Block outdated AVD clients
Considering the AVD usage in BYOD context where end users use the remote desktop client to connect to AVD from their own personal devices.Is it possible to block outdated AVD clients from connecting to AVD service? Using Conditional Access, we can define the platforms allowed to connect but not the version of OS or the version of client being used. We could use Intune MDM to check the device OS version but we don't want to enroll personal devices. Is there any other way it could be possible?
Windows Virtual Desktop Sign-in prompt
Hello all, We are getting ready to deploy Windows Virtual Desktops into our prod environment, but I have a few concerns with the authentication process. As of now I have a conditional access policy that will require a user to use MFA when subscribing to our host pool using the Remote Desktop client app. This is great, but the sign in prompts one time, then seems to cache the auth token. I am looking for a way to prompt for sign-in every time, or require the sign in to be available on a certain IP via conditional access. We are a hybrid AD configuration with well established policies to protect our resources requiring all external access to have MFA requirement. This bypasses this requirement. This seems like a potential issue if someone were gain access to a computer and just click right through into the hosted app that is readily available in the RD app. Is there something I might be missing to set this as an option that requires a user to auth every time? Thanks! -SammyFManaging User Access to Internet on Windows Virtual Desktop
I'm very interested in this product and previously, we implemented our own solution through Azure Virtual Machines which we had to manage completely. In our particular use case scenario, we want to control users' access to Internet and block certain protocols. Here are two specific examples of what we want to do: We'd like to create a white list of websites users can visit and block all the rest. We'd like to turn off FTP protocol completely and take any other action we can to prevent users from "uploading" files to outside world. How could we handle these two scenarios if we were to use Azure Windows Virtual Desktop?
