Windows Virtual Desktop (WVD) RDP Properties. Am I crazy, or was the RDP Properties blade under Settings just added in Windows Virtual Desktop in the Azure portal? I was going in there looking under the Properties blade at the old RDP Properties text box, but when I refreshed there was a new 'RDP Properties' section under Settings.
Anyone familiar with the native Remote Desktop Connection application, built into Windows, are probably used to being able to customise options such as local clipboard access, multiple monitor use or audio settings. If you're also using Windows Virtual Desktop you will also know that the new Windows client doesn't offer these settings and excluding the recent update I wrote about a few days back that now offers some monitor options the rest of the options require you to customise any client options via PowerShell and apply it against your host pools.
- In the RDP connection options, the local devices and resources are activated. On the terminal server, the camera is passed through and is also displayed in teams. However, an image is only displayed for one user (he is in the AD group Domain Admins). For all other users, the camera is displayed on the TS in Teams, but the image remains black.
- Use the following procedure to specify custom RDP settings for virtual desktop connections by using the Remote Desktop Connection Manager tool. Membership in the local Administrators group, or equivalent, on the RD Connection Broker server that you plan to configure, is the minimum required to.
It seems so simple and yet if you're not familiar with the properties to customise or are perhaps managing multiple host pools it's not something you may want to manage using a cmd that you have to write out each time. Not to mention having to lookup each of the 'Supported Remote Desktop RDP File Settings', build them out into a string that you then have to capture for each host pool for your change management processes.
It's for this reason I built a new script for assisting you with updating these settings. For now the script allows you to apply new custom RDP settings to your host pool by applying any property with a configured value from a config json file. I've uploaded the script and config file to my GitHub repository and to run the script you will first need to download CustomRDPPropertyValues.json and customise it. Most of the values in the file are informational only so below is a quick overview of what you need to know for them.
- RDPSetting: Custom RDP Setting property. Don't change this as it's used to build the custom setting property string.
- ConfiguredValue: Update this value to set the property. Restore to either default or ' to restore/unset the property.
- Description: The description of the setting you're configuring.
- AvailableValue: View the different values you can enter for the ConfiguredValue field. Descriptions of each are provided.
- Default: What the default option is if you were to unset the value or need to revert it back.
- WindowsVirtualDesktop/HTML5: Current client support for the setting. This information was pulled from the Microsoft Docs and may not be fully supported depending on your environment - testing is recommended before deploying to production.
Once you have customised the JSON file you're ready to execute the script. To call the script use the following syntax;
The configfile parameter is the only required value and can be either the relative or absolute path for the file name. The script will first validate the JSON format, capture the property settings for any values you have set a ConfiguredValue for and then check your connection to your WVD tenant and connect if necessary. If you didn't provide the tenant parameters the script will then offer you a selection of available Desktop Application AppGroups that you can select to apply the custom RDP properties to.
Once complete the script will then exit, to update the values you will currently need to update the JSON and rerun the script - updates/deletions of single values only is not yet supported in this version.
In the future I hope to provide more functionality to this and my other existing script wvd-publishapps.ps1 (allows you to select and publish RemoteApps to your tenant by listing available options). I'm not a developer by nature so for me this is a side project but hopefully you can get some value from them - my goal is also to build them out into more of a module format allowing you to perform many operations in a more organised fashion. Let me know if you have any suggestions or feedback as I'd love to know what you think.
When you have your pool up and running, you might want to dosome special stuff. For example, you might want to enable Mic + WebCamredirection:
And there are a lot more options you can enable / disable check: https://docs.microsoft.com/en-gb/windows-server/remote/remote-desktop-services/clients/rdp-files?context=/azure/virtual-desktop/context/context
For example, disabling Copy/Paste and Printers, so you don’t get the annoying pop-up.
Commands
The following admin commands might come in handy
Or host level usage:
Find which hosts are being used (or not)
Get all app groups and users assigned to them
Forcefully log-off a user (because they’ve been bad, or the VM is acting up..)
Get all assigned users from all tenants in all pools for every appgroup
Assigned RDP Sessions
But perhaps (and that is what this post is about), you want to publish the RDP client, to allow users to only connect to their own desktop PC in the office.
The idea I had for this was:
- An administrator adds the IP address or hostname into the username of AD (for example in AttributeExtension1)
- The administrator adds the user to the Remote Desktop Users group on the local (target) machine
- The user logs into WVD click the RDP icon and automatically, the system loads a pre-created file that connects the user to the local (target) machine.
Active Directory
In Active Directory, my test user will receive (in extensionAttribute1 – the IP address of the host he/she can connect to):
Wvd Rdp Properties
Next, on NETLOGON we save a Default.rdp file (save it locally first, then copy it to NETLOGON). The file is a regular RDP file (saved from the MSTSC.exe application) pointing towards a client called REPLACEME
Script
A script is created that runs as soon as the user opens theclient. The script is as follows:
What it does: It connects to the AD domain to get the DistinguishedNamefor the logged in user, it then does a lookup using the DirectorySearcher forthe object to get all properties and we retrieve the value for extensionAttribute1.
Rdp File Settings
When then copy the file from NETLOGON and replace the REPLACEMEtext in the file with the value of ExtensionAttribute1 and save the file.
In short, if we would now launch mstsc %TEMP%user.rdp, itwill launch the Remote Desktop Client with only the backend IP/Hostname providedin the extensionAttribute1 of that particular user.
Save this file on a drive (shared drive or NETLOGON again) and publish this PowerShell script through Group Policy.
Windows Virtual Desktop Rdp Properties
In order to launch mstsc with the variable, run the followingcommand:
Windows Virtual Desktop Rdp Properties Manager
As soon as you assign this to a user, and ensure that the script runs at user login, a user can now click the TheRDPToYourMachine (perhaps another naming convention might be nicer…) and connect straight to a backend server or machine in the corporate network without allowing the user to choose the IP or hostname.