 25. subnet - New Host Pool, DAG, etc - New Subnet on the AADDS VNET with a 25. address range - DNS configuration on AADDS so Session Host VM's can resolve. - Traffic will route out from an Azure Hub Firewall over express route Are there any glaring holes with this approach? Thanks in advance.413Views0likes0CommentsRe: Removing Outlook App from Windows 10 Enterprise for Virtual Desktops
Hi Mathieu, So currently, there is no way out there to uninstall individual Office 365 apps installed from outside the Windows Store (part of a marketplace deploy). We are also not currently managing a master image for AVD in our environment, therefore would be looking for an automated method to achieve the uninstall of just the Outlook App across the Session Host VM's in the host pool. Thanks1.8KViews0likes1CommentSession Host Virtual Machine Health Check Status - TURNRelayAccessHealthCheck
Whilst carrying out some standard healthchecks this morning on our environment we have come across the following in the Health Check Status: - TURNRelayAccessHealthCheck This has appeared out of the blue and we have never seen it before on any of the other Session Host Virtual Machines. How anyone come across this before and if so what was the cause and resolution? Thanks in advance, PhilSolved15KViews0likes2CommentsAzure Virtual Desktop - Optional Rules for Session Host Virtual Machines
Hi all, Just wondering if it is standard practise to include the optional rules for the Session Host VM's (see table below): Address Outbound TCP port Purpose login.windows.net 443 Sign in to Microsoft Online Services and Microsoft 365 *.events.data.microsoft.com 443 Telemetry Service http://www.msftconnecttest.com 443 Detects if the session host is connected to the internet *.prod.do.dsp.mp.microsoft.com 443 Windows Update *.sfx.ms 443 Updates for OneDrive client software *.digicert.com 443 Certificate revocation check *.azure-dns.com 443 Azure DNS resolution *.azure-dns.net 443 Azure DNS resolution Microsoft state that these optional rule MIGHT also be required to access other services: https://learn.microsoft.com/en-us/azure/virtual-desktop/safe-url-list?tabs=azure Would just like to hear other engineers experience on whether to implement or not. Thanks in advance.635Views0likes1CommentAzure Virtual Desktop - Restricting Device Platform Versions
Hi all, What are the current options (if any) for restricting specific device platform versions (Windows & MacOS) from acessing a Virtual Desktop environment. Users are coming in through the Remote Desktop Client (Desktop App). It looks like Conditional Access Policies are not granular enough to restrict specific versions of Windows and MacOS. We are using Azure AD DS Identity so dont have the opportunity to utilise Intune Policies, etc. Thanks in advance2.5KViews0likes3CommentsAzure Virtual Desktop - Feed Subscription Logging
Is there any way to obtain the following logs for Azure Virtual Desktop when a user doesnt have sufficient permissions to access any resources: Azure Active Directory authenticates the user and returns the token used to enumerate resources available to a user Client passes token to the Azure Virtual Desktop feed subscription service Azure Virtual Desktop feed subscription service validates the token Azure Virtual Desktop feed subscription service passes the list of available desktops and RemoteApps back to the client in the form of digitally signed connection configuration I can see the Azure AD sign in logs to the tenant but am trying to understand if/where there is specific logging from AVD in the portal to understand if a user has access to a Workspace, etc. Thanks in adavance1.3KViews0likes0CommentsRe: "Activate Windows" Watermark has Appeared on Windows 10 Enterprise for Virtual Desktops SessionHost
Hi all., I have had comms from Microsoft Support that the issue "might" be fixed by the following KB: - KB5018482 They also confirmed that it is likely this will be rolled up into the Windows 10 November Image. Regards.14KViews0likes2CommentsRe: "Activate Windows" Watermark has Appeared on Windows 10 Enterprise for Virtual Desktops SessionHost
MarkF26 Hi Mark, I raised a call with Microsoft Support on the 28th September for the same issue. Following a troubleshooting session, the engineer advised that there is an ongoing investigation into this issue but currently no ETA on the fix. Details are below from the engineer: "I have found that your behavior matches with an ongoing investigation: • Windows 10 AVD • Platform image: Windows 10 Enterprise for Virtual Desktops-10.0.19044.2006 • Showing intermittent watermark: Activate Windows • Slmgr shows that the VM is licensed with Partial product key: GVLK • Issue seems to be happening with users with lower permissions, not been able to be detected with users that are part of the Local Admins group At this moment, there is no ETA about providing results of the ongoing investigation nor a fix. Once the fix is released, the same will be shipped as part of an update. This can be either a preview update or as well in a cumulative one after patch tuesday." Hope this helps, Phil14KViews0likes10CommentsAzure Virtual Desktop - Best practice for spanning an environment across multiple subscriptions
Afternoon all, Just trying to locate best practice surrounding spanning an Azure Virtual Desktop (multi-user session) environment across multiple subscriptions, specifically the published desktop? Regards1.6KViews0likes2Comments
Recent Blog Articles
No content to show