Access Denied message when loading godaddy.com
Beginning 6/15/23 I started receiving an error message when attempting to open http://www.godaddy.com. I've tried different browsers, private/incognito mode, clearing cache/cookies/etc. but the result has been the same. I've tried accessing the site from multiple CPC's and they all produce the same error. When accessing http://www.godaddy.comfrom a local managed PC or from personal PC's, there are no errors, and the site is accessible. Any assistance is greatly appreciated. The error is: Access Denied You don't have permission to access "http://www.godaddy.com/" on this server. Reference #18.4ead3c17.1687548046.57b4032
Windows 365 disconnects on lock, possible to change timeout?
We enabled the SSO/MFA preview and now when our Windows 365 RDP sessions time out they are booting the user off of the RDP session with the message "Windows Remote Desktop Client - You were disconnected because your session was locked." This is apparently by design because of the ability to use passwordless authentication and the fact the lock screen can't support this. The timeout appears to currently be 15 minutes which is fairly short if the VDI is not your only system you are working in. I am wondering if anyone knows of a way to extend this timeout to 30 or 60 minutes. This timeout does not occur if the SSO option is disabled in the provisioning policy. This is on Windows 365 not Azure VDI so there are no backend RDP server settings to change. Also, if anyone at Microsoft is reading this why does it pop up 2 of the exact same message boxes at the same time for this disconnection message? Kind of annoying.
Enable FIDO Token (RSA DS100) passthrough to W365 Machine via Windows App
Hi There, Working with Enterprise license, trying to establish the approach to allow FIDO Token, specifically the RSA DS100, to redirect from the Host device. The users can only connect via the Windows application, not via the RDP client. I have the Device Class/Driver ID of the token. It is key that removable storage is not enabled as a result of this, for obvious reasons. Ideally the allowance would be scoped to only include the token. Thanks in advance.Expanded TURN relay regions for Windows 365 and Azure Virtual Desktop
Starting June 15, 2025, we are launching a dedicated TURN relay IP range across the Microsoft Azure public cloud. This new range—51.5.0.0/16—enhances RDP Shortpath connectivity and delivers faster, more reliable performance for Azure Virtual Desktop and Windows 365 users in 40 regions worldwide. What is TURN? TURN (Traversal Using Relays around NAT) enables devices behind firewalls to establish reliable UDP connections. With RDP Shortpath for public networks, TURN acts as a fallback when a direct UDP-based connection isn’t possible—ensuring low-latency, high-reliability remote desktop sessions. As part of this transition, connections will gradually move away from the existing ACS TURN Relay range (20.202.0.0/16). This change will occur behind the scenes, but, to ensure uninterrupted service, you will need to proactively bypass the new TURN relay range (51.5.0.0/16). This new TURN relay range is part of the ‘WindowsVirtualDesktop’ service tag in Azure, making it easier for you to manage access and security configurations at scale. Benefits of the new TURN relay This change isn’t just a technical update—it’s a regional expansion. We’re scaling from 14 to 40 regions globally, bringing the TURN relay infrastructure closer to users, reducing latency, and improving connection reliability. Combined with a dedicated IP range for Azure Virtual Desktop and Windows 365 traffic, this initiative offers you more control, optimized routing, and a higher success rate for UDP-based communications. Here are the benefits in more detail: Expanding regional coverage By expanding from 14 to 40 regions globally, organizations will benefit from: Lower latency: Data travels shorter distances, resulting in faster connections and reduced lag. Improved reliability: Fewer dropped connections and more stable sessions, especially for real-time applications. Higher UDP success rates: Better performance for voice, video, and real-time data—even under variable network conditions. Dedicated IP Range for Azure Virtual Desktop and Windows 365 traffic This rollout introduces a dedicated IP range tailored for Azure Virtual Desktop and Windows 365 traffic, distinct from the ACS TURN relay. Benefits of this improvement include: Optimized traffic flow for Azure Virtual Desktop and Windows 365. Improved control over network security configurations. Customers can navigate restrictive security setups without compromising performance. Enhanced quality and speed for traffic, free from generic filtering Supported regions Below is a list of supported regions with the new TURN relay. A TURN relay is selected based on the physical endpoints, not the Cloud PC or session host. For example, a user physically located in the UK will use a relay in the UK South or the UK West regions. If the client is far from a supported region, the connection may fall back to TCP, potentially impacting performance. Australia East Japan East Spain Central Australia Southeast Japan West Sweden Central Brazil South Korea Central Switzerland North Canada Central Korea South Taiwan North Canada East Mexico Central UAE Central Central India North Central US UAE North Central US North Europe UK South East US Norway East UK West East US 2 Poland Central West Central US East US2 EUAP South Africa North West Europe France Central South Africa West West US Germany West Central South Central US West US 2 Israel Central South India West US 3 Italy North Southeast Asia How to prepare for this change This new IP subnet will form a critical part of the resilient and performant connectivity provided for Windows 365 and Azure Virtual Desktop. As part of the ongoing transition, traffic will be progressively redirected from the current Azure Communication Service (ACS) TURN relay range (20.202.0.0/16) to a newly designated subnet (51.5.0.0/16). While this shift is designed to be seamless, it’s essential that you preemptively configure bypass rules for the new range to maintain uninterrupted service. With both IP ranges properly bypassed, end users will not experience any connectivity issues. You therefore need to ensure that traffic is both accessible and optimized. Accessible Your environment should have this subnet accessible from all networks used for Windows 365 or Azure Virtual Desktop connectivity, both on the physical network and cloud side. For Microsoft Hosted Network deployments in Windows 365 this underlying connectivity is already in place. For Azure Virtual Desktop and Windows 365 – Azure network connection ANC deployments, the ‘WindowsVirtualDesktop’ service tag contains this subnet so connectivity may already be in place. Optimized The subnet should also be optimized to ensure this critical, latency sensitive traffic has the most performant path available, this means: No TLS inspection on the traffic. This traffic is TLS encrypted transport with a nested TLS encrypted tunnel. TLS inspection yields no benefit but carries high risk of performance and reliability impact and puts significant additional load on the inspecting device. Locally egressed, meaning traffic is sent to Microsoft via the most direct and efficient path. In Azure this means directly routed onto Microsoft’ backbone and for customer side networks, directly to the internet where it will be picked up by Microsoft’s infrastructure locally. Bypassed from VPN, Proxy and Secure Web Gateway (SWG) tunnels and sent directly to the service as demonstrated in the example here. On the Cloud side this may involve using a User Defined Route (UDR) to send the Windows Virtual Desktop traffic direct to ‘internet’ instead of traversing a virtual firewall as can be seen in the example here. Learn more To learn more about RDP Shortpath and how to configure it for public networks, see our documentation on RDP Shortpath for Azure Virtual Desktop.Provisioning Windows 365 Enterprise fails
We are setting up a test for with Windows 365 Enterprise. We have setup the polices and we have assign the licenses. And we see actually that the Cloud PC should be made ready, but the status is pending. When looking at the details it says: But we don't have any in the pending status and we have the licenses assigned otherwise they would not show up there at all. In Office 365 for that account it shows the license is assigned. What could be the issue that makes it think that the are no licenses available? Any suggestions is greatly appreciated. Andreas
W365 Disk partitioning
Dear All, I tried some disk partitioning on a Windows 365 machine. I shrunk the default C: drive that came with W365 machine after provisioning and created successfully another drive (named it 😧 drive). I have a couple of questions here: 1. I have found that my D drive doesn't show on "My PC" of this Windows 365 Cloud PC, but it is accessible and works fine, I can save files there. Could you please help clarify if this is intentionally not shown on My PC? (only c drive with used and remaining space after partitioning is visible at the moment.) 2. Can I manage to do disk partition for multiple Windows 365 Cloud PCs centrally from endpoint management portal or somewhere? Note: I tested this on Windows 365 Business Edition but these questions should cover Enterprise edition as well. Thank you very much
Saving Cloud PC data for a time and then restoring
Hi, I'm in a position where we have a cloud PC user who is currently on maternity leave. Whilst she is away we have a new starter covering her position. I'm wondering if there's a way to save the data that's on the mat leave user's CPC so we can free up the license for the new starter? Then be able to restore the saved data when the first user is back from mat leave. I couldn't see anything about this online but thought it might be worth a shot asking on here. If not, would it potentially be buying another license and spinning up a new CPC? Thanks in advance! Joel
