Hi everyone! Today, I want to demonstrate how you leverage Microsoft Intune to auto-subscribe Remote Desktop clients into Azure Virtual Desktop (AVD) and \ or Windows 365 environments, this approach will negate the need for end-users to manually subscribe and enhance the end-user experience when managing thin clients via Intune.
- Administrative rights within Microsoft Intune
- Devices with the Remote Desktop Client preinstalled (Note: in my lab I am using 1.2.2924.0 x64 version)
- Email Discovery configured as instructed here.
- Test Device(s)
- Test User(s)
- Users licenced for Microsoft Intune
- Users licenced for AVD and \ or W365
TIP: See my previous post on how to package and deploy the Remote Desktop Client in a truly system-wide context via Microsoft Intune here.
Creating the Configuration Profile
We need to create a Configuration Profile to push the workspace URL to endpoints, this profile should work for both Remote Desktop clients and the equivalent Microsoft Store application. To create the profile, log into the MEMAC portal, navigate to the Devices blade, Windows, Configuration Profiles and then Create Profile:
For platform select Windows 10 and later and for Profile Type select Settings catalog (preview) and then click Create:
Give your profile an appropriate Name and Description:
Within the settings picker, under a category of Remote Desktop, find Auto-subscription (User) and add to the profile:
Now set the Auto-subscription (User) field type in: https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery, like so:
Note: At the time of writing this setting could only be verified as working on Windows 10 devices, the setting would not take effect on Windows 11, but I’m sure over time this would be made available \ fixed by Microsoft.
Now assign to your devices and test.
Trust but Verify
Now that we’ve assigned the Settings Catalog to our test users \ devices, we need to verify that all is well. At this point, ensure that licences and AVD assignments are in place.
This is the default view when opening the Remote Desktop Client, as you can see (or cannot see!) there are no Workspaces available and I’m prompted to subscribe either via signing in or via URL:
After the Configuration Profile has been assigned to the device and synced, after logging in with an AVD User, As you can see ‘We’re auto-subscribing you to the requested feeds…’:
Now you can see that the desktops and apps are visible as expected without any input from the user:
Also note that users are unable to unsubscribe once this policy is in place:
And finally, the applications are present within the Start Menu as well:
Note: If the end-user has MFA in place to access AVD sessions then at the launch of the Remote Desktop Client, the end-user would be prompted for MFA.
Thanks for reading, feel free to reach out to me on Twitter if you have any questions. Until next time!