Aug 30 2022 04:23 AM
Disclaimer: This blog post is provided as-is without any support statements and is meant to be generic guidance on the scenario addressed here. It should not be taken as a prescriptive guidance. Please validate in your environment before configuring.
Windows 365 enables connectivity to Cloud PCs via a number of client applications that can be run in Windows, Android, iOS and Linux operating systems. Each client supports different features, as documented here Remote Desktop clients feature comparison | Microsoft Docs and depending on the application used, users might have different end user experience such as Teams audio-video optimization. Due this disparity, administrators might want to block access from certain clients to provide a consistent user experience across their user base.
In this article, we will take a look how to configure Azure Conditional Access to prevent users from connecting to their Cloud PC using in-browser RDP session, while allowing the users to login to the portal and use other capabilities such as restart, restore, rename etc.
This blog post uses the CA article here as reference Enforce Azure Active Directory Multi-Factor Authentication for Azure Virtual Desktop using Condition...
Create a conditional access policy with below configurations:
Result
Windows 365 Web Portal
When the user clicks the Open in browser option, they will the below screen in a new tab
When the user launches the session from the RD Client, they will be able to successfully connect to the Cloud PC.
Aug 30 2022 10:38 AM
Apr 16 2024 04:36 PM - edited Apr 16 2024 06:22 PM
@RavishankarN - I am getting a different result, I am completely blocked from accessing user action. Was this changed? Is there a way to access user action but block portal access?
Thanks