Microphone & camera passthrough to Cloud PC from MacBook
I have a M1 MacBook Pro that I use to connect to my Cloud PC for work via the Microsoft App. I try to use the Teams app installed locally on the Cloud PC for making and accepting calls but I am having a lot of audio issues. First of all, the person I am calling sounds very tinny (kinda like a chipmunk!) and they cannot hear me. Video doesn't seem to work properly either. I have had very little luck with my external webcam (some Logitech one, don't actually know the model but I don't think it makes a difference? but it has a microphone). There has the very odd few times that a call is working fine but then after a few seconds or so, or when I start sharing my screen on the Cloud PC after a minute of the call starting, I start to experience the same issues with audio as explained above. I am running Sequoia 15.6, the Mac Windows App is version 11.1.5 (2585). Admittedly I've mostly tried in clamshell mode and connected to external earphones (AirPods Pro). I used to use my earphones via the Citrix app on VDI with no issues previously. Any solutions would be gratefully received. Thank you365 stuck at "Setting Up" after license reassignment, is there a way to force reprovisioning?
I am fairly new to managing Windows 365, and I've run into an issue that seems like it should have a simple fix, but hasn't been so straightforward in practice. I have a 365 Business cloud PC under one user (admin). After testing a few things, I removed the license from that user and reassigned it to a new employee. The portal now shows " Setting up Cloud Pc" for that user, and it's been stuck there for several hours with no sign of progress. I have tried : Unassigned and reassigned the license again. Restarted the cloud PC from the portal ( though it's not active). is there a way to manually trigger or force reprovisioning of the Cloud PC after a license reassignment ?
Unable to assign license to employee
Hi, I'm new to Windows 365 and just bought it today. Login by main account and installed a couple of software in the Cloud PC without any issues. However, when I go to admin and reassign the license to employee's account. It's been stuck at setting up for hours. Any way to fix this issue? I tried to log back in with admin's account, restart, reset. Yet, unable to get pass the setting up screen when re-assign it to employee's account. Thanks
Cannot run programs or installers "as administrator" on Windows 365 Business
Summary: Cannot run any program as administrator. Getting error "The requested operation requires elevation." in the UAC dialog. Hello, I am new to Windows 365. In November 2021 we tried Windows 365 Business and had no problems installing any program. After this trial we suggested one of our customers to use Windows 365 to run our program (we are an ISV). Now (in January 2022) the customer has a Windows 365 Business Cloud PC. But we cannot install any program or even run anything "as administrator". Notable difference between November and January is that in November we had a cloud pc with Windows 10. Our customer started in January has Windows 11 on the cloud pc. According to the documentation ( https://docs.microsoft.com/en-us/windows-365/business/get-started-windows-365-business?view=o365-worldwide#installing-apps ) the user should have Local Administration rights. But when I start for example the Command Prompt with Run as administrator. I get the UAC (User Account Control) asking me permission. Entering the credentials, same as the one I used to log in to the cloud pc, I get the following error message: "The requested operation requires elevation." What we have tried so far to solve this problem ourselves: restarted the cloud pc reinstalled the cloud pc double checked it is Business not Enterprise by checking that I could not use endpoint manager. searched the internet and this forum for this same issue, could not find any I have run out ideas. Any one any idea how to solve this? Or how/where to turn on the local administration permission? Thanks
Domain matching despite business verification rejection
Hello, I have been working with support in good faith after submitting a ticket request; they had asked me to submit proof of business name document and a domain registration document to verify that the domain I have on my profile matches the domain on the registration: " Dear Partner, Thank you for your inquiry about your Microsoft Partner Network account in Partner Center. We need more information from you to verify your Microsoft Partner Network account. To proceed with your request, and review your organization's status, please help us by emailing us the following documents. Please ensure that they are issued within the previous 12 months: Domain registration / Domain invoice at registration or renewal that lists Entity/Username and domain as it is stated on your account. Official business document, such as a business registration form, business charter, or articles of incorporation that lists Entity name and address as it is stated on your account. If not possible to provide additional documentation, please update your account information to match with documents already provided. List of supported file types and max. file size: screenshots (only from a source such as government) .pdf format Attachments larger than 8MB cannot be received by our system. Please advise if you are unable to provide smaller attachments. Thank you and best regards, Microsoft Operations " When I submitted initially, they said that there were unable to open the PDF documents that were attached (first time this has ever happened to me): "Dear Partner, We were unable to open any of the documents you have provided. Would you kindly send the documents again in the right format. Here is the list of the file types and max.file size that we require. screenshots (only from a source such as government) .pdf format Attachments larger than 8MB cannot be received by our system. Please advise if you are unable to provide smaller attachments. Thank you and best regards, Microsoft Operations" So I resubmitted the second time with screenshots showing that I have the PDF attached on my side and reattached the same PDFs as the last email. It appears that support then accepted the documents but sent this response: "Dear Partner, I am afraid that the provided document does not list the domain that appears on your Profile. If additional documentation containing this info is not available, please update your Profile to match the documents already provided. Thank you and best regards, Microsoft Operations" I am confident that the domain name on my profile exactly matched what is provided on the document, since it appears support accepted the domain registration document that I provided. Please see what should be attached as a screenshot below, showing the domain match: Domain registration document: Profile: Again, I have and am continuing to work with them to resolve this, so how can I get this moving forward? If further requested, I can provide the ticket number as well.
W365 Disk partitioning
Dear All, I tried some disk partitioning on a Windows 365 machine. I shrunk the default C: drive that came with W365 machine after provisioning and created successfully another drive (named it 😧 drive). I have a couple of questions here: 1. I have found that my D drive doesn't show on "My PC" of this Windows 365 Cloud PC, but it is accessible and works fine, I can save files there. Could you please help clarify if this is intentionally not shown on My PC? (only c drive with used and remaining space after partitioning is visible at the moment.) 2. Can I manage to do disk partition for multiple Windows 365 Cloud PCs centrally from endpoint management portal or somewhere? Note: I tested this on Windows 365 Business Edition but these questions should cover Enterprise edition as well. Thank you very much
Saving Cloud PC data for a time and then restoring
Hi, I'm in a position where we have a cloud PC user who is currently on maternity leave. Whilst she is away we have a new starter covering her position. I'm wondering if there's a way to save the data that's on the mat leave user's CPC so we can free up the license for the new starter? Then be able to restore the saved data when the first user is back from mat leave. I couldn't see anything about this online but thought it might be worth a shot asking on here. If not, would it potentially be buying another license and spinning up a new CPC? Thanks in advance! Joel
How to Automate Windows 365 Cloud PC Last Login monitoring!
Automate Windows 365 Cloud PC Last Login monitoring! (Windows 365, Azure Active Directory, Power Automate, MS Graph) Contributors: Juan José Guirola Sr. (Next Generation Endpoint GBB for Americas) Bobby Chang (Power Platform GBB for Americas) Enterprises of all sizes are adopting and aligning Windows 365 to solve several business-critical scenarios. Organizations appreciate the simplicity of the solution, rapid deployment, and enhanced end user experience; offering the opportunity to include new solutions to their services catalog! Part of the simplicity of Windows 365 is that its management plane is Microsoft Intune. Leveraging the Windows 365 admin blade in Intune, administrators can perform the initial configuration of the service and perform on going monitoring of Cloud PCs deployed within the enterprise with several reports being made visible through the “Reports” blade, to include Device management, Endpoint Security, Endpoint Analytics, etc. We have recently introduced a new type of analytical report – Cloud PC utilization report (preview) – which brings visibility to Cloud PCs with low usage. This is a nice addition to the platform, and a much-needed report. For some organizations, that level of reporting will suffice. But if you are looking for a more custom report that aligns to the specific goals and needs of your organization, then keep reading. This blog will describe how to use the Microsoft Power Platform to automate the reporting of Windows 365 based on your specific criteria and receive notifications via email when the criteria is met. In our example, we are setting the criteria to report on Cloud PCs that have not been logged on to for 60 days or more. Let’s get started. Prerequisites The following items are required to automate the process and deploy in a production environment: (For personal development and sandbox/testing scenario, you can use the Microsoft 365 Developer Plan and Power Apps Developer Plan). Windows 365 Enterprise Licenses Azure Active Directory (Azure AD) Premium (P1/P2) Microsoft Endpoint Manager Power Automate per flow plan Microsoft Graph (Windows 365 Cloud PC MS Graph API in beta) Working with Windows 365 Cloud PCs using the Microsoft Graph API Azure App Registration with the following permissions: CloudPC.Read.All. For enterprise production scenarios, we would recommend leveraging the Application Lifecycle Management (ALM) capabilities in Power Platform, in order to safely adopt future changes to your processes. However, this is outside of the scope of this blog post. Register MS Graph in Azure AD If you have followed our previous BLOG – How to automate Windows 365 Cloud PC self-service requests – you may have already performed these steps. If so, please proceed to the next section of this BLOG. Register MS Graph as an Enterprise application in Azure Active Directory. Log into the Azure portal with appropriate permissions for making application registrations. Global Administrator privileges will provide the permissions to make application registrations; there are other options by following the custom role details in this documentation Custom role permissions for app registration - Azure AD - Microsoft Entra | Microsoft Docs. In the Azure services portal, click Azure Active Directory > Azure Active Directory. Figure 1: A screenshot of the Azure Active Directory blade in the Azure services portal. Select App registrations in the left navigation menu. Click New registration. Give the application a name, select Single Tenant for the supported account type, and then click Register. Figure 2 : A screenshot of the Register an application screen, showing the details that need to be identified for the new application. Note your Directory (tenant) ID and Application (client) ID GUIDs and then click on API Permissions. Figure 3: A screenshot of the recently created application overview with the Application (client) ID and Directory (tenant) ID details highlighted. Click API permissions in the left navigation menu. Click Add a Permission. Select Microsoft.Graph and choose Application permissions. Ensure the following permissions are added: CloudPC.Read.All User.Read User.Read.All Group.Read.All Mail.Send (optional for sending messages via Graph ) Figure 4: A screenshot of the Select permissions setup. Once the permissions have been added, click Grant consent. Click Certificates & secrets in the left navigation menu, and then click New client secret. Important! Note this secret key and store it somewhere safe, like a key vault. This key will only be visible upon creation. Once you navigate away, you will be unable to expose the key again and will have to generate a new key. Create the Cloud PC Last Login Monitoring automation! In this section, we will build the Power Automate flows that will orchestrate the Last Login monitoring reporting process. This decision flow illustrates the end-to-end process of retrieving Cloud PC attribute values from the Microsoft Graph leveraging the Windows 365 API and parse through the LastLoginResult value to compare against our criteria of 60 days or more. Figure 5: A flowchart depicting the process for reporting Cloud PC Last Login. To begin, sign into Microsoft Power Automate with your Microsoft 365 organization credentials. From the left navigation menu, click + Create then: Click Automated cloud flow. Name the flow and choose the flow trigger, “Recurrence” from list. Click Create. Set your desired Interval. Figure 6: A screenshot that shows the Recurrence trigger. Click on + New step (To add variable for the UPN). In Choose an operation, type variable. Select Initialize variable from Actions. Type Init VARUPN details screen. Give it a name, e.g., VARUPN and select “String” as Type. Click + New step (To add variable for the “lastLoginResult” attribute value of the Cloud PC). Choose an operation, type variable. Select Initialize variable from Actions. Give it a name, e.g. lastLoginResult and select “String” as Type. Click on + New step (To add variable for the “Composed_LastLoginResult_Value” of the Cloud PC). Search for VAR in Choose an operation. Select Initialize variable. Give it a name (e.g. Composed_LastLoginResult) and select “String” as Type. Click on + New step (To add variable for CurrentDateTime). Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., DateNow) and select “String” as Type. In the Value field, Add, Expression, in Fx type utcNow() Click on + New step (To add variable for DateDifference) Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., DateDiff) and select “Integer” as Type. Click on + New step (To add variable for the “Criteria,” which in our example is 60 day +). Choose an operation, type variable. Select Initialize variable from Actions. Give it a name (e.g., More than 60 days) and select “String” as Type. At this point, we need to determine the automated actions, based on the “LastLoginResult” value of the Cloud PC. This can be accomplished by parsing through each Cloud PC LastLoginRestult value and applying a “Condition” action. Let’s add a GET step to the flow to gather Cloud PC attribute value: Click Add an action. Important! To add the control to perform Graph API calls against tenant to gather Cloud PC attribute value, search for HTTP. In the Method field, select GET. Under URI, set it up exactly as illustrated below: https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/cloudPCs? $select=userprincipalname,id,displayName,managedDeviceName,Status,imageDisplayName,lastModifiedDateTime,lastRemoteActionResult,lastLoginResult For Authentication, select Active Directory OAuth. Leave the authority as default. Enter your Tenant ID under Tenant, https://graph.microsoft.com under Audience, the AppID under Client ID, and the Secret in the Secret section. For production scenarios, you should consider storing your secret in a Key Management solution, like Azure Key Vault If you are using Azure Key Vault, then you can first add the Get Secret action from the pre-built Azure Key Vault connector (https://learn.microsoft.com/en-us/connectors/keyvault/#actions) then securely pass your Secret into this step of your automation - Figure 7: Example setup for Graph API controls to gather Cloud PC attribute value. Hide your Secret from the Power Automate run history Click on the … to the right of the Power Automate HTTP action Select Settings Turn the toggles to On for “Secure Inputs” and “Secure Outputs” in order to not display your Secret in plain text on the logs or run history Click Add an action, and search for “Parse JSON.” Under Parse JSON, select Body for the Content field and insert the body of the HTTP request response into the Schema field. Use the following schema: Figure 8: A screenshot of completed content and schema details for Parse JSON. { "type": "object", "properties": { "@@odata.context": { "type": "string" }, "value": { "type": "array", "items": { "type": "object", "properties": { "userPrincipalName": { "type": "string" }, "managedDeviceName": { "type": "string" }, "id": { "type": "string" }, "displayName": { "type": "string" }, "imageDisplayName": { "type": "string" }, "status": { "type": "string" }, "lastModifiedDateTime": { "type": "string" }, "lastRemoteActionResult": {}, "lastLoginResult": {} }, "required": [ "id", "userPrincipalName", "displayName", "imageDisplayName", "managedDeviceName", "status", "lastModifiedDateTime", "lastRemoteActionResult", "lastLoginResult" ] } } } } Note: You can also get this schema by using the Graph explorer to request from the same endpoint. Use the Generate from example button to generate the schema. Click Add action and search for “Apply to each.” In the Output field, select Value from our Parse JSON step. Click Add an action and search for “Compose.” In the Compose step, enter rungraph for: {id} Figure 9: Compose control example. Click Add an action and search for “HTTP.” Configure the HTTP using the same variables for TenantID, APpID, and Secret, as in the previous HTTP action, but using the following URI: https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/cloudPCs/@{items('Apply_to_each_2')?['id']}? $select=userprincipalname,id,displayName,managedDeviceName,Status,imageDisplayName,lastModifiedDateTime,lastLoginResult Example: Figure 10: Example setup for retrieving lastLoginResult value for each specific Cloud PC. Follow the same steps as previously outlined to hide your Secrets from the run history (Click on … > Select Settings > Turn toggles to On for “Secure Inputs” and “Secure Outputs”) Click Add an action, search for “Parse JSON.” Select Body for the Content field and insert the following into the Schema field: { "type": "object", "properties": { "@@odata.context": { "type": "string" }, "value": { "type": "array", "items": { "type": "object", "properties": { "userPrincipalName": { "type": "string" }, "managedDeviceName": { "type": "string" }, "id": { "type": "string" }, "displayName": { "type": "string" }, "imageDisplayName": { "type": "string" }, "status": { "type": "string" }, "lastModifiedDateTime": { "type": "string" }, "lastRemoteActionResult": {}, "lastLoginResult": {} }, "required": [ "id", "userPrincialName", "displayName", "imageDisplayName", "managedDeviceName", "status", "lastModifiedDateTime", "lastRemoteActionResult", "lastLoginResult" ] } } } } Figure 11: A screenshot of the Parse JSON schema. Click Add an action and search for “Condition”. Select lastLoginResult under Parse JSON for the value. Select is not equal to for condition. Under Add dynamic content, type null as the expression. Figure 12: lastLoginResult Condition Expression. At this point we are ready to add logic to the flow based on meeting the criteria of the condition. If yes - Click Add an action and search for “Set variable”. Insert a Name (e.g. lastLoginResult) For Value, select lastLoginResult under Parse JSON2 as the Dynamic content Click Add an action and search for “Compose”. Select Compose as the Data Operation. Enter the following expression in Inputs field: split(variables('lastLoginResult-Value'),'"') Click Add an action and search for “Compose”. Select Compose as the Data Operation. Enter the following expression in Inputs field: outputs('Compose_3')?[3] Click Add an action and search for “Set Variable”. Select Set Variable. Give it a Name (e.g. Composed_LastLoginResult_Value) Click on Add dynamic content to add Value Select Outputs under Compose 4 Step. Click Add an action and search for “Set Variable”. Select Set Variable. Give it a Name (e.g. DateDiff) Click on Add dynamic content to add Value Select Expression and enter the following expression div(sub(ticks(variables('DateNow')),ticks(variables('Composed_LastLoginResult_Value'))),864000000000) Now that we’ve been able to extract the proper number of days since lastlogin, let’s send out the email notifications. Click Add an action and search for “Condition”. Select DateDiff variable as the value. Select is greater than as condition. Enter 60 as the value (or whatever aligns to your criteria) Click Add an action and search for “Send an email”. Select Send an email v2. Provide a name (e.g. More than 60 Days Email notification) Enter the necessary information to the fields as necessary for your environment. See below as an example. Figure 13: Sample email template. Once you’re past the Apply to Each scope, Click Add an action, and search for “Terminate.” Set the Status to Succeeded. Return to the initial criteria Conditon to setup the the If no process. Scroll up in the workflow to access this setup. Click Add an action and search for “Set variable.” Select Set Variable. Enter a name (e.g. lastLoginResult-Value) Value enter Blank The entire flow process should look like the image below. Once you’ve completed adding in steps to your automation flow, you’re ready to test the solution. You can run a manual test or wait till the schedule task kicks off. Finally, you should receive an email like the one below: Admin Email Notification NOTE: WE WILL UPDATE THIS ARTICLE IN THE NEAR FUTURE TO INCLUDE THE ADDITION OF UPDATING A TABLE IN POWER APPS AND A FRONT FACING APPLICATION WHERE ADMINS CAN TAKE ACTION TO RECLAIM WINDOWS 365 LICENSE! STAY TUNED!!! Continue the conversation by joining us in the Microsoft 365 Tech Community! Whether you have product questions or just want to stay informed with updates on new releases, tools, and blogs, Microsoft 365 Tech Community is your go-to resource to stay connected.
