User Profile
DavidBelanger
Joined 7 years ago
User Widgets
Recent Discussions
Public Preview: Faster reauthentication
We're excited to announce the public preview of faster reauthentication for Azure Virtual Desktop when single sign-on is enabled. This feature allows you to use the "Every time" sign-in frequency option in Conditional Access policies that target the Microsoft Remote Desktop and Windows Cloud Login Entra ID apps. This can help you provide a more secure environment, especially for BYOD and unmanaged devices. Getting started: The documentation to Enforce Microsoft Entra multifactor authentication will guide you through the key steps needed to enable this functionality.608Views2likes0CommentsHOW TO: Hiding the consent prompt for Single Sign-On
We've been working on the ability to hide the dialog shown to users on first connection to a new session host when Single Sign-On is enabled to allow the remote desktop connection. The steps have now been published. To get started, review the new steps to configure Single Sign-On on your Azure Virtual Desktop Host Pool: Configure single sign-on for Azure Virtual Desktop using Microsoft Entra authentication - Azure | Microsoft Learn3.2KViews4likes13CommentsPublic Preview: Single sign-on and passwordless authentication for Azure Virtual Desktop
In case you missed it, on Monday we announced the public preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (like FIDO2 keys). Building on the Insider preview, the public preview adds support for Windows 10, Windows 11 and Windows Server 2022 session hosts. The preview also adds support for single sign-on using the web client. For details and getting started information, read the announcement in the Azure Virtual Desktop blog.1.9KViews1like0CommentsInsider Preview: Single sign-on and passwordless authentication for Azure Virtual Desktop
Today we’re announcing the Insider preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (like FIDO2 keys). With this preview, you can now: Enable a single sign-on experience to Azure AD-joined and Hybrid Azure AD-joined session hosts Use passwordless authentication to sign in to the host using Azure AD Use passwordless authentication inside the session Use third-party Identity Providers (IdP) that integrate with Azure AD to sign in to the host Getting started This new functionality is currently available in Insider builds of Windows 11 22H2, available in the Azure Gallery when deploying new session hosts in a host pool. Want a quick overview of the new functionality? Watch this intro video on Azure Academy! To get started with single sign-on, follow the instructions to Configure single sign-on which will guide you in enabling the new authentication protocol. To start using Windows Hello and FIDO2 keys inside the session, follow the instructions for In-session passwordless authentication to use the new WebAuthn redirection functionality. Learn more about the supported authentication methods supported by Azure Virtual Desktop, including single sign-on on our Identities and authentication page. Stay tuned for news about the upcoming public preview which will add support for Windows 10 and current Windows 11 hosts.29KViews11likes23CommentsA better printing experience for Azure Virtual Desktop with Universal Print
Both Azure Virtual Desktop and Universal Print offer solutions that allow organizations to simplify their IT infrastructure and lower their costs. They also allow users to access their organization’s resources virtually anywhere. The upcoming Windows 11 22H2 release will offer an improved printing experience that combines the benefits of Azure Virtual Desktop and Universal Print for Windows 11 multi-session users. Experience improvements There are three improvements that streamline the printing experience on virtualized shared desktops. Printers are installed as part of the user profile Instead of printers being installed as a machine-wide resource (i.e., all installed printers are visible to all users who sign into the session host), printers are installed per user, so people see only those printers. Printers roam with user profiles When user profiles are configured to roam (e.g., usingFSLogix), printers installed in one session will be automatically installed in other sessions for that person across session hosts. This behavior also works when people remove printers from their profile. Location-based printer search the local device location Instead of finding printers close to the location of the session host where the person is signed in (e.g., a VM hosted in a data center), the admin can configure location services so that printer search will find printers based on the location of the device the person is connecting from. Try it and share your feedback Try these improvements today on Windows 11 multi-session builds available through the Windows Insider Program. To deploy an Insider image from the Azure Gallery, select the Windows 11 version 22H2 Enterprise [multi-session], (Preview) image when deploying a new session host in Azure Virtual Desktop. For example: For more information, please visit https://aka.ms/AVDwithUniversalPrint You can share your feedback or ask for assistance at https://aka.ms/UniversalPrintDiscussions7.5KViews0likes0CommentsPublic Preview: Intune user configuration for Windows 11 multi-session VMs
Today we’re announcing the public preview for deploying Microsoft Intune user configuration from Microsoft Endpoint Manager admin center to Azure Virtual Desktop Windows 11 multi-session virtual machines (VMs). This is in addition to the recently announced general availability of device configuration for multi-session VMs. With this preview, you can now configure: User scope policies using the Settings catalog User certificates via Templates PowerShell scripts to run in the user context Getting started This new functionality is available in the Intune 2206 release and you must install the 2206 Cumulative Update for Windows 11 (KB5014697) on your session hosts. Learn more about the recommended ways to manage your Azure Virtual Desktop session hosts on our management page. To get started, follow the instructions to use Azure Virtual Desktop multi-session with Intune which will guide you in creating new user configurations. Stay tuned for news about the upcoming support for Intune user configuration on Windows 10 multi-session VMs.8.6KViews0likes0CommentsPublic Preview of FSLogix profiles support for Azure AD-joined VMs for Azure Virtual Desktop
Earlier today, we announced the public preview of FSLogix profiles support for Azure AD-joined VMs for Azure Virtual Desktop. The preview allows you to create an Azure Files share to store the FSLogix profiles and configure it to support Azure AD authentication. For customers trying to reduce cost, it’s now possible to deploy a pooled environment using Azure AD-joined Windows 10/11 Enterprise multi-session VMs where the user profiles are stored on Azure Files. This combines the key benefits of Azure AD-joined VMs (no line-of-sight to a domain controller, simplified deployment, and enhanced management with Intune) with the cost reduction of using a pooled environment shared between all users. For information on the full benefits and details on the new functionality, read theannouncement blog.684Views0likes0CommentsSigning in to Azure AD using smart cards now supported in Azure Virtual Desktop
For those of you who use smart cards to help increase the security of your environment, Azure Virtual Desktop now support signing in to Azure AD with smart cards. While this isn't a new feature for Azure AD, configuring Active Directory Federation Services to sign in with smart cards is now supported in Azure Virtual Desktop. To get started, have a look at the newly updated Authentication page for Azure Virtual Desktop.12KViews2likes1CommentPUBLIC PREVIEW: Announcing public preview of Azure AD joined VMs
We are excited to announce the public preview of Azure AD joined VMs support for Azure Virtual Desktop. This feature allows customers to easily deploy Azure AD joined session hosts from the Azure portal and access them from all clients. VMs can also be automatically enrolled in Intune for ease of management. Support for storing FSLogix profiles on Azure files will be available in a future update. Getting started: The documentation to deploy Azure AD joined session hosts will guide you through the key steps needed to enable this functionality.Solved24KViews3likes68CommentsSSO using AD FS is now generally available!
We're excited to announce that single sign-on (SSO) using Active Directory Federation Services (AD FS) for Azure Virtual Desktop is now generally available! This feature allows customers who use AD FS to configure their host pool to enable a single sign-on experience, removing the second credential prompt for the session host. This functionality is supported when using the Windows Desktop and web clients. Getting started: The documentation to configure AD FS single sign-on will guide you through the key steps needed to enable this functionality including: Configuring your certificate authority to issue certificates Configuring your AD FS server with a relying-party trust Configuring your Windows Virtual Desktop host pool to enable SSO This functionality is available in the Azure Commercial cloud and will soon be available in other Azure clouds.7.4KViews0likes4Comments