Using Windows Virtual Desktop with Intune

Windows Virtual Desktop is a desktop and app virtualization service that runs on Microsoft Azure. It lets end users connect securely to a full desktop from any device. With Microsoft Intune, you can secure and manage your Windows Virtual Desktop VMs with policy and apps at scale, after they're enrolled.

Prerequisites

Currently, Intune supports Windows Virtual Desktop VMs that are:

For more information on Windows Virtual Desktop licensing requirements, see What is Windows Virtual Desktop?.

Intune treats Windows Virtual Desktop personal VMs the same as Windows 10 Enterprise physical desktops. This treatment lets you use some of your existing configurations and secure the VMs with compliance policy and conditional access. Intune management doesn't depend on or interfere with Windows Virtual Desktop management of the same virtual machine.

Limitations

There are some limitations to keep in mind when managing Windows 10 Enterprise remote desktops:

Configuration

All VM limitations listed in Using Windows 10 virtual machines also apply to Windows Virtual Desktop VMs.

Also, the following profiles aren't currently supported:

Make sure that the RemoteDesktopServices/AllowUsersToConnectRemotely policy isn't disabled.

Remote actions

The following Windows 10 desktop device remote actions aren't supported/recommended for Windows Virtual Desktop VMs:

  • Autopilot reset
  • BitLocker key rotation
  • Fresh Start
  • Remote lock
  • Reset password
  • Wipe

Retirement

Deleting VMs from Azure leaves orphaned device records in Intune. They'll be automatically cleaned up according to the cleanup rules configured for the tenant.

Windows 10 Enterprise multi-session

Intune doesn't currently support management of Windows 10 Enterprise multi-session.

Next steps

Learn more about Windows Virtual Desktops.