MFA for WVD, doesn’t that already exist through Azure AD conditional access? Yes, it does, but its limited to certain scenario’s. With the Azure AD MFA WVD access, you only need to MFA once in order to access any desktop published through WVD. Which got me thinking: what if I want to request an MFA […]
In our previous post we talked about the scripts that can install applications and set settings automatically without even login-on to the system. In this post we will see how we can use those scripts in a JSON file, together with the Azure Image Builder. Within the JSON file we specify which OS we want, […]
In this post we will build our own image to be used with WVD. Apart from using the Deploy Microsoft 365 Apps by using Remote Desktop Services guide to install Office 365, we will also install Teams (optimized for WVD), Visual Studio Code, set some preferences and copy those to the default profile before optimizing […]
In all our previous posts we had the user sign-up flow take control of the actual creation of the user in Azure AD. The problem with that flow is that if we want to add the user to a group or perform other functions on it (like adding additional attributes) we would have to reply […]
In the previous two posts I explained how to connect External Identities to a Logic App. This allows us to define advanced workflows for signing up external users. The power of Logic Apps is virtually unlimited and the built-in connectors can help us with lots of things. I created a logic app that adds the […]
First of all, I have a confession to make: I’m not a developer to the extend that I cannot write an API from scratch or any other application that isn’t based on pure PowerShell or VBS scripting. Which means integrating an API into External Identities is going to be a challenge for me. I wish […]
Let’s say you have an application that you want your vendors to access. If this application is Azure AD joined you could create a separate account, you could invite them as a guest using their email address, you can even add their domain name as a connected organization, or you could use external identities. That […]
When you have your pool up and running, you might want to do some special stuff. For example, you might want to enable Mic + WebCam redirection: Set-RdsHostPool -TenantName <tenantName> -Name <hostpoolName> -CustomRdpProperty “audiocapturemode:i:1;camerastoredirect:s:*;” And there are a lot more options you can enable / disable check: https://docs.microsoft.com/en-gb/windows-server/remote/remote-desktop-services/clients/rdp-files?context=/azure/virtual-desktop/context/context For example, disabling Copy/Paste and Printers, so […]
When you deploy a new Pool, the VM’s in that pool will need access to some URLs and internal IP’s for the deployment to complete. First, the VM’s will be joined to your domain, meaning they will need the standard ports open to the domain controllers and DNS servers. Secondly, an agent is deployed that […]
One the of most annoying things is passwords. And as you might know, Microsoft is on a quest to remove them: which includes you users access to WVD. But unfortunately this is only possible in certain architectures where you have your users authenticate to AAD using ADFS, have a backend (Windows 2008 or higher) PKI […]