![]() Your WVD hostpool is now more secure and your users will be required to perform a Multi-factor authentication to access the feed. Go ahead and Create your policy, make sure to select Enable policy = On. Finally, Under Access Controls, Session Select Sign-in frequency and set it on prefered timelimit. ![]() Under Access Controls, Grant Select Require Multi-Factor authentication.Under Conditions, Client State decide if you want exclude your Intune managed and compliant devices (Optional).Under Conditions, Client apps decide if you want MFA on the Web App or Desktop App (or both).Make sure you select Windows Virtual Desktop (App ID 9cdead84-a844-4324-93f2-b2e6bb768d07) (There are also old apps for classic wvd deployments) Under Cloud apps or actions, Include the specific app Windows Virtual Desktop.Under Assignments, Include the users and groups that will be targeted by this policy and select Done.(In my example: Grant – WVD app with MFA) Browse to Azure Active Directory > Security > Conditional Access.Create a Conditional Access policy for WVD It´s pretty easy to implement, easy to use and will increase the security alot. With Conditional Access, we can set a timeout for this token and require a new authentication. The client will then remember the token from your Azure Active Directory and the user will not be prompted again. ![]() In the Windows client for Windows Virtual Desktop, a user can select remember me, regardless of using MFA or not. ![]() ![]() But, note that it will not enable MFA on the remote desktop access to the WVD itself, only the access to the “feed” of your published apps and desktops. This will secure the webaccess but also the Windows client for Windows Virtual Desktop. But one thing you can enable is Azure Multifactor Authentication. Windows Virtual Desktop is still waiting for full Azure AD support. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |