How To Learn about Windows 365 Cloud PC in 2022 to jumpstart your implementation
With the increased demand and interest in Windows 365 Cloud PC, this might be a good moment to summarize all the resources available online that can help ramp you up on the technical and business aspects to get started. " With Windows 365, we’re bringing the operating system to the cloud and creating a new category: the cloud PC, providing organizations with greater flexibility and a secure way to empower their workforce, regardless of location.” – Satya Nadella, CEO of Microsoft Let’s get started and show you all the resources that are freely available on the internet to kick the tires with Windows 365 Cloud PC as part of your journey to SaaS-based Cloud PCs. Microsoft certification course Learning about Windows 365 will soon be something you can get rewarded on as well. We are working on an official Modern Desktop Administrator. You can already follow the instructor-led training courses to get trained on Windows 365 today! Stay tuned, more news coming soon! Microsoft 365 Certified: Modern Desktop Administrator Associate - Learn | Microsoft Docs What's new in Windows 365 Learn what new features are available in Windows 365. What's new in Windows 365 Enterprise | Microsoft Docs Windows 365 for Partners Grow your Microsoft 365 cloud services business with Windows 365, the following resources will help you establish maximum benefit from the Microsoft cloud as a Partner. Windows 365 Official Partner Portal Page Windows 365 Partner FAQ Windows 365 Partner PowerPoint deck Windows 365 Official Training material Windows 365 Product Brochure Technical deployment guide Upcoming partner (free) sales training March 31, 2022, 8:00-9:00 AM, Pacific time Register here: https://aka.ms/W365Salestraining1 April 5, 2022, 5:00-6:00 PM, Pacific time Register here: https://aka.ms/W365Salestraining2 April 7, 2022, 8:00-9:00 AM, Pacific time Register here: https://aka.ms/w365technicaltraining1 April 12, 2022, 5:00-6:00 PM, Pacific time Register here: https://aka.ms/w365technicaltraining2 Windows 365 PowerPoint presentations We know like no other that content is sometimes more important than the technology itself to share the benefits for business before starting a proof-of-concept implementation. Therefore, we made our official Microsoft presentation material publicly available for anyone. L100 overview deck of Windows 365 Enterprise L100 overview deck of Windows 365 Business Windows 365 Business vs Enterprise comparison deck L300 technical deep-dive deck of Windows 365 Enterprise Paperback book: Mastering Microsoft Endpoint Manager and Windows 365 One of the main reasons for the slow adoption of Modern Workplace solutions designed to simplify the management layer of your environment is the lack of understanding and knowledge of the product. With this book, you'll learn everything you need to know to make the shift to Modern Workplace, running Windows 10, Windows 11, or Windows 365. You can order it here: Amazon.com: Mastering Microsoft Endpoint Manager: Deploy and manage Windows 10, Windows 11, and Windows 365 on both physical and cloud PCs: 9781801078993: Brinkhoff, Christiaan, Larsen, Per, Pan, Ken, Manchester, Scott: Books Windows in the Cloud – YouTube webcast series This free live Microsoft Teams webcast series highlights new features, best practices from both Microsoft Engineering and the community, and Windows 365 success stories. We hope you’ll join us right here as we explore technology-focused topics alongside members of the community, Microsoft Engineering, customers, and users. Episode 6: Windows 365 Enterprise and Azure AD join support with Christian Montoya Episode 5: Monitoring, endpoint analytics, and alerting for Windows 365 with Navnith Ramkrishnan Episode 4: Windows 365 Business deep dive with Joydeep Mukherjee Episode 3: Learn from the Experts – MVPs with MVP Anoop Nair Episode 2: Windows 365 at Microsoft Ignite with Scott Manchester Episode 1: Welcome to the Show with Jen Gentleman Demo bytes Create Windows 365 Enterprise Azure AD Join Cloud PCs on your own network How to use the Windows 365 Web Portal the best way possible How to make your Windows 365 Cloud PC users a local administrator How to proactively monitor your Windows 365 Cloud PCs with Endpoint Analytics Windows 365 Business – deep dive technical walkthrough Windows 365 Business is a version of Windows 365 made specifically for use in smaller companies (up to 300 seats). It offers an easy, streamlined way of providing Cloud PCs to your users. Learn in this blog how to configure it. Get started with Windows 365 Business - Microsoft Tech Community Windows 365 Enterprise – deep dive technical walkthrough Find out what you need to know to jump into this new service and make it even easier for your users to connect to Windows running in the Microsoft cloud. Learn in this blog how to configure it. Get started with Windows 365 Enterprise - Microsoft Tech Community How to configure Windows 365 Enterprise Azure AD join (mindcore.dk) Universal Print, Defender, and OneDrive with Windows 365 Learn about how to use Windows 365 with other Microsoft 365 Cloud services such as Universal Print and Defender! Get started with Universal Print and Windows 365 Cloud PC - Microsoft Tech Community Learn how to configure Microsoft Defender for Endpoint for your Windows 365 cloud PCs and physical endpoints via Microsoft Endpoint Manager Learn how to exclude files and extensions in Windows 365 cloud PCs from syncing in to OneDrive via both GPOs and Microsoft Endpoint Manager Linkedin Learning – Deploy, Provision and Manage Windows 365 Cloud PCs by Brian Posey Learn more about how to configure and enable supporting infrastructure in Azure to create a virtual remote network. Get the skills you need to deploy a secure, manageable network, setting up your organization for success. Brian shows you why Windows 365 is so appealing, as it combines the simplicity of the PC with the security and power of the cloud. Welcome to Windows 365 | Linkedin Learning (linkedin.com) Puralsight online training – Windows 365 In this course, Windows 365 Cloud PC, we explore the value of Windows 365 and walk through accessing your cloud PC from both a browser and through an app called Remote Desktop. Windows 365 Cloud PC | Pluralsight Microsoft Endpoint Manager: Windows Autopilot, Windows 365 | Pluralsight Ask Microsoft Anything – Windows 365 New series! Join us every month with your questions about Windows 365 features, deployment, customization, and best practices. During these one-hour Ask Microsoft Anything (AMA) events, we'll have members of the Microsoft engineering and product teams ready to help and provide answers. Not sure where to start? Watch our Windows in the Cloud web series to catch up on the latest. Upcoming AMAs: Ask Microsoft Anything: Windows 365 - February 2022 Ask Microsoft Anything: Windows 365 - March 2022 Ask Microsoft Anything: Windows 365 - April 2022 Ask Microsoft Anything: Windows 365 - May 2022 Ask Microsoft Anything: Windows 365 - June 2022 Microsoft Mechanics Watch as Microsoft engineers show you how to get the most from the software, service, and hardware they built. Through in-product demos, recommendations, how-to's, and tips, they simplify complex topics so you can share them with clients, peers, and your management team. Windows 365, your Cloud PC | What it is, how it works, and how to set it up - YouTube Windows 365 admin setup and management tutorial for Cloud PCs - YouTube Microsoft Docs Official product documentation for Windows 365 Business Windows 365 Enterprise documentation | Microsoft Docs Windows 365 Business documentation | Microsoft Docs Windows 365 Feedback portal Share your ideas for future features and functionality for Windows 365—and vote on your favorites! Windows 365 feature requests - Microsoft Tech Community Windows 365 Roadmap To help in your readiness and planning, this page lists Windows 365 updates and features that are in development but not yet released. In development - Windows 365 Enterprise | Microsoft Docs Become a Microsoft MVP for Windows 365 Do you aspire to be a Microsoft Most Valuable Professional (MVP) for Windows 365? We just announced our new program. If you're interested in becoming an MVP, please reach out to me on social media! Join our Windows 365 Community – led by MVPs! We are a group of EUC, Enterprise Mobility and Azure specialists, sharing their knowledge actively with the wider virtual desktop communities. Our community is open to everyone, and several Microsoft MVPs will keep you posted every week on the latest news and announcements of Windows 365! Welcome to the brand new Windows 365 Community! - Windows 365 Community (w365community.com)
Windows 365 Cloud PC Self-Service Automated Request Process
How to automate Windows 365 Cloud PC self-service requests (Windows 365, Azure Active Directory, Microsoft Forms, Power Automate, MS Graph) Contributors: Juan José Guirola Sr. (Next Generation Endpoint GBB for Americas) Bobby Chang (Power Platform GBB for Americas) Azim Manjee (Cloud Endpoint Technical Specialist) Windows 365 simplifies how organizations offer Cloud PCs to their employees. As a cloud-based service from Microsoft, Windows 365 provides a personal, secure streamed experience from any supported device. It comes with all the productivity, security, and collaboration benefits of Microsoft 365. Windows 365 removes the need to manage a complex infrastructure and it integrates with existing cloud-based networking investments such as Azure Active Directory, Microsoft Endpoint Manager, and more. As the workplace continues to shift toward hybrid work, Windows 365 gives more organizations the ability to issue a cloud-native, persistent Cloud PC that is available 24 hours a day, 7 days a week, all with the ease of assigning a license. This simplified approach to provisioning Cloud PCs opens up the potential for automation and self-service scenarios. With Windows 365, you can provide your employees with Cloud PCs on demand, and here, we’ll show you how. Prerequisites The following items are required to provide automated, self-service Cloud PC request of Windows 365 deployment in a production environment: (For personal development and sandbox/testing scenario, you can use the Microsoft 365 Developer Plan and Power Apps Developer Plan). Windows 365 Enterprise Licenses Windows 10 Enterprise or Windows 11 Enterprise Azure Active Directory (Azure AD) Premium (P1/P2) Azure AD native group (must NOT be a synced group) Microsoft Intune (previously known as Microsoft Endpoint Manager) Microsoft Forms Power Automate per flow plan Microsoft Graph (Windows 365 Cloud PC MS Graph API in beta) Working with Windows 365 Cloud PCs using the Microsoft Graph API Azure App Registration with the following permissions: CloudPC.Read.All. For enterprise production scenarios, we would recommend leveraging the Application Lifecycle Management (ALM) capabilities in Power Platform, in order to safely adopt future changes to your processes. However, this is outside of the scope of this blog post. Before you begin Before you set up automation and a self-service Cloud PC request process, identify and assign the target Azure AD group(s) for the Windows 365 Cloud PC license assignment and provisioning policy. In our scenario, we have three Azure AD Groups (one Azure AD group for each of our three business segments), for both license and provisioning policy assignments. To configure group license assignments, see Assign licenses to users by group membership in Azure Active Directory. For information about how to target the groups for provisioning policies, see Create Windows 365 Cloud PC provisioning policies. Once you have the group assignment, set up the self-service process starting with Microsoft Forms. Create the request intake form Establishing an intake process will not only allow your employees to request the Windows 365 Cloud PC on-demand, but also allow you to build in an approval process and a feedback loop once the license is provisioned and ready for access. For our scenario, we are using Microsoft Forms as the intake form for requesting a Cloud PC. If your organization needs additional requirements around data validations and user experience in the form, we recommend leveraging Power Apps instead. To create a form with Microsoft Forms, see the Microsoft Forms help and learning home page or Create a form with Microsoft Forms. The following are the key components of our example form: Purpose-specific title “Windows 365 Cloud PC Request Form” Four questions to identify the requesting employee’s business segment, the type of Cloud PC they require, their region, and their contact number (aka mobile number) Shared to people in the organization only, for security, tracking, and notification purposes Alt text: Example Windows 365 Cloud PC Request Form in Microsoft Forms. Register MS Graph in Azure AD Once the request form is complete, register MS Graph as an Enterprise application in Azure Active Directory. Log into the Azure portal with appropriate permissions for making application registrations. Global Administrator privileges will provide the permissions to make application registrations; there are other options by following the custom role details in this documentation Custom role permissions for app registration - Azure AD - Microsoft Entra | Microsoft Docs. In the Azure services portal, click Azure Active Directory > Azure Active Directory. Alt text: A screenshot of the Azure Active Directory blade in the Azure services portal. Select App registrations in the left navigation menu. Click New registration. Give the application a name, select Single Tenant for the supported account type, and then click Register. Alt text: A screenshot of the Register an application screen, showing the details that need to be identified for the new application. Note. Alt text: A screenshot of the recently created application overview with the Application (client) ID and Directory (tenant) ID details highlighted. Click API permissions in the left navigation menu. . Select Microsoft.Graph and choose Application permissions. Ensure the following permissions are added: CloudPC.Read.All User.Read User.Read.All Group.Read.All Mail.Send (optional for sending messages via Graph ) Alt text: A screenshot of the Select permissions setup. Once the permissions have been added, click Grant consent. Click Certificates & secrets in the left navigation menu, and then click New client secret. Important! Note this key and store it somewhere safe, like a key vault. This key will only be visible upon creation. Once you navigate away, you will be unable to expose the key again and will have to generate a new key. Create the Cloud PC provisioning process automation In this section, we will build the Power Automate flows that will orchestrate the self-service process. This decision flow illustrates the end-to-end process of adding the requestor to proper AD security group, prompting an approval process, and then notifying requestor of their Cloud PC readiness. Alt text: A flowchart depicting the process for the automated provisioning process. To begin, sign into Microsoft Power Automate with your Microsoft 365 organization credentials. From the left navigation menu, click + Create then: Click Automated cloud flow. Name the flow and choose the flow trigger, “When a new response is submitted” (Microsoft Forms) from list. Click Create. Alt text: A screenshot that shows the flow name and trigger selection options. In When a new response is submitted, select your form from the Form Id drop down, then: Click + New step. Search for “forms” in Choose an operation and select Get response details (Microsoft Forms) from Actions. For Get response details, select your form from the Form Id drop down and then select Response Id as Dynamic content. Alt text: A screenshot of the criteria for the Get response details step. Click on + New step (To add variable for the Object ID of the targeted group in Azure AD). In Choose an operation, type variable. Select Initialize variable from Actions. Type VARGroup ID details screen. Give it a name, e.g., VARGroupID and select “String” as Type. Click + New step (To add variable for the “id” attribute value of the Cloud PC). Choose an operation, type variable. Select Initialize variable from Actions. Give it a name, e.g. VARCloudPCID and select “String” as Type. Click on + New step (To add variable for the “status” provisioning value of the Cloud PC). Search for VAR in Choose an operation. Select Initialize variable. Give it a name (e.g. VARProvisioningStatus) and select “String” as Type. Click on + New step (To add variable for your tenant ID). Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., VARTenantGUID) and select “String” as Type. Tenant ID/Tenant GUID is required for authentication against the CloudPC Microsoft.Graph API. For information on getting your tenent ID, see How to find your Azure Active Directory tenent ID.For information on getting your tenent ID, see How to find your Azure Active Directory tenant ID. In the Value field, enter your Tenant ID. Click on + New step (To add variable for your Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., VARAppID) and select “String” as Type. (This AppID represents the App Registration Client GUID, which is required for authentication against the CloudPC Microsoft.Graph API). In the Value field, enter your App Registration Client ID. Click on + New step (To add variable for the “Secret,” which is your . Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., VARSecretID) and select “String” as Type. This is required for authentication against the CloudPC Microsoft.Graph API. Refer to Step 6 in the “Register MS Graph in Azure AD” section of this document. For additional protection, use Azure KeyVault to store and retrieve this client secret. Refer to Defining inputs and outputs for this variable action to obfuscate the secret during run time and from the logs. In the Value field, enter your Client Secret. At this point, we need to determine the automated actions, based on the “Business Segment” value provided by requestor. This can be accomplished by applying a Switch action. : Click on + New step. Search for “Switch” in Choose an operation and select Switch (Control). Next to On, select What Business Segment are you part of? from Dynamics content. Add as many “Cases” as needed to meet your specific needs. In our example, we have 3 Cases, which represent the 3 business segments: South Enterprise, LATAM, and Microsoft Federal. Within each Case, click Add an action Search for “variable” and select Set variable. Select VARGroupID from the Name drop down. Insert the Object ID of the desired targeted group for each “Case.” Note: The Object ID can be retrieved by viewing the group properties in Azure AD. Alt text: A screenshot of options for setting the Case variables. Click on + New step (This step will initiate the approval process) Search for “approval” in Choose an operation and select Start and wait for an approval. Select Approve/Reject – Everyone must approve from the Approval type drop down. Enter the email addresses for approvers in the Assigned to field. Fill in the remaining fields as desired. In our example, we elected to use values gathered from the requestor. Alt text: A screenshot of the available settings for the approval process in Start and wait for an approval. Click on + New step. This step will set up the execution process determined by approval outcome. Search for “Condition” in Choose an operation and select Condition control. Select Outcome under Dynamic content as the value. Choose is equal to and type “Approve” for the value. You will be presented with two sub processes, If yes and If no. Add necessary flows for each. Alt text: A screenshot of the If yes and If no sub-process flow setup options. For the If yes process: Click Add an action. Search for “Azure AD” in Choose an operation and select Get User. Select Responders’ Email for the User Id or Principal Name value. Click Add an action. Search for “Azure AD” in Choose an operation and select Add user to group. Select VARGroupID for Group Id and Id for User Id. Click Add an action. Search for “Send email” in Choose an operation and select Send an email (V2) Office 365 Outlook. Select VARGroupID for Group Id and Id for User Id. Rename to “Send an approved email.” Fill in all fields, as desired. Alt text: A screenshot of the Send an approval email setup. [Optional] If you want to added notification, click Add an action. You can add notification to your flow. In our example we are using Twilio, but you can choose to use other services. Follow your SMS provider’s instructions to properly configure in Power Automate Flow. Click Add an action. To pause the flow and allow the provisioning process to kick off in the backend, select Delay and configure the desired time. In our example, we’ve elected to delay the flow for 1 minute. Search for Delay in Choose an operation. Click Add an action. Important! To add the control to perform Graph API calls against tenant to monitor requestors Cloud PC provisioning status, search. In the Method field, select GET. Under URI, set it up exactly as illustrated below, placing the UserPrincipalName dynamic content inside the string: https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/cloudPCs?$filter=userPrincipalName eq '@{outputs('Get_user')?['body/userPrincipalName']}' and status eq 'Provisioning'&$count=true For Authentication, select Active Directory OAuth. Leave the authority as default. Enter your TenantID variable under Tenant, https://graph.microsoft.com under Audience, the AppID under Client ID, and the Secret in the Secret section. Alt text: Example setup for Graph API controls to monitor requestor Cloud PC provisioning status. Click Add an action, and search for “Parse JSON.” Under (note in the UI you will also see Parse User CPCs), select Body for the Content field and insert the body of the HTTP request response into the Schema field. Use the following schema: Alt text: A screenshot of completed content and schema details for Parse JSON. { "type": "object", "properties": { "@@odata.context": { "type": "string" }, "@@odata.count": { "type": "integer" }, "value": { "type": "array", "items": { "type": "object", "properties": { "id": { "type": "string" }, "displayName": { "type": "string" }, "imageDisplayName": {}, "provisioningPolicyId": { "type": "string" }, "provisioningPolicyName": { "type": "string" }, "onPremisesConnectionName": { "type": "string" }, "servicePlanId": { "type": "string" }, "servicePlanName": { "type": "string" }, "status": { "type": "string" }, "userPrincipalName": { "type": "string" }, "lastModifiedDateTime": { "type": "string" }, "managedDeviceId": {}, "managedDeviceName": {}, "aadDeviceId": {}, "gracePeriodEndDateTime": {}, "servicePlanType": { "type": "string" }, "statusDetails": {} }, "required": [ "id", "displayName", "imageDisplayName", "provisioningPolicyId", "provisioningPolicyName", "onPremisesConnectionName", "servicePlanId", "servicePlanName", "status", "userPrincipalName", "lastModifiedDateTime", "managedDeviceId", "managedDeviceName", "aadDeviceId", "gracePeriodEndDateTime", "servicePlanType", "statusDetails" ] } } } } Note: You can also get this schema by using the Graph explorer to request from the same endpoint. Use the Generate from example button to generate the schema: Click Add action and search for “Apply to each.” In the Output field, select Value from our Parse JSON step. A Do until step should appear., If it doesn’t, click Add an action and search for “Do until.” Alt text: A screenshot of the Do until setup. In the Do until step, select the ProvisioningStatus variable is equal to string(‘provisioned’). Click and search for “Set Variable.” Configure the CPC-ID Variable to the ID of the item from the Parse JSON. Click Add an action and search for “HTTP.” Configure the HTTP using the same variables for TenantID, APpID, and Secret, as in the previous HTTP action, but using the following URI: https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/cloudPCs/@{variables('CPC-ID')} Example: Alt text: Example setup for monitoring Cloud PC. Click Add an action, search for “Parse JSON.” Select Body for the Content field and insert the following into the Schema field: { "type": "object", "properties": { "@@odata.context": { "type": "string" }, "id": { "type": "string" }, "displayName": { "type": "string" }, "imageDisplayName": { "type": "string" }, "provisioningPolicyId": { "type": "string" }, "provisioningPolicyName": { "type": "string" }, "onPremisesConnectionName": { "type": "string" }, "servicePlanId": { "type": "string" }, "servicePlanName": { "type": "string" }, "status": { "type": "string" }, "userPrincipalName": { "type": "string" }, "lastModifiedDateTime": { "type": "string" }, "managedDeviceId": { "type": "string" }, "managedDeviceName": { "type": "string" }, "aadDeviceId": { "type": "string" }, "gracePeriodEndDateTime": {}, "servicePlanType": { "type": "string" }, "statusDetails": {} } } Alt text: A screenshot of the Parse JSON schema. Click Add an action and search for “Set Variable.” Select ProvisioningStatus for the Name and configure the provisioning status variable to the status of the item from the Parse JSON. Click Add an action and search for “Delay.” Set a delay in an appropriate increment to recheck the status based on your typical Cloud PC provisioning time (e.g., 30 minutes is a normal time increment). In our example, we selected an increment of every 15 seconds. Consider throttling concerns to not overwhelm the API and cause timeouts. Once you’re past the Do Until scope, Click Add an action and search for “Send an Email.” Create your “successful” provisioning email. In our example, we use several variables and dynamic content to ensure clarity. You can also embed links to the different clients available to the employee for accessing their Cloud PC. Alt text: An example of a “successful” provisioning email setup. Click Add an action and search for “Send Text Message.” Create your “successful” provisioning SMS. In our example, we use several variables and dynamic content for clarity. Alt text: An example “successful” provisioning SMS message setup. Once you’re past the Apply to Each scope, Click Add an action, and search for “Terminate.” Set the Status to Successful. Return to the Approval Conditon to setup the rejection or If no process. Scroll up in the workflow to access this setup. Click Add an action and search for “Send Email.” Create and carefully word the rejection email. Alt text: An example of a rejection email setup. Click Add an action and search for Terminate. Set the Status as Cancelled. The entire Power Automate flow should look like the image below. Alt text: A Power Automatic flow diagram depicting the process described in this document. Once you’ve completed adding in steps to your automation flow, you’re ready to test the solution. Select Test and execute the steps described in the User experience section of this document. User experience Once the self-service experience is configured, the employee or requestor should be able to generate a request. The following is an example of what the user can expect during their request experience. The requestor completes the Self-service user request form. Alt text: An example of a completed self-service request form filled in by an employee. The flow kicks off based on information entered in the form by the requestor. The approval process begins. Alt text: An illustration of the approval process flow. The Approver gets an email and Microsoft Teams notification to approve, reject, or reassign the request. Alt text: An example of an approval request. Once approved or rejected, the flow continues to add the user to the proper Azure AD Group, which in turn will assign the proper Windows 365 license and the correct provisioning policy. Alt text: An illustration of the If yes and If no process flows. If the request is approved, the approval email and SMS text will be sent to the requestor informing them that the request was approved. If the request is rejected, the rejection email will be sent. Alt text: An example of an approval email. Alt text: An example of an approval text message. Power Automate will monitor the provisioning status as it changes from “provisioning” to “provisioned.” Once the Cloud PC status changes to “provisioned,” the requestor will receive an email and SMS text message informing them that their Cloud PC has been provisioned and is ready to access. Alt text: An example email message informing the requestor that their Cloud PC has been provisioned. Alt text: An example text message informing the requestor that their Cloud PC has been provisioned. Continue the conversation by joining us in the Microsoft 365 Tech Community! Whether you have product questions or just want to stay informed with updates on new releases, tools, and blogs, Microsoft 365 Tech Community is your go-to resource to stay connected.
Cannot Access Windows Hardware Developer Program in Partner Center — How to Sign Drivers in 2025?
Hi all, I'm trying to sign a Windows driver and need access to the Microsoft Windows Hardware Developer Program. **What I'm trying to achieve:** - Sign a driver for Windows using the standard Microsoft hardware signing process. **The issue:** - When I try to register for the Windows Hardware Developer Program, I get a message saying "Hardware Program is already in Active state". - However, when I go to Programs > Settings in Microsoft Partner Center, the Hardware Developer Program is NOT visible/available. - I have Global Admin permissions, and I’ve also tried using an account with Owner permissions — no difference, the Hardware Program is missing from the list. **My question:** - How do I get access to the Windows Hardware Developer Program if it's "Active" but not visible in the Partner Center? - Is there any way to manage or join the Hardware Program in 2025 if it's not listed? - Is there an alternative process for signing Windows drivers now? Any up-to-date guidance for 2025 would be super helpful. Any advice or escalation contacts would be highly appreciated! Thanks in advance.Unlocking the Power of Windows 365 in 2025: Your Ultimate Learning Guide
Fun fact, the article below is written by Microsoft Copilot! Before kicking off, I want to wish all of you Happy (and successful) New Year! As we move further into 2025, the digital workspace continues to evolve, and Windows 365 remains at the forefront, offering seamless and flexible cloud computing solutions. Last year, we have been recognized for the second consecutive year as a Leader in the 2024 Gartner® Magic Quadrant™ for Desktop as a Service (DaaS). Whether you're a seasoned professional or new to the world of cloud PCs, there's always more to learn about making the most out of Windows 365. To kick this year off with a tradition, here’s your comprehensive new guide to mastering Windows 365 in the year 2025! Getting started with Windows 365 Microsoft provides a wealth of resources to help users understand and maximize Windows 365. Start by exploring the official Windows 365 website for detailed documentation, tutorials, and updates. Additionally, the Microsoft Learn platform offers structured learning paths and modules specifically tailored to Windows 365. Windows 365 migration: It's easier than you think - Windows IT Pro Blog Windows 365 Cloud PCs and Microsoft Intune for VDI administrators | Windows IT Pro Blog New end-user experiences for Windows in the cloud: December 2024 | Microsoft Community Hub Technical deep dive bootcamp on Microsoft AVD and Windows 365 The future of Windows, Windows 365 and AI | Microsoft 365 Community Conference Create provisioning policies for Windows 365 Windows 365 deployment overview Windows 365 networking deployment options Windows in the Cloud video series Windows in the Cloud video series dives into Windows 365 capabilities: Windows 365 and Azure Virtual Desktop news from Microsoft Ignite - Windows in the Cloud What’s next in Windows 365 Frontline - Windows in the Cloud Introducing Windows 365 Link – the first Cloud PC device Microsoft Teams in the Windows cloud Windows App: what's new and what's next | Windows in the Cloud GPU-enhanced Windows 365 Cloud PCs - Windows in the Cloud Leadership spotlights Leadership spotlight: Melissa Grant, Windows Marketing Leadership spotlight: Marcus Ash on the future of Windows and AI design Customer spotlights Episode 1 - Windows 365 Customer Spotlights with Sepideh AMAs (Ask Microsoft Anything) Looking for more tips to deploy and manage Windows 365 and Azure Virtual Desktop faster, better, and simple? Catch up on the most recent sessions on-demand: AMA: The latest in Windows 365 and Windows in the cloud(December 2024) AMA: Windows 365 - Q3 2024 capabilities(October 2024) AMA: Windows 365 GPU-enabled Cloud PCs(September 2024) AMA: Windows App(August 2024) Upcoming dates: January 29, 2025 - AMA: Windows 365 February 26, 2025 - AMA: Windows 365 March 26, 2025 - AMA: Windows 365 Microsoft Ignite ’24 content available on demand In case you missed any of the breakout sessions that the Windows cloud engineering team delivered to Microsoft Ignite, they are now available on demand. Here are just a few highlights: Transform end-user computing experiences with Windows, Windows 365 and Intune Download PowerPoint slides here. Secure and resilient Windows strategy from Client to Cloud Download PowerPoint slides here. What's New in Windows Security, Productivity and Cloud What's new and what's next for Azure Virtual Desktop Books Mastering Windows 365 Mastering Microsoft Intune Get Microsoft certified As a candidate for this certification, you have subject matter expertise managing devices and client applications in a Microsoft 365 tenant by using Microsoft Intune. You’re responsible for: Implementing solutions for efficient deployment and management of endpoints on various operating systems, platforms, and device types. Implementing and managing endpoints at scale by using Microsoft Intune, Microsoft Intune Suite, Windows Autopilot, Microsoft Copilot for Security, Microsoft Defender for Endpoint, Microsoft Entra ID, Azure Virtual Desktop, and Windows 365. Implementing identity, security, access, policies, updates, and apps for endpoints. Learn more about the course via: Microsoft 365 Certified: Endpoint Administrator Associate - Certifications | Microsoft Learn Join the Windows 365 Community Engage with the Windows 365 community to share experiences, ask questions, and learn from others. Participate in forums such as the Microsoft Tech Community and follow relevant hashtags on social media platforms like LinkedIn and Twitter. Connecting with peers and experts can provide valuable insights and tips. Windows 365 Community weekly newsletters Follow us on LinkedIn Join our community on Discord Hands-On Practice There’s no substitute for hands-on experience. Set up your own Windows 365 environment and experiment with its features. Create different scenarios, troubleshoot issues, and explore various settings to get a practical understanding of how Windows 365 works. This practical approach will help solidify your knowledge and boost your confidence in using the platform. Go for our Interactive Demo for Windows 365 to: https://aka.ms/w365demo Attend Virtual Events and Webinars Save the date now for the third installment of the Microsoft Technical Takeoff for Windows and Microsoft Intune! This free, virtual skilling event will offer prescriptive, technical deep dives and panel-based discussions to help you feel prepared and confident in deploying and managing devices, apps, and experiences from client to cloud! Microsoft Technical Takeoff | Microsoft Community Hub Community events in 2025 to attend Workplace Ninja Summit + local user groups Workplace Ninja Summit is another amazing community event where you can learn about all things Intune and Windows 365. Its goal is to share knowledge with the community and to make workplace management with Microsoft Technologies simpler for everybody. Dates: 22 - 25 September 2025 More information can be found at Workplace Ninja Summit 2025 UK edition Workplace Ninjas UK 2025 - Expo + Breakouts | Edinburgh - 16 - 17 June 2025 Australia edition Workplace Ninja Australia Tour 2025 - Canberra, Fri, Feb 14, 2025, 9:00 AM | Meetup USA edition Workplace Ninjas US | 2025 Two-Day Conference Announcement December 2025 MMS Minnesota The Midwest Management Summit is a 4-day conference purposely capped at 750 attendees so that nobody gets lost in the crowd. Speakers have time to meet and talk to you. There are no people rushing out of a session to get the next speaker going. You have time to absorb what you see and talk it over with speakers and other attendees. Dates: May 4-8, 2025 at the Radisson Blu in Bloomington, MN More information can be found at https://mmsmoa.com/ MEM Summit Modern Endpoint Management Summit is an event dedicated to exploring the latest trends, innovations, and best practices in the field of endpoint management. Dates: 23 - 25 April 2025 - Paris, France Learn more about the event via: MEM Summit 2025 EUC Tech Summit Denmark EUCtech Denmark, an independent organization focusing on End User Computing technologies from Citrix and Microsoft. Dates: May 22, 2025 @ 7:30 am - 4:30 pm Learn more: EUCtech Denmark AVD Techfest AVD TechFest is an international festival bringing industry experts, vendors, and community speakers together to share and discover best practices for Windows 365 and Microsoft Azure Virtual Desktop (AVD) technology. Learn more at avdtechfest.com Stay in touch with us. Learning about Windows 365 in 2025 is an ongoing journey that combines official resources, community engagement, and hands-on experience. By tapping into these diverse learning avenues, you can stay ahead of the curve and fully harness the potential of Windows 365 to transform your digital workspace. Oh, and if you did not already, make sure to follow me on Linkedin to stay connected! Happy learning! Christiaan d.Enhancing Secure Remote Work with Windows 365 and Microsoft Entra Suite
(Windows 365, Microsoft Entra Suite) Contributors: Juan José Guirola Sr. (Security GBB for Advanced Identity) Tenney Bartenfelder (GBB – Advanced Identity) Summary The document discusses the benefits of using Windows 365 and Microsoft Entra Suite to enhance secure remote work environments across various industries. Importance of Secure Remote Work: Remote work offers flexibility and access to a global talent pool but also introduces risks such as data breaches and cyber threats, making secure remote work crucial for business continuity. Windows 365 Cloud PC: Windows 365 provides a full Windows environment streamed from the cloud, offering centralized security, data protection, conditional access, integration with Microsoft security tools, remote management, and scalability. Microsoft Entra Suite Features: Microsoft Entra Suite includes Private Access, Internet Access, ID Governance, ID Protection, Verified ID, and Least Privilege Access, providing comprehensive security for modern workplaces. Global Consulting Firm Case Study: A global consulting firm improved security, scalability, user experience, and identity governance by adopting Windows 365, Microsoft Entra Private Access, and Microsoft Entra Identity Governance. Manufacturing Company Case Study: A manufacturing company addressed data security, scalability, user experience, identity governance, and internet threats by implementing Windows 365 Cloud PC, Microsoft Entra Private Access, Internet Access, and Identity Governance. Healthcare Provider Case Study: A healthcare provider ensured secure remote access, data security, scalability, user experience, identity governance, and verifiable identity by using Windows 365, Microsoft Entra Private Access, Internet Access, Identity Governance, and Verified ID. Comparison with Traditional Virtual Desktop Solutions: Windows 365 offers simplicity, per-user licensing, seamless Microsoft integration, scalability, robust security, and consistent user experience compared to traditional virtual desktop solutions. Comparison with Other IAM Solutions: Microsoft Entra Suite provides identity-centric Zero Trust Network Access, Secure Web Gateway, automated identity lifecycle management, digital identity verification, least privilege access, and advanced threat detection compared to other IAM solutions. Comparison with Other SASE Solutions: Other SASE solutions may offer strong security and scalability but often lack the seamless integration with Microsoft 365 and other productivity tools that Microsoft Entra Suite provides. Conclusion: Windows 365 and Microsoft Entra Suite offer robust, scalable, and integrated solutions for secure remote work, enhancing productivity and security in hybrid work environments. Main Document In today’s digital age, remote work has become a staple for many organizations. However, with the flexibility of remote work comes the challenge of ensuring security across various devices and networks. This is where solutions like Windows 365 and Microsoft Entra Suite come into play, offering robust security features that help organizations maintain productivity without compromising on security. The Importance of Secure Remote Work Remote work offers numerous benefits, including increased flexibility, reduced commute times, and the ability to tap into a global talent pool. However, it also introduces risks such as data breaches, unauthorized access, and cyber threats. Ensuring secure remote work is crucial to protect sensitive information and maintain business continuity. Windows 365: A Secure Cloud PC Solution Windows 365 transforms the traditional desktop experience by streaming a full Windows environment from the cloud to any device. Here are some key benefits: Centralized Security: Windows 365 leverages Microsoft Zero Trust security model, which includes identity verification and risk factor, device health validation, and least-privilege access to ensure that only authorized users can access Cloud PCs. Data Protection: Data is stored in the cloud, not on local devices, reducing the risk of data loss or theft. With features like virtual Trusted Platform Module (vTPM) and Secure Boot, Windows 365 ensures that data is encrypted, both in transit and at rest, and protected from malware and other threats. Conditional Access: Administrators can set Conditional Access policies to control who can access the Cloud PCs and under what conditions, enhancing security by ensuring that access is granted only from compliant devices and locations. Integration with Microsoft Security Tools: It integrates seamlessly with Microsoft Defender for Endpoint, providing advanced threat protection and security management capabilities. Remote Management: IT Administrators can manage and configure Cloud PCs remotely using tools like Microsoft Intune, simplifying the management of security policies and compliance. Scalability and Flexibility: Windows 365 allows organizations to quickly scale up or down based on their needs, providing flexibility to support a dynamic workforce while maintaining security standards. Microsoft Entra Suite: Comprehensive Security for Modern Workplaces Microsoft Entra Suite offers a unified approach to identity and network access security, making it easier for organizations to implement a Zero Trust security model. Key features include: Microsoft Entra Private Access: This feature provides identity-centric Zero Trust Network Access (ZTNA) to secure access to private applications and resources. It helps reduce operational complexity and costs by replacing legacy VPNs. Microsoft Entra Internet Access: An identity-centric Secure Web Gateway (SWG) that protects against malicious internet traffic, unsafe or non-compliant content, and other threats from the open internet. It ensures secure access to SaaS applications and internet traffic. Microsoft Entra ID Governance: A comprehensive identity governance and administration solution that automates the identity and access lifecycle. It ensures that the right people have the right access to the right apps and services at the right time. Microsoft Entra ID Protection: This advanced identity solution block’s identity compromise in real-time using high-assurance authentication methods, automated risk and threat assessment, and adaptive access policies powered by advanced machine learning. Microsoft Entra Verified ID: A managed verifiable credentials service based on open standards that enables real-time identity verification in a secure and privacy-respecting way. It includes premium capabilities like Face Check for streamlined remote onboarding and self-service recovery of passwordless accounts. Least Privilege Access: Automates the access lifecycle to ensure users have the minimum necessary access to perform their roles, helping to prevent lateral movement in case of a breach. Improved User Experience: Enhances the user experience with faster and more secure sign-in via paswordless authentication, single sign-on for all applications, and superior performance. It also provides a self-service portal for managing access requests and approvals. Reduced Complexity and Cost: By integrating multiple security tools into one suite, Microsoft Entra Suite reduces the complexity and cost of managing security tools from multiple vendors. Sample Use Cases Case Study: A Global Consulting Firm Background: A global consulting firm with offices in multiple countries needed a secure and scalable solution to support its remote workforce. The firm faced challenges with its existing VPN-based remote access solution, which was not adequately equipped to handle the increased demand for remote work and stringent security requirements. Additionally, the firm required robust identity governance to manage the lifecycle of user identities and ensure compliance with various international regulations. Challenges: Data Security and Compliance: Ensuring the protection of sensitive client data and compliance with various international regulations. Scalability: The need to quickly scale remote access solutions to accommodate a growing number of remote consultants. User Experience: Providing seamless and efficient user experience for consultants accessing critical applications and client data remotely. Identity Governance: Managing the lifecycle of user identities, including the creation, updating, and removal of access rights, to ensure that consultants had appropriate access based on their roles and responsibilities. Management Complexity: Reducing the complexity of managing a diverse IT environment with multiple security and access control solutions. Solution: The consulting firm adopted Windows 365, Microsoft Entra Private Access, and Microsoft Entra Identity Governance to address these challenges. Windows 365 Scalability: Enabled the firm to quickly scale virtual desktops based on demand, providing flexibility for remote and hybrid work. Centralized Management: Simplified IT management with centralized control over updates, patches, and configurations. Consistent User Experience: Delivered seamless user experience across devices, ensuring consultants could access critical applications and client data efficiently. Microsoft Entra Private Access: Zero Trust Security: Implemented Zero Trust principles to secure access to private applications and resources, ensuring only authorized users could access sensitive information. Conditional Access: Used Conditional Access policies to control access based on user identity, device health, and location, enhancing security. Identity Protection: Leveraged advanced identity protection features to detect and respond to potential security threats in real-time. VPN Replacement: Replaced the legacy VPN solution with Microsoft Entra Private Access, providing secure access to private corporate resources without the need for a traditional VPN. Microsoft Entra Identity Governance: Identity Lifecycle Management: Automated the creation, updating, and removal of user identities based on signals from HR systems, ensuring that consultants had the right access from day one and that access was revoked promptly when they left the organization. Access Lifecycle Management: Managed access rights across various resources, ensuring that consultants had appropriate access based on their roles and responsibilities. This included automated access reviews and entitlement management to maintain compliance and security. Privileged Access Management: Secured privileged accounts by implementing policies for just-in-time access and monitoring privileged activities to prevent misuse. Outcome: Enhanced Security: The firm achieved a higher level of security with Zero Trust principles, protecting sensitive client data and ensuring compliance with international regulations. Improved Performance: Consultants experienced improved performance and reliability with Windows 365, enabling them to work efficiently from any location. Scalability and Flexibility: The firm could easily scale its virtual desktop infrastructure to meet changing demands, supporting a dynamic workforce. Streamlined Management: IT teams benefited from simplified management and centralized control, reducing administrative overhead and improving operational efficiency. By integrating Windows 365, Microsoft Entra Private Access, and Microsoft Entra Identity Governance, the global consulting firm successfully created a secure, scalable, and efficient remote work environment, enhancing productivity and ensuring compliance with industry regulations. Case Study: A Manufacturing Company Background: A global manufacturing company with multiple production facilities and offices worldwide needed a secure and scalable solution to support its remote workforce and 3 rd party access. The company faced challenges with its existing remote access infrastructure, which was not adequately equipped to handle the increased demand for remote work and stringent security requirements. Additionally, the company required robust identity governance to manage the lifecycle of user identities, including joiner, mover, and leaver scenarios, and to control access to internal resources and mitigate internet threats. The company was intrigued by the Entra Private Access ability to provide per app VPN functionality to restrict 3 rd parties from lateral movement on their network. Challenges: Data Security and Compliance: Ensuring the protection of sensitive manufacturing data and compliance with various international regulations. Scalability: The need to quickly scale remote access solutions to accommodate a growing number of remote employees. User Experience: Providing a seamless and efficient user experience for employees accessing critical applications and data remotely. Identity Governance: Managing the lifecycle of user identities, including the creation, updating, and removal of access rights, to ensure that employees had appropriate access based on their roles and responsibilities. Internet Threats: Protecting against malicious internet traffic and ensuring secure access to SaaS applications and internet resources. Management Complexity: Reducing the complexity of managing a diverse IT environment with multiple security and access control solutions. Solution: The manufacturing company adopted Windows 365 Cloud PC, Microsoft Entra Private Access, Microsoft Entra Internet Access, and Microsoft Entra Identity Governance to address these challenges: Windows 365 Cloud PC: Scalability: Enabled the company to quickly scale virtual desktops based on demand, providing flexibility for remote and hybrid work. Centralized Management: Simplified IT management with centralized control over updates, patches, and configurations. Consistent User Experience: Delivered seamless user experience across devices, ensuring employees can access critical applications and data efficiently. Microsoft Entra Private Access: Zero Trust Security: Implemented Zero Trust principles to secure access to private applications and resources, ensuring only authorized users could access sensitive information. Conditional Access: Used Conditional Access policies to control access based on user identity, device health, and location, enhancing security. VPN Replacement: Replaced the legacy VPN solution with Microsoft Entra Private Access, providing secure access to private corporate resources without the need for a traditional VPN. Microsoft Entra Internet Access: Secure Web Gateway: Provided identity-centric Secure Web Gateway (SWG) to protect against malicious internet traffic and ensure secure access to SaaS applications and internet resources. Threat Protection: Enhanced protection against internet threats, ensuring that employees can safely access the internet and SaaS applications. Microsoft Entra Identity Governance: Identity Lifecycle Management: Automated the creation, updating, and removal of user identities based on signals from HR systems, ensuring that employees had the right access from day one and that access was revoked promptly when they left the organization. Access Lifecycle Management: Managed access rights across various resources, ensuring that employees had appropriate access based on their roles and responsibilities. This included automated access reviews and entitlement management to maintain compliance and security. Privileged Access Management: Secured privileged accounts by implementing policies for just-in-time access and monitoring privileged activities to prevent misuse. Outcome: Enhanced Security: The company achieved a higher level of security with Zero Trust principles, protecting sensitive manufacturing data and ensuring compliance with international regulations. Improved Performance: Employees experienced improved performance and reliability with Windows 365 Cloud PC, enabling them to work efficiently from any location. Scalability and Flexibility: The company could easily scale its virtual desktop implementation to meet changing demands, supporting a dynamic workforce. Streamlined Management: IT teams benefited from simplified management and centralized control, reducing administrative overhead and improving operational efficiency. Comprehensive Threat Protection: The company effectively mitigated internet threats and ensured secure access to SaaS applications and internet resources. By integrating Windows 365 Cloud PC, Microsoft Entra Private Access, Microsoft Entra Internet Access, and Microsoft Entra Identity Governance, the manufacturing company successfully created a secure, scalable, and efficient remote work environment, enhancing productivity and ensuring compliance with industry regulations. The desired least privilege for 3 rd party access was achieved by isolating the users on a compliant device segmented by per app VPN access via Global Secure Access. Case Study: A Healthcare Provider Background: A large healthcare provider with multiple hospitals and clinics across the United States needed to ensure secure remote access for its staff to access patient records and other sensitive information. The provider faced challenges with its existing remote access infrastructure, which was not adequately equipped to handle the increased demand for remote work and stringent regulatory requirements such as HIPAA. Additionally, the provider required a solution for verifiable identity to manage the lifecycle of user identities, including joiner, mover, and leaver scenarios, and to ensure that only authorized personnel could access sensitive patient data. Challenges: Data Security and Compliance: Ensuring the protection of sensitive patient data and compliance with healthcare regulations such as HIPAA. Scalability: The need to quickly scale remote access solutions to accommodate a growing number of remote healthcare professionals. User Experience: Providing seamless and efficient user experience for healthcare professionals accessing critical applications and patient records remotely. Identity Governance: Managing the lifecycle of user identities, including the creation, updating, and removal of access rights, to ensure that healthcare professionals had appropriate access based on their roles and responsibilities. Verifiable Identity: Implementing a system to verify the identities of healthcare professionals securely and efficiently. Solution: The healthcare provider adopted Windows 365, Microsoft Entra Private Access, Microsoft Entra Internet Access, Microsoft Entra Identity Governance, and Microsoft Entra Verified ID to address these challenges: Windows 365: Scalability: Enabled the provider to quickly scale virtual desktops based on demand, providing flexibility for remote and hybrid work. Centralized Management: Simplified IT management with centralized control over updates, patches, and configurations. Consistent User Experience: Delivered seamless user experience across devices, ensuring healthcare professionals can access critical applications and patient data efficiently. Microsoft Entra Private Access: Zero Trust Security: Implemented Zero Trust principles to secure access to private applications and resources, ensuring only authorized users could access sensitive information. Conditional Access: Used Conditional Access policies to control access based on user identity, device health, and location, enhancing security. VPN Replacement: Replaced the legacy VPN solution with Microsoft Entra Private Access, providing secure access to private corporate resources without the need for a traditional VPN. Microsoft Entra Internet Access: Secure Web Gateway: Provided identity-centric Secure Web Gateway (SWG) to protect against malicious internet traffic and ensure secure access to SaaS applications and internet resources. Threat Protection: Enhanced protection against internet threats, ensuring that healthcare professionals could safely access the internet and SaaS applications. Microsoft Entra Identity Governance: Identity Lifecycle Management: Automated the creation, updating, and removal of user identities based on signals from HR systems, ensuring that healthcare professionals had the right access from day one and that access was revoked promptly when they left the organization. Access Lifecycle Management: Managed access rights across various resources, ensuring that healthcare professionals had appropriate access based on their roles and responsibilities. This included automated access reviews and entitlement management to maintain compliance and security. Privileged Access Management: Secured privileged accounts by implementing policies for just-in-time access and monitoring privileged activities to prevent misuse Microsoft Entra Verified ID: Verifiable Credentials: Implemented a managed verifiable credential service to issue and verify credentials for healthcare professionals. This ensured that only verified individuals could access sensitive patient data and applications. Identity Verification: Used verifiable credentials to confirm the identities of healthcare professionals during onboarding and access requests, enhancing security and compliance. Decentralized Identity: Leveraged decentralized identifiers (DIDs) to provide healthcare professionals with self-owned, verifiable credentials that could be securely stored and presented when needed. Outcome: Enhanced Security: The provider achieved a higher level of security with Zero Trust principles, protecting sensitive patient data and ensuring compliance with healthcare regulations. Improved Performance: Healthcare professionals experienced improved performance and reliability with Windows 365, enabling them to work efficiently from any location. Scalability and Flexibility: The provider could easily scale its virtual desktop implementation to meet changing demands, supporting a dynamic workforce. Streamlined Management: IT teams benefited from simplified management and centralized control, reducing administrative overhead and improving operational efficiency. Comprehensive Threat Protection: The provider effectively mitigated internet threats and ensured secure access to SaaS applications and internet resources. Verifiable Identity: The use of Microsoft Entra Verified ID ensured that only verified healthcare professionals could access sensitive patient data, enhancing security and compliance. By adopting Windows 365 and the Microsoft Entra Suite, the healthcare provider successfully met their stringent requirements for secure remote access. They achieved enhanced security and compliance with healthcare regulations, ensuring the protection of sensitive patient data. The scalable and flexible virtual desktop provided by Windows 365 allowed the provider to support a dynamic remote workforce efficiently. Additionally, the integration of Microsoft Entra Private Access, Internet Access, Identity Governance, and Verified ID ensured robust identity management, secure access to internal resources, and protection against internet threats. This comprehensive solution streamlined IT management, improved operational efficiency, and delivered seamless user experience for healthcare professionals, ultimately enabling the provider to maintain high standards of patient care and data security in a remote work environment. These case studies demonstrate the versatility and effectiveness of Windows 365 and Microsoft Entra Suite in enhancing secure remote work across various industries. If you need more details or have any other questions, feel free to ask! When comparing Windows 365 and Microsoft Entra Suite to other remote work tools, several key factors come into play, including security, ease of use, scalability, and integration capabilities. Here’s a comparison with some popular remote work solutions: Windows 365 vs. Traditional Virtual Desktop Solutions Windows 365: Simplicity and Ease of Use: Widows 365 is designed for straightforward deployment and management. It provides seamless experience with minimal setup, making it ideal for organizations that need quick, reliable access to virtual desktops without the extensive technical customization. Per-User Licensing: Windows 365 uses a per-user licensing model, which simplifies budgeting and cost management. This model allows for predictable costs, making it easier for businesses to plan their expenses. Integration with Microsoft Ecosystem: Being a Microsoft product, Windows 365 integrates seamlessly with other Microsoft services like Microsoft 365, Microsoft Entra ID, Microsoft Intune, Microsoft Entra Suite, Microsoft Defender for Endpoint, and many more. This integration enhances productivity and security by providing a unified environment. Scalability: Windows 365 can easily scale to meet the needs of growing businesses. Whether you need to add more users or increase resources, Windows 365 can adapt to changing demands without significant reconfiguration. Security: Windows 365 benefits from Microsoft’s robust security infrastructure. It includes features like multi-factor authentication, conditional access, Microsoft Intune, Microsoft Defender for Endpoint, Microsoft Entra Suite (Entra Private/Internet Access, Entra Identity Governance, Entra Identity Protection, Entra Verified ID) ensuring that your data, resources, and applications are always protected. Consistent User Experience: Windows 365 provides a consistent and familiar Windows experience across devices. Users can access their Cloud PC from any device with an internet connection, maintaining productivity and continuity. Traditional Virtual Desktop Solutions: Complexity in Setup and Management: Traditional solutions can be complex to set up and manage, requiring significant IT expertise and resources. This complexity can lead to higher operational costs and longer deployment times. Scalability Issues: Scaling traditional virtual desktops solutions can be challenging. Adding new users or increasing resources often requires substantial reconfiguration and investment in additional hardware. Integration Challenges: Non-Microsoft solutions may not integrate as seamlessly with other tools and services, especially those within the Microsoft ecosystem. This can result in fragmented user experience and reduced productivity. Security Concerns: While traditional solutions offer security features, they may not match the comprehensive security infrastructure provided by Microsoft. This includes advanced threat protection, multi-factor authentication, and seamless integration with security tools like Microsoft Defender and Microsoft Entra Suite. Cost Management: Traditional solutions often use a per-device licensing model, which can be less predictable and more expensive compared to the per-user licensing model of Windows 365. This can make budgeting and cost management more difficult. User Experience: Traditional solutions might not provide a consistent and familiar user experience across different devices. Users may face issues with performance and accessibility, impacting their productivity. Microsoft Entra Suite vs Other Identity and Access Management (IAM) Solutions Microsoft Entra Suite: Microsoft Entra Private Access Identity-Centric Zero Trust Network Access (ZTNA): Replaces traditional VPNs with a more secure, identity-centric approach, reducing the attack surface and mitigating lateral movement. Seamless Access: Provides fast, seamless access to private applications from any device and location, enhancing user productivity. Conditional Access Policies: Enforces adaptive Conditional Access controls, including multifactor authentication (MFA), to validate both device and user identities. Microsoft Entra Internet Access Secure Web Gateway (SWG): Protects against malicious internet traffic and unsafe content, ensuring secure access to SaaS apps and internet resources. Identity-Centric Security: Integrates identity and network access controls to provide comprehensive protection across public and private networks. Microsoft Entra ID Governance Automated Identity Lifecycle Management: Ensures that the right people have the right access to the right resources at the right time, improving productivity and security. Access Reviews and Compliance: Facilitates regular access reviews and compliance checks to reduce the risk of access abuse and ensure regulatory compliance. Delegated Access Management: Allows business groups to manage access requests and approvals, streamlining operations and reducing IT workload. Microsoft Entra Verified ID Digital Identity Verification: Enables secure, real-time verification of identity claims and credentials, reducing fraud and improving trust. Self-Service Enrollment: Simplifies identity verification processes, reducing the need for support calls and manual checks. Open Standards-Based: Built on open standards, ensuring interoperability and flexibility for various use cases. Least Privilege Access Role-Based Access Control (RBAC): Assigns users the minimum permissions necessary to perform their duties, reducing the risk of unauthorized access. Just-In-Time Access: Grants access rights only for the duration needed, minimizing the window of opportunity for potential attackers. Regular Audits: Conducts periodic reviews of user access to ensure compliance with the principle of least privilege. Microsoft Entra ID Protection Advanced Threat Detection: Uses machine learning to identify and respond to sign-in risks and unusual user behavior in real-time. Adaptive Access Policies: Automatically adjusts access policies based on detected risks, enhancing security without compromising user experience. Integration with Security Tools: Seamlessly integrates with other Microsoft and non-Microsoft security solutions for comprehensive threat management. Other IAM Solutions: Security: Varies widely depending on the provider but may not offer the same level of integration with Conditional Access and Zero Trust principles. Ease of Use: User experience can vary, with some solutions requiring more complex setup and management. Scalability: Many IAM solutions are scalable, but integration with existing systems can be challenging. Integration: May not integrate as seamlessly with Microsoft 365 and other productivity tools, potentially leading to a fragmented user experience. Other Secure Access Service Edge (SASE) Solutions Security: Generally strong, but the level of identity integration can vary. Ease of Use: User experience can differ, with some solutions requiring more complex configurations. Scalability: Typically scalable, but integration with existing systems and applications can be a challenge. Integration: May not offer the same level of integration with Microsoft 365 and other productivity tools, potentially leading to a less cohesive experience. Conclusion Windows 365 and Microsoft Entra Suite offer robust, scalable, and integrated solutions for secure remote work. This combined solution stands out for its comprehensive security features, ease of use, and seamless integration with other Microsoft services. While other solutions may offer strong security and scalability, the deep integration and unified ecosystem provided by Microsoft can significantly enhance productivity and security for remote hybrid work environments. Stay tuned for a follow up blog discussing the Business Value of this combined solution (ROI/TCO).Announcing new regions for Windows 365.
Today I am pleased to announce that we have enabled two new regions for Windows 365. You can now deploy your Cloud PCs into Italy and Poland, specifically the Italy North and Poland Central regions. Within a provisioning policy if you select the European Geography, you can then select Italy North or Poland Central: This increases the number of Azure regions that Windows 365 supports enabling you more choice as to where you locate your Cloud PCs and enables you to place them closer to your user estate in those locations, reducing the latency for users in those locations. We will continue to enable new regions over the coming years to provide more choice and flexibility for your Cloud PCs, providing the maximum choice of global Azure regions. Over the coming years new Azure regions will be announced and we will be enabling Windows 365 from these as they become available. This also demonstrates our commitment to our customers to continue to evolve the service to grow into existing and new Azure regions, so that you can provide the best service to your own organization.Windows in the Cloud at Microsoft Technical Takeoff: November 27-30
If you're looking to go deeper into the Windows 365 and Azure Virtual Desktop announcements from Microsoft Ignite -- and find demos and tips -- join us at the Microsoft Technical Takeoff! Watch deep dives and ask questions live, or catch up on demand and ask questions all week. Here's what's on deck for sessions talking about Windows in the cloud: Exploring Windows cloud solutions: Insights and sample scenarios Nov 27 - 8:00 AM PT What's new and what's next for Windows 365 and Azure Virtual Desktop Nov 27 - 8:30 AM PT Windows 365 and Azure Virtual Desktop powered by Microsoft Intune Nov 27 - 10:30 AM PT Intelligent IT management for Windows 365 and Azure Virtual Desktop Nov 28 - 8:00 AM PT Securing Windows in the cloud: a practical approach for Cloud PCs & Cloud VDI Nov 28 - 11:00 AM PT Accelerate your migration to Windows 365 and Azure Virtual Desktop Nov 29 - 9:30 AM PT VMware Horizon for Windows 365 deep dive Nov 29 - 11:30 AM PT Boosting your productivity with Windows 365 Business Nov 30 - 7:30 AM PT Windows 365 Frontline: let’s talk deployment (and the road ahead!) Nov 30 - 9:30 AM PT Hope to see you there!
Teams Secondary Ringer Fails to maintain Setting when moving between sites
I find moving between two different environments (Office and Home) where I have two slightly different dock environments, the Secondary Ringer changes itself to "None". This is quite annoying and if I forget to manually change, I miss calls. Changing environments is a regular weekly feature of my workflow. Please consider adding a feature to "remember" environments that one visits regularly, and apply the settings that user set in these environments, automatically. Automatically, as in, I do not wish this to be a regular requiremnet to be a "user initiated" change, but needs to just happen when the environment changes. Default shall be to the previous setting. Even better, would be the ability to set a Secondary Ringer default for each environment, and this to be detected by Teams and settings change accordingly. E.g. One Dock type uses a particular driWindows 365 Frontline Cloud PC in shared mode – Quick Start Guide
Windows 365 Frontline Cloud PC in shared mode overview Windows 365 Frontline Cloud PC in shared mode builds upon the flexible licensing and usage model of Windows 365 Frontline by enabling the provisioning of shared Cloud PCs for groups of users to access on an occasional or part-time basis. With Windows 365 Frontline, IT administrators can provision collections of standardized, shared Cloud PCs that are assigned to groups of users and dynamically allocated on a one-user-per-PC basis for the duration of their work. When a user signs in, a new user profile is created to facilitate their task, and upon sign-out, the user profile is deleted, preparing the device for the next user. This efficient model allows for optimized resource utilization and streamlines device management, making it an ideal solution for environments requiring flexible and shared computing resources. Recommended use cases Retail, manufacturing and other Frontline staff: Ideal for environments where multiple users need brief access to a Cloud PC to perform specific tasks. For example, retail staff can use shared Cloud PCs to enter inventory information or update data in a line-of-business application. Contractor Scenarios: Contractors who need temporary or occasional access to a company resource for specific projects. Training and Labs: Shared Cloud PCs can be used in training sessions or educational settings where multiple users need access to the same resources at different times. Not recommended use cases Information workers: If users require regular, persistent and personalized access to their data and applications, a dedicated Cloud PC (provided by either Windows 365 Enterprise or Windows 365 Frontline Cloud PC in dedicated mode) is recommended. Licensing To get started with Windows 365 Frontline Cloud PCs in shared mode, you’ll first need some licenses. If you already have Windows 365 Frontline that you’ve been using for “Dedicated” mode, you can use some of those same licenses for Frontline Cloud PC in shared mode. If you don’t have any licenses yet, you can find them on the Microsoft 365 admin center. The following trial is available: A 2 vCPU, 8 GB, 128 GB (1 license/1 month) It’s important to note that Windows 365 Frontline licenses are not assigned to individual users, instead they are surfaced in the Windows 365 provisioning experience and in shared mode, one license allows you to provision one shared Cloud PC. Learn more about Windows 365 Frontline licensing on Microsoft Learn. Provisioning Cloud PCs Provisioning Windows 365 Frontline Cloud PC in shared mode is simple and familiar if you have already used Windows 365. After purchasing Windows 365 Frontline licenses, go to the Microsoft Intune admin center, then Devices and then find the Windows 365 option under device onboarding. Choose the provisioning policies tab. Create a new provisioning policy: License type choose “Frontline” Frontline type choose “Shared” Continue provisioning policy creation with settings optimal to your organization. For best results, we recommend the following modern and simple, cloud-based settings: Join type: Microsoft Entra Join Network: Microsoft hosted network Geography and Region: Choose based on your needs. The supported regions are listed below. On the Image page, we recommend choosing the default Gallery image option, as this is the latest release of Windows (Windows 11 Enterprise 24H2) and it's automatically updated with the latest Windows updates each month. Depending on your scenario, choose between the gallery image with or without Office (Microsoft 365 Apps) already installed. On the Configuration page, configure any optional settings such as choosing appropriate Language & Region settings, applying a device naming template or linking an Autopilot Device Preparation (Preview) policy to ensure Intune Apps and Scripts are applied during provisioning. The optional Autopilot Device Preparation setup steps are covered in more detail below. On the Assignments page, choose the group of users you’d like to have access to shared Cloud PCs once they are provisioned, then choose additional assignment options: Select Cloud PC size. Here you will see the different Windows 365 Frontline licenses you have available in your tenant. You can also see how many licenses are remaining to use in this provisioning policy. Under Assignment name, choose a friendly name that represents the pool of shared Cloud PCs. Choose a name that users will recognize when navigating between different Cloud PCs in the Windows App. The name that you choose here will also be visible on the All Cloud PC list and on IT admin reporting experiences. Under Number of Cloud PCs, choose how many Cloud PCs you’d like to provision and make available to this group of users. Once you complete creating the Provisioning policy, the Cloud PCs will start Provisioning. Review progress in the All Cloud PCs list. Autopilot Device Preparation (Preview) Autopilot Deployment Preparation (AP-DP) profiles can be included in Windows 365 Frontline shared provisioning policies to ensure that essential Intune required, device-targeted apps and scripts are installed on shared Cloud PCs during the provisioning process, before user sign-in. This feature helps increase standardization of shared Cloud PCs while reducing the management overhead that comes with IT admins creating and managing their own custom images with pre-installed applications. Autopilot device preparation tracks the installation progress of specified Intune applications and scripts during Cloud PC provisioning. Instead of marking Cloud PCs as “provisioned” after Intune enrollment, Autopilot and Windows 365 wait until those workloads are fully installed. IT admins will see a new status of “Preparing” reflected in the console while device preparation is underway. To set up Autopilot Device Preparation for Frontline Cloud PCs in shared mode there are four key steps: 1. Create an Entra ID device group Under Intune > Groups, create a new group. This group is an “assigned” group (also known as a static group) which will initially have no members. It will be populated with Cloud PCs that enroll into Intune during the provisioning process. To enable allow this process to happen, you must assign the “Intune Provisioning Client” as a group owner. Tip: If you have trouble finding this service principle in your tenant, it may have a different name or need to be added. See the Autopilot documentation on Microsoft Learn. 2. Create and assign Intune Apps and Scripts Each Intune Application or Script that you want to install on Cloud PCs must be added to Intune and assigned to the Entra ID device group created in the first step. Tip: You must also ensure that each application and script supports AP-DP and is also configured to install in the “System” context. Learn which Intune app types are supported on Microsoft Learn. 3. Create a Device Preparation Profile In the Intune admin center, under Devices>Enrollment, select Autopilot Device Preparation, create a new Device Preparation Policy: Choose Automatic (Preview) for the type of AP-DP profile. Under Groups, choose the device group you created earlier. As Cloud PCs apply this preparation profile, they will be dynamically added to this group. Under Configuration, choose each of the Intune apps and scripts that must be installed during the Cloud PC preparation phase. 4. Create a Cloud PC provisioning policy Now that you have created the AP-DP profile, the next step is to associate it to your Frontline shared Provisioning policy. Under the configuration tab of a new or existing Windows 365 Provisioning Policy, choose the profile you created in the previous steps and adjust some optional parameters based on your requirements: Minutes allowed before device preparation fails: 30 minutes as a general default but you may need to allow longer for large apps or long-running scripts. Prevent users from connection to Cloud PC upon installation failure or timeout: Unchecked as a recommended default. Enable this checkbox if you want Cloud PC provisioning to fail if AP-DP apps and scripts fail to install or timeout, for example if one of the apps is a mandatory security or compliance requirement. Windows 365 Frontline Cloud PC in shared mode: User experience Once Cloud PCs are provisioned for users, a tile will appear in the Windows app (on web, desktop and mobile platforms) and are tagged with "Frontline shared". Users can have multiple Cloud PCs, including Enterprise, Shared and Dedicated appear for them and can organize and pin them as favorites. When users connect, they are dynamically routed to one of the available shared Cloud PCs in the collection and have a new Windows profile created for them that lasts the duration of their task. The connection and Windows profile creation experience has been optimized to provide employees with a fast connection so that they can get productive immediately. Once signed in, users can access Microsoft and line-of-business applications to complete their tasks. OneDrive sync and Edge are pre-configured so that users can save and persist files and browser settings via between sessions. Once a user finishes their tasks, they can sign out and know that any changes made to the shared Cloud PC will be removed along with their profile, and that the device will be reset for the next user to be immediately productive. Users do have the option to keep sessions active by choosing to “disconnect” from the start menu or closing the Windows app if they need to resume tasks from another physical endpoint. If in any case the Cloud PC becomes unresponsive during use, users are able to get connected with a new Cloud PC by going to the Windows App and selecting “Reset” on the Cloud PC tile. This will restart the currently connected Cloud PC and the user to immediately connect to a new Cloud PC. Planning for and monitoring usage of shared Cloud PCs One consideration for organizations starting out with Windows 365 Frontline Cloud PC in shared mode is determining the appropriate number of shared Cloud PCs (and licenses) needed for a group of users. Windows 365 allows one active user on a shared Cloud PC at a time, so organizations need to consider how many shared Cloud PCs to provision for the scenario at hand. When planning, there are two general approaches for determining the right number of Cloud PCs to provision: If you are migrating a scenario from another VDI solution, it’s helpful to review reports that show maximum concurrency. This is the number of Cloud PCs you will need to provision. If you are designing and building a new solution that requires connection from physical endpoints, for example setting up a new retail store, consider the number of physical endpoints that are available for employees. This is the number of Cloud PCs you need to provision. Concurrent Frontline Cloud PC connections report The Concurrent Windows 365 Frontline Cloud PC connections report can be used to monitor the usage of Windows 365 Frontline Cloud PCs and make adjustments to the number of Cloud PCs over time. For example, if a retail floor staff group is approaching concurrency limits consistently, there is the option to increase the number of shared Cloud PCs available for these users. rrency limits. Coming soon: In addition to observing concurrent usage up to the maximum limit, IT admins will be able to see which users were prevented from connecting to Cloud PCs as pictured above. Learn more about the Connected Frontline Cloud PCs report on Microsoft Learn. Alerts for Frontline Cloud PCs near concurrency limit In addition to the reports, IT Admins can configure email alerts to be informed about approaching concurrency limits and take action. Alerts are configured in the Intune admin center under Tenant Administration > Alerts > Alert rules > Frontline Cloud PCs near concurrency limit. Learn more about the Alert rules and experience on Microsoft Learn. Adjusting Frontline shared assignments Windows 365 Frontline makes it easy to adjust the number of shared Cloud PCs available to users. To increase the number of Cloud PCs: Select the provisioning policy that you have created and assigned to users. In the “Assignments” section click “Edit.” Select “Cloud PC size” which will give the option to adjust the number of Cloud PCs available in the collection. The number of shared Cloud PCs can be increased, for instance, from 20 to 25 Cloud PCs. IT admins can also adjust the idle and disconnect timeout limits for a group of shared devices. By default, Cloud PCs in shared mode will automatically transition shared devices from "Active" to "Idle" after 15 minutes of no user inactivity, and then automatically disconnect and make the Cloud PC available for other users after another 30 minutes. The default policy can be changed based on the organization’s preferences. Learn more about how to set idle session policies on Microsoft Learn. Keeping shared Cloud PCs in a desired state ready for task productivity To ensure task productivity and operational efficiency, many organizations need to standardize the experience for their employees. To revert all devices back to a known-good working configuration or to roll them forward to a newer configuration, IT admins can go to the Provisioning policy and choose Reprovision. When reprovisioning, IT admins can opt for either immediate reprovisioning or a scheduled reprovisioning. When combined with the "Gallery Image" option, scheduled reprovision is a great way to ensure that the collection of Cloud PCs is always running the most up-to-date and secure versions of Windows. For example, IT admins can choose the “Monthly” option and then select “Second Friday of the month” to ensure that devices are reprovisioned with the latest and most up to date Windows 365 Gallery image, which is updated by Microsoft each month. Both Immediate and Scheduled options ensure that user productivity remains unaffected by allowing administrators to designate a percentage of shared Cloud PCs to remain available. Importantly, invoking a bulk reprovision action does not immediately disconnect users with active sessions, but waits until those users sign out to begin the process. Learn more about bulk reprovisioning on Microsoft Learn. Supported regions when provisioning Frontline Cloud PCs in shared mode Windows 365 Frontline in shared mode is expanding into data centers around the world. The following Azure regions are currently supported, with many more on the way: Australia East Canada Central North Europe Central India Japan East Japan West South Africa North UK South Central US East US East US 2 West US 3 South Central US East Asia Southeast Asia UAE North (Coming Soon) Germany West Central (Coming Soon) Norway East (Coming Soon) Switzerland North (Coming Soon) Korea Central (Coming Soon) Next steps This blog post covers key capabilities and features of the new Windows 365 Frontline Cloud PCs in shared mode solution. To get a deeper understanding of the solution, we recommend trying it out in your organization and diving into the product documentation on Microsoft Learn. If you have any feedback on your experience with this solution or if there are things you'd like to see as this product evolves, please let us know!
