anyweb

Introduction This is Part 5 in a new series of guides about getting started with Windows 365. This series of guides will help you to learn all about Windows 365 in a clear and insightful way. This series is co-written by Niall & Paul, both of whom are Enterprise Mobility MVP’s with broad experience in the area of modern management. At the time of writing, Paul is a 6 times Enterprise Mobility MVP based in the UK and Niall is a 12 times Enterprise Mobility MVP based in Sweden. In this series we aim to cover everything we learn about Windows 365 and share it with you to help you to deploy it safely and securely within your own organization. In Part 1 we introduced you to Windows 365, selecting the right edition with the level of management that you need, choosing the plan that suits your users needs at a cost you can afford, or modifying the configuration to make it more suited to your individual needs, purchasing licenses and saving money for your organization via the Windows Hybrid Benefit. In Part 2 you learned how to provision an Azure Ad joined Cloud PC and take a look at the different network options available when provisioning an Azure Ad joined Cloud PC. In Part 3 you learned about the steps needed to successfully provision a Hybrid Azure Ad Joined Cloud PC. In Part 4 you saw the many different ways you can connect to your Cloud PC from many device be it Android, Mac, Windows, Linux or iPhone and you learned that not all connection options have the same abilities. The management capabilities of your Cloud PCs are dependent on which edition of Windows 365 you purchase. If you want rich device management, go with Windows 365 Enterprise. If your business is small (less than 300 employees) use the Windows 365 Business option and it's associated (limited) management. Cloud PC's from Microsoft have come about from traditional Desktop as a Service (DaaS) offerings (providing a Windows experience for end users with little or no overhead for IT admins) and an evolution from PaaS offerings (such as Azure Virtual Desktop). Microsoft's definition of Cloud PC is defined as a Windows experience delivered in an elastic way from the cloud while maintaining their full security posture and flexibility and user experiences that they see in the physical world. That flexibility and maintenance is of course done via management and that's our focus in this blog post, managing your Cloud PC's whether you are using the Business or Enterprise edition of the product. Below you can find all parts in this series: Getting started with Windows 365 - Part 1. Introduction Getting started with Windows 365 - Part 2. Provisioning an Azure Ad Joined Cloud PC Getting started with Windows 365 - Part 3. Provisioning a Hybrid Azure Ad Joined Cloud PC Getting started with Windows 365 - Part 4. Connecting to your Cloud PC Getting started with Windows 365 - Part 5. Managing your Cloud PC <- you are here Getting started with Windows 365 - Part 6. Point in time restore Getting started with Windows 365 - Part 7. Patching your Cloud PCs with Windows Autopatch Getting started with Windows 365 - Part 8. Windows 365 boot Getting started with Windows 365 - Part 9. Windows 365 switch Getting started with Windows 365 - Part 10. Windows 365 offline In this part we'll cover the following: Different abilities between editions Management capabilities for Windows 365 Business Sign up for a Windows 365 Business Trial Assigning a user an administrative role Abilities in the Windows365 portal Management capabilities for Windows 365 Enterprise Quick overview of features in Intune Cloud PC related actions on Windows 365 devices Configure Alerts for Windows 365 related issues Custom Windows 365 role-based access control (RBAC) roles Management capabilities via Powershell Create Enterprise app Configure permissions Grant consent Script samples Recommended reading Summary Different abilities between editions In Part 1 of this blog series we highlighted the main differences between the 2 editions. The following table further outlines the different capabilities (including management capabilities) between Windows 365 Business and Windows 365 Enterprise editions. It's clear that if you want image management, device management, connection to on-premises network resources, reporting, monitoring and more that Windows 365 Enterprise is the right choice. Management capabilities for Windows 365 Business Windows 365 comes in two flavors, Windows 365 Business, or Windows 365 Enterprise. With the Enterprise edition you get Intune device management and more included. With the Business edition you are limited to actions (listed below) in the Windows 365 portal or remote actions via the admin console. As there is no Intune management included, there are no licensing prerequisites to set up Windows 365 Business. Sign up for a Windows 365 Business Trial If you'd like to try out the Windows 365 Business for yourself to test Cloud PC's and the management capabilities available to Windows 365 Business, you can sign up for a free 30 days trial if you are in a region where trials are offered. Below are 2 applicable regions (there may be more) where the trial period is currently valid at the time of writing. We signed up for the UK trial. US - https://www.microsoft.com/en-us/windows-365/business/compare-plans-pricing UK - https://www.microsoft.com/en-gb/windows-365/business/compare-plans-pricing For a list of management capabilities for the Business edition via windows365.microsoft.com see below: Add a user and assign a license. Assign or unassign licenses. Change organization default settings. Use remote actions on Cloud PCs. Reset a user's password. Assigning a user an administrative role To avail of this management ability for Windows 365 Business, you'll need a user to be assigned either of the following roles: Global Administrator Windows 365 Administrator In our testing however, there are some scenarios where you'll need more than just the Windows 365 Administrator role and we've asked the Microsoft Product Group for comment. We'll update this blog post when we have more clarity on that. You can assign these RBAC (Role Based Access Control) roles via the admin.microsoft.com portal as a Global Administrator or if the customer has access to Azure Active Directory. To apply the Windows 365 Administrator role using the admin.microsoft.com portal, login as a Global Administrator and click on Users, select Active Users, select the user in question, click on Manage Roles and scroll down to Devices and select the Windows 365 Administrator role before selecting Save Changes. To apply the role to a user in Azure AD, login as Global Administrator, select Roles and administrators Search for the appropriate role, in this example we will apply the Windows 365 Administrator role. Click on + Add assignments and then click on No member selected to add at least one member to this role. Note: If your Windows 365 business admin user does not have either of those roles assigned, then none of the remote actions or additional abilities will be available or visible on windows365.microsoft.com or admin.microsoft.com. We noted that in order to see anything in the admin portal you'd also need to assign the Global Reader role in addition to the Windows 365 Administrator role. Abilities in the Windows365 portal Here we can see a typical view of the windows365.microsoft.com portal and the management capabilities available to a user with one of the roles mentioned above for Windows 365 Business. In this view we can see an additional tab called Your organization's Cloud PCs. Clicking on Your organization's Cloud PCs reveals a list of users in your organization and their assigned licenses and it reveals another option to Update organization settings. From this view the admin can select to manage users by clicking on them directly and accessing the options available, this gives you access to add users, reset passwords, update organization settings or do remote actions on users Cloud PCs all from one place. For example in the screenshot below, clicking on the account the devices or even the licenses and apps tabs will show additional options available for that user. Note: You can only add/remove Licenses if you are logged in with a user that has the appropriate role, for example a Global Administrator or License Administrator role. Management capabilities for Windows 365 Enterprise Windows 365 Enterprise management capabilities take place in Microsoft Intune and as such Intune licensing is required. Windows 365 Enterprise Cloud PC's are managed by Intune so anything you can do in Intune is possible on your Cloud PC's, with a few exceptions currently, such as BitLocker encryption. Logging in to the Microsoft Endpoint Manager portal you can see Windows 365 Enterprise Cloud PC management in various places, so let's take a look at where you can find it. In the portal you can get Windows 365 information easily by clicking on Explore This brings you directly to the Windows 365 provisioning area in Intune which also contains monitoring reports and links to product documentation and forums. For example, the Remoting connection link brings you directly to Endpoint Analytics reports with lots of useful data. and we also have Resource performance. In addition to the above, Windows 365 management is visible in other areas, while we can't take a look at all of them let's review a few. Cloud PC related actions on Windows 365 devices In addition to the standard actions available to regular devices there are several Windows 365 actions available for Cloud PCs in the Intune portal. The following actions are available on the Overview page after selecting a Cloud PC. Restore Reprovision Resize (preview) Place Cloud PC under review and in the left node you have additional related actions such as: Performance (preview) User experience Restore points User experience is available on non Cloud PC's also however Cloud PC's will also see two additional tabs namely Resource performance Remoting connection It's also worth noting that at the time of writing that Recovery keys are greyed out (not available) for Cloud PCs and that is because Bitlocker encryption is not currently supported (but is on the roadmap). Custom Windows 365 role-based access control (RBAC) roles You can create custom RBAC roles for Cloud PC management as explained here. In Tenant administration, click on Roles, select All Roles, click on + Create and select Windows 365 role. Once there, select the abilities you want this role to have access to. Configure Alerts for Windows 365 related issues You can now configure alerts in Intune to notify your admins via email about problems occurring with your Windows 365 Cloud PCs. The following Windows 365 based alert rules are currently available at the time of writing (January 2023) Azure network connection failure Upload failure for custom images Provisioning failure impacting Cloud PCs For details about configuring these alerts see here. Management capabilities via Powershell You can do most Windows 365 Cloud PC tasks automatically using PowerShell via Microsoft Graph. To use this automation however you need to fulfill some requirements. Create an Enterprise app Configure permissions Grant consent Note: Please note that in this example we will use client secrets as it's in a lab, however in production environments please use Azure Key vault to keep this access secure. Create an Enterprise App We'll use app registrations in Azure AD to create an Enterprise app that allows us to use Microsoft Graph to carry out our automation work. In Azure AD go to App registrations. Click on + New registration. In the new app registration, give it a useful name like Windows 365 Graph Automation so that you know what it is for, and choose Accounts in your tenant (first option), and optionally select Web from the Redirect URI (optional)+ choices and point it to a localhost address or one that you have available. Finally click on Register. Next, you'll want to add a secret by clicking on Add a certificate or secret, and then once the secret has been created, copy the following values from this app registration as we'll need them in our PowerShell scripts: Application (client) ID Directory (tenant) ID Client credentials (certificate or secret) Below you can see the secret is created and copied, store that info somewhere safe. Review Permissions To review the permissions see the Graph API Documentation for what permissions are needed, keep in mind that these are currently in Beta and subject to change. Those permissions are basically broken down into three areas, License, Group and Cloud PC License permissions User.ReadWrite.All Directory.ReadWrite.All Group permissions GroupMember.ReadWrite.All, Group.ReadWrite.All Directory.ReadWrite.All CloudPC permissions CloudPC.ReadWrite.All But before we get started with those permissions we need to create an App registration. Configuring API permissions To configure API Permissions for the your app API, Click API permissions, then click + Add a permission, select Microsoft Graph, select Application permissions Next, add the following: User.ReadWrite.All Group.ReadWrite.All GroupMember.ReadWrite.All CloudPC.ReadWrite.All Directory.ReadWrite.All The permissions are now added Grant consent Don't forget to Grant admin consent for your Tenant after doing so otherwise this won't work. after clicking on Yes you can see the scripts are granted Sample scripts We recently hosted a session about troubleshooting Hybrid Azure AD joined Cloud PC's in a USA Cloud PC meetup. Before our session Dawn Wertz did a demo about this automating Cloud PC actions with Graph and PowerShell. She very kindly provided her sample scripts that she used during her demo and you can download them yourself below. We'd highly recommend that you review the included PowerPoint (thanks Dawn) and video. You can download the scripts (and PowerPoint) here. Windows 365 Cloud PC Powershell samples.zip After editing one of the scripts in Visual Studio Code and adding the missing info (tenant id, app id, secret on lines 2-4) we could easily connect to Microsoft Graph. Once connected, it's possible to run commands such as list all the Cloud PCs. Get-MgDeviceManagementVirtualEndpointCloudPC and the output proves it's working. Recommended reading Get started with Windows 365 Business - https://techcommunity.microsoft.com/t5/windows-it-pro-blog/get-started-with-windows-365-business/ba-p/2595485 Remotely manage Windows 365 Business Cloud PCs - https://learn.microsoft.com/en-us/windows-365/business/remotely-manage-business-cloud-pcs Device management overview for Cloud PCs - https://learn.microsoft.com/en-us/windows-365/enterprise/device-management-overview Graph API permissions for Windows 365 Cloud PCs - https://learn.microsoft.com/en-us/graph/api/virtualendpoint-list-cloudpcs?view=graph-rest-beta&tabs=http Azure Key vault - https://learn.microsoft.com/en-us/azure/key-vault/general/overview Visual Studio code - https://code.visualstudio.com/Download Powershell with VisualStudioCode - https://code.visualstudio.com/docs/languages/powershell Custom Windows 365 role-based access control (RBAC) roles - What's new in Windows 365 Enterprise | Microsoft Learn Windows 365 Powershell module - https://www.nielskok.tech/windows-365/deploy-windows-365-via-powershell/ Powershell scripts for Windows 365 - https://askaresh.com/2023/01/18/consolidated-scripts-all-configurational-task-via-powershell-for-windows-365-cloud-pc-under-microsoft-intune-portal-mem/ Add users via Powershell - https://blog.thomasmarcussen.com/script-to-add-a-windows-365-cloud-pc-user/ Summary Managing Cloud PC's as an Admin is possible via a variety of different methods and depending on your subscription level and level of expertise. Windows 365 Business admins can manage their Cloud PC's via two main methods, the Windows365 portal and admin.microsoft.com. Windows 365 Enterprise admins get feature rich device management via Microsoft Intune and can automate repetitive actions using PowerShell scripts and Microsoft Graph. The possibilities are endless !

Introduction Microsoft added an ability to configure Alerts (preview) in Intune back in October 2022 and I’ve been using them since then, however I never got around to blogging about it as other things took priority. I was reminded that the alerts feature was configured by an email I received yesterday. clicking on the View alert link in the email brings you to the associated alert info in Intune as shown here. And clicking on the Azure network connection failure alert gives more data. Note: You can further drill down into the details to get more data, and if you click on the linked reports it'll show your fail(ed) Azure Network Connections. So why is this useful ? Well in my particular case I caused the issue by shutting down the Routing and Remote Access (RRAS) server. I was doing some hyper-v maintenance and shut down the RRAS server before exporting it, and i never resumed the virtual machine, meaning that the Azure Network Connection check (ANC) would fail. But let’s imagine that the RRAS server had an issue causing it to fail to start the service(s) or taking it offline. The email alert is yet another way of alerting admins that something is not right. How to configure Windows 365 Alerts In the Intune portal select Tenant admin (1), select Alerts (preview) (2) and finally select Alert Rules (3) as shown in the screenshot below. next, configure the alert making sure to select On for Status and add one or more email addresses. Finally, click on Apply. The following Windows 365 based alert rules are currently available at the time of writing (December 2022) Azure network connection failure Upload failure for custom images Provisioning failure impacting Cloud PCs Currently it seems that the Alert rules are only available for failures or problems. Hopefully we’ll get more alert rules types such as the successful provisioning of a Cloud PC as I requested here. What else do you think we should be alerted about ? until next time, adios !

i'm not sure which app you mean, but perhaps you mean this ? https://aka.ms/mfasetup and in there the USER can change to whatever default method they want, this is a user setting and we cannot enforce it (that I am aware of)

where did they change the option, at the login to windows screen or somewhere else ?

was this question related to Windows 365 or Azure AD ? number matching will be the default method come february 2023, so how can users choose something else ? Can I opt out of number matching? Yes, currently you can disable number matching. We highly recommend that you enable number matching for all users in your tenant to protect yourself from MFA fatigue attacks. Microsoft will enable number matching for all tenants by Feb 27, 2023. After protection is enabled by default, users can't opt out of number matching in Microsoft Authenticator push notifications.

Introduction While trying to connect to my Windows 365 Cloud PC using the Remote Desktop app, I got the following error. as shown here clicking on See details revealed some more info. I double checked using the Windows 365 App and it too, produced the same error code. Your connection failed. Error Code: 0x3000047 A guick google revealed similar error codes for AVD (Azure Virtual Desktop) but nothing for Windows 365. And the problem didn’t match my suspected issue. As this Cloud PC is Hybrid Azure AD joined to my lab, I suspected that my external internet facing IP address has changed or access to Routing and Remote Access Server (RRAS) was not working. Logging in to my RRAS server I could see this. checking in Azure, I could clearly see that the the Hybrid Azure AD VPN connection was listed as not connected, and again I suspected that it was due to my external internet facing IP address having changed (it changes often with my current ISP). On my RRAS server I checked my external internet facing IP address using one of the many websites out there to determine your IP address, and it had indeed changed. With the new IP address, I changed the settings in Azure for my Windows 365 Hybrid Local Network Gateway and then clicked on Save. Back on the RRAS server, in routing and remote access, I tried to Connect to the VPN again… and this time it worked ! and after trying the Windows 365 App again, it connected just fine ! problem solved

Welcome Austin, i've never heard of Dark Basic, what is it ?

I contacted Johan and here's his reply Hmm, I have actually done this once.... He will have to run a ds-Query against Global Catalog, as opposed to Ldap..... Or pay me to give him a custom TSCommander, including him signing a paper that he's responsible for not having several computers with the same samAccountName in multiple Domains

why do you tink you need a reboot ? just add a rescan to your diskpart script...

hi, i assume you mean this post if you try the net use commands manually what is the output ?

Introduction I recently presented a session with Paul Winstanley in a USA Windows 365 User Group meetup focused on all things Windows 365. The meetup included some great ‘what’s new’ content from Microsoft Program Manager Christiaan Brinkhoff and some great Powershell/Graph automation information and demos from Dawn Hertz. Myself and Paul then did a session about Windows 365 Hybrid Azure AD join which is one of the parts of our current series all about getting started with Windows 365 here. The video is now up on youtube and you can review it here. Our session starts at the 1:20 mark here: do us a favor and check it out, oh and do check out our series too ! Below you can find all parts in this series: Getting started with Windows 365 – Part 1. Introduction Getting started with Windows 365 – Part 2. Provisioning an Azure Ad Joined Cloud PC Getting started with Windows 365 – Part 3. Provisioning a Hybrid Azure Ad Joined Cloud PC Getting started with Windows 365 – Part 4. Connecting to your Cloud PC Getting started with Windows 365 – Part 5. Managing your Cloud PC Getting started with Windows 365 – Part 6. Point in time restore Getting started with Windows 365 – Part 7. Windows 365 boot Getting started with Windows 365 – Part 8. Windows 365 switch Getting started with Windows 365 – Part 9. Windows 365 offline Getting started with Windows 365 – Part 10. Patching your Cloud PCs with Windows Autopatch cheers niall

the machine account (cm01$ or whatever your site system account is) can install the roles, add the machine account to the local administrators group on that site server but on my lab server(s) I always define boundaries (based on ip ranges), so that would be the first thing i'd suggest you look at, even if you think you don't need them...

happy you got it working !

do you have any boundary added in your boundary group

ok we need to see the smsts.log to dig deeper, feel free to clean if of any sensitive info before attaching here

the content might be on your dp but is it the correct source version ? enable the Source Version column in your boot images to see what source version it is set to did you set boundaries correctly ?

here you go

you forgot to include the smsts*.log and app*.log files, they will show any failure.

check your pm

i need to check when i get home, i don't have them online... i'll check later tonite and ping you on pm

i'll see if i can find the files and make them available to you

dont use a task sequence, use a powershell script that runs based on events that are triggered from actions that you are interested in, such as logon, logoff etc...

Introduction This is Part 4 in a new series of guides about getting started with Windows 365. This series of guides will help you to learn all about Windows 365 in a clear and insightful way. This series is co-written by Niall & Paul, both of whom are Enterprise Mobility MVP’s with broad experience in the area of modern management. At the time of writing, Paul is a 6 times Enterprise Mobility MVP based in the UK and Niall is a 12 times Enterprise Mobility MVP based in Sweden. In this series we aim to cover everything we learn about Windows 365 and share it with you to help you to deploy it safely and securely within your own organization. In Part 1 we introduced you to Windows 365, selecting the right edition with the level of management that you need, choosing the plan that suits your users needs at a cost you can afford, or modifying the configuration to make it more suited to your individual needs, purchasing licenses and saving money for your organization via the Windows Hybrid Benefit. In Part 2 you learned how to provision an Azure Ad joined Cloud PC and take a look at the different network options available when provisioning an Azure Ad joined Cloud PC. In Part 3 you learned about the steps needed to successfully provision a Hybrid Azure Ad Joined Cloud PC. Below you can find all parts in this series: Getting started with Windows 365 - Part 1. Introduction Getting started with Windows 365 - Part 2. Provisioning an Azure Ad Joined Cloud PC Getting started with Windows 365 - Part 3. Provisioning a Hybrid Azure Ad Joined Cloud PC Getting started with Windows 365 - Part 4. Connecting to your Cloud PC <- you are here Getting started with Windows 365 - Part 5. Managing your Cloud PC Getting started with Windows 365 - Part 6. Point in time restore Getting started with Windows 365 - Part 7. Patching your Cloud PCs with Windows Autopatch Getting started with Windows 365 - Part 8. Windows 365 boot Getting started with Windows 365 - Part 9. Windows 365 switch Getting started with Windows 365 - Part 10. Windows 365 offline In this part we'll cover the following: Connections available Windows 365 app Remote desktop client Web browser Windows Installing the Remote Desktop client Subscribe to the Cloud PC Accessing remote desktop features Windows 365 app macOS Installing the Remote Desktop client Adding a workspace Accessing remote desktop features iOS (iPad/iPhone) Installing the Remote Desktop client Adding a workspace Accessing remote desktop features Android Installing the Remote Desktop client Adding a workspace Accessing remote desktop features Linux Related reading Summary Connections available At the time of writing you can connect to your Windows 365 Cloud PC using the following methods: Using the Windows 365 app (Windows 11, Windows 10 coming soon) Using a Remote Desktop client (Windows, Mac, Android, iOS) Using a HTML 5 capable web browser (Windows, Mac, Android, iOS, Linux, ChromeOS) Windows 365 app The Windows 365 app is currently Windows 11 only and available for download via the Microsoft Store. Search for Windows 365, get the app and click Open once done. In later versions of Windows 11 it'll come bundled as a built-in app and Windows 10 support is coming. The Windows 365 app was introduced during the Microsoft Ignite 2022 Keynote (by Satya Nadella) and it allows a seamless way of connecting to your Cloud PC. There's no need to copy a subscribe URL, just login and your Cloud PC is available. The app can be launched from your start menu or taskbar. For a deeper look at the Windows 365 app (which is still in preview) please click here. Currently the capabilities are not yet on par with the Remote Desktop client but we think that'll change soon. Remote desktop client If you are using Windows, macOS, Android or iOS device then there are remote desktop apps available to download for those devices. At the time of writing the Remote Desktop app is the most feature rich method of connecting to your Cloud PC but it's not without issues, for example on iOS, macOS and Android, you have to copy the subscribed URL and add that to your workspace, it's not automatic. Using the Remote desktop agent will give you the power to use multiple monitors (up to 16 with Windows/macOS) and other hardware, as detailed in the following table. Web browser To access your Cloud PC from any device using a web browser, navigate to https://windows365.microsoft.com using the credentials of a user that has been assigned a provisioned Cloud PC. Click on Open in browser to launch the connection using your web browser. Even though the web browser connection method allows you to connect to your Cloud PC from practically any device, your abilities in that session are limited. Below is a table showing redirection of various devices using different connection methods, look at what the web browser is missing compared to the remote desktop app. For example, when using a web browser, you won't have the same fine control that you have with the Remote Desktop client or via the Windows 365 app. Not only that but things like multi-media redirection or multi-monitor support or using a web camera to enable video for Teams meetings won't be an option if you choose the web browser as the method of connection. To get the most out of your Cloud PC and to use the hardware features of the computer (or tablet/phone) that you are accessing it from, you'll need to install a Remote Desktop client agent or use the Windows 365 app (currently Windows 11 only). You can see the other available connection options by clicking on the download icon shown below. The web page automatically detects the operating system you are running and highlights a suitable client agent if one exists for that operating system. Windows We've already covered the connection types available for Windows in the Connections Available section above, as Windows can handle all three connection methods with ease. To summarize, Windows can connect to Cloud PCs using Windows 365 app (Windows 11 currently, but Windows 10 coming soon) Remote Desktop client Web browser Installing the Remote Desktop client To install the Remote Desktop client for Windows, go to https://windows365.microsoft.com, click on the download icon and select the download for the architecture matching your version of Windows. That will allow you to install the Remote Desktop client. Subscribe to the Cloud PC Once installed you'll need to Subscribe to your Cloud PC. To do that, click Subscribe and enter your Cloud PC credentials. Once you have subscribed to your workspace, your Cloud PC will be listed in the Remote Desktop client. Note: It is also possible to also add the feed URL to a "_msradc" DNS entry to automate the feed discovery for a domain. See the following for more info. Thanks to @novafunction Accessing remote desktop features You can configure settings by right clicking the Cloud PC. You'll get access to settings allowing you to (for example) configure multiple monitors. Multiple monitors are great with Windows 365 (up to 16 supported with Windows/macOS) Windows 365 app If you want the easiest/seamless experience, go for the Windows 365 app but keep in mind that it's still in preview at the time of writing so is subject to change. For an in-depth look at the Windows 365 app (which is still in preview) please click here. macOS Apple's macOS computers are very popular indeed especially with the Apple silicon (M1/M2) chipset. There are two options of connecting to your Cloud PCs from macOS, by using a web browser session or via the Remote Desktop client. Note that web browser session lacks the same abilities as the Remote Desktop client. To access the web browser session, simply open your web browser to https://windows365.microsoft.com and login using the credentials of a user that is licensed to use a provisioned Cloud PC. Installing the Remote Desktop client The Remote Desktop client is available in the Mac App Store. To easily find the download, click on the download link and you'll see the Microsoft Remote Desktop for Mac download link. It will be highlighted as shown in the screenshot below. click on Go to Mac App Store and get the app. The Microsoft Remote Desktop app will launch after installation is complete. Adding a workspace After the app is installed, you'll need to add a workspace. To do that, go back to the web browser session and copy the subscription URL. Then in the app click on the + drop down menu and select Add Workspace. paste in the subscription URL and enter your Windows 365 Cloud PC credentials when prompted. Once done adding the workspace your Cloud PC will be listed in the app. Accessing remote desktop features To access or change the Remote Desktop app features, you'll need to right click the Cloud PC icon in the app (2 fingers on the touch pad). This brings up a drop-down menu with 2 options Connect Edit Select Edit to review or change the connection settings. Next, place a check mark in the box beside your Cloud PC name (by default it's not checked). and this brings up the settings you want to see/change. For example, to add a folder on your Mac for copying files, select Folders and add it as appropriate, it will then appear in Windows File Explorer on your Cloud PC. macOS can also use multiple monitors via the Remote Desktop client, if you want to see that in action click here. iOS (iPad/iPhone) With iOS you have two options of connecting, namely a web browser session and the Remote Desktop client. Keep in mind that the web browser session lacks the same abilities as the Remote Desktop client. Installing the Remote Desktop client For more features use the Remote Desktop client which is available in the App Store. If you browse to https://windows365.microsoft.com and login using the credentials of a Cloud PC user that has a Cloud PC provisioned, you'll see that Microsoft Remote Desktop for iOS is highlighted, and it links to the App Store. clicking on that link opens the App Store. Click Get and install the app. you'll get a few prompts, answer them as appropriate. and Adding a workspace After the app is installed, you'll need to add a workspace. To do that, go back to the web browser session and copy the subscription URL. In the Remote Desktop client, click on Add workspace and paste in the copied subscription URL. Click Next and enter your credentials when prompted. The Cloud PC will be listed in your Workspaces. Accessing remote desktop features After launching the Cloud PC from the Remote Desktop client, you'll notice a toolbar at the top of the screen (screenshot from iPad). There's a magnifier icon to zoom in on sections (useful on a small screen) and a keyboard icon to get a virtual keyboard. Clicking the Remote Desktop icon in the center brings up some additional options. It's useful to note that the touch icon gives you easy control of the mouse pointer, but if you have a Bluetooth mouse connected to your iPad you can use the mouse icon. We tested a Teams video meeting from the iPad Cloud PC and it worked, and streamed video via the iPad camera as you can see here. You can always verify what settings are enabled for the Remote Desktop client in the iPad/iPhone settings. Android (tablet/phone) We also tested connecting to Cloud PCs from Android phones and an Android tablet. You can again access your Cloud PCs via a web browser or via a Remote Desktop client. You'll need a recent release of Android OS however to run the Remote Desktop client. Installing the Remote Desktop client To download the Remote Desktop client, you can get it directly from the Windows 365 web page shown below by clicking on the link or download it from Google Play Store. After installing the Remote Desktop client, you'll be prompted to allow audio etc. Adding a workspace Once again, as with other supported operating systems, you have to subscribe to a workspace URL in order for this to work as simply downloading the app is not sufficient. Copy the URL by clicking on Get subscription URL in the web page. Click on the + symbol, then select Add workspace, Paste in the subscription URL copied from the windows365 web page. Approve the MFA request, and the Cloud PC will appear in the client. Accessing remote desktop features It became obvious quite quickly that Android did not support video (camera) for Teams meetings (or anything else), even with the Remote Desktop client. keep that in mind if you intend to support Android devices for Windows 365. Apart from that missing feature, it acted quite like the iOS equivalent with a toolbar at the top of the screen and worked well in our tests. Linux Niall has taken a look at accessing Windows 365 Cloud PC's using a web browser in various Linux distros here. Linux based Windows 365 support is via a web browser connection, meaning that you are limited to what that provides (no video meetings for example). Related reading Redirection options with Remote Desktop - Remote Desktop - compare the client apps redirections | Microsoft Learn Multi-monitor support - https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/windowsdesktop Multi-media redirection - https://learn.microsoft.com/en-us/azure/virtual-desktop/multimedia-redirection?tabs=edge Using multiple monitors with Windows 365 - https://www.windows-noob.com/forums/topic/23081-how-can-i-use-multiple-monitors-with-windows-365/ Configure DNS Feed Lookup for RemoteApp and Desktop Connections - https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831442(v=ws.11)#configure-dns-feed-lookup-for-remoteapp-and-desktop-connections Summary Using a Windows 365 Cloud PC gives you the power to get your work done anywhere via the operating system of your choice. We did note some short comings such as the lack of a Remote desktop client from Microsoft for the Linux OS and the lack of video support in the Remote Desktop client for Android. Web based sessions can only do so much and the lack of these features on Linux/Android will leave you with the inability to host video meetings in Teams, Webex or Zoom, so keep that in mind if it's important to you.

what exactly are you trying to accomplish ? you can use shutdown events in event viewer to trigger a scheduled task to run a powershell script, that would probably be better, but even so, when a computer starts shutting down, it shuts down services etc that you might need, so again, what are you trying to solve here ?

Introduction Cloud PCs can come in certain preset configurations based on templates, or you can choose to customize your own. Sometimes you may find that a Cloud PC is not powerful enough for a user, or is too powerful and not being used to it's full potential (low utilization). With the Windows 365 Cloud PC resize (preview) remote action you can resize low utilization (or high utilization) PCs on the fly to get the most out of your investment. Identifying low utilization You can now identify low utilization on Windows 365 Cloud PCs in the Intune portal directly. In the Devices overview click on the Cloud PC performance (preview) tab highlighted here. This will reveal Cloud PCs with connection quality issues or Cloud PCs with low utilization. clicking on View report under Cloud PCs with low utilization reveals more data. You can see the Total time connected and even the Days since last sign-in which easily gives you an idea of how often your Cloud PCs are used and when they were last used. Clicking on any of the devices will reveal even more data. Below is the overview of one of our low utilization devices. Notice the Performance (preview) option. clicking on Performance (preview) reveals data about it's utilization. And you can dig deeper by clicking on any of the three highlighted reports. for example, in the Time connect to device report, we can see how long a user was actively connected to the Cloud PC over a given period (7 days/28 days) You can use this data to help decide which Cloud PCs are low utilization and based on that resize them to a more cost efficient model. Resizing Cloud PC requirements You'll need one of the following (or custom equivalent) roles: Global Admin Intune Service Admin Intune Reader + Cloud PC Admin roles The Cloud PC must have a status of Provisioned in the Windows 365 provisioning node The Resize remote action supports the following licenses paid preview trial Note: Resizing isn’t supported for Cloud PCs provisioned through group-based licenses. Resizing is only supported for Gen 2 Cloud PCs. I've asked Microsoft PG to explain how we can determine the Generation (Gen 1 versus Gen 2) of a Cloud PC and will update this blog post when they reply. The Resize remote action Now that you've identified a Cloud PC to resize you are ready to perform that action, but before you do it would be a good idea to communicate this to your end user as the resize action will logoff any logged on user. Not only will it logoff the user but that action will not send any notification to the end user on the Cloud PC itself, nothing will popup on the device it will just shutdown. Depending on how the user is connected to the device they might even see the following shortly after the device has shutdown. In the Intune Portal, select the Cloud PC you intend to resize and you'll see the Resize (preview) option. Clicking Resize (preview) brings up available resize options, note that you can resize up or down (the resize down was added based on customer feedback, so yes Microsoft does listen to feedback). Note: You can submit feedback for anything Windows 365 related via https://aka.ms/w365feedback. I have one license available for 4 vCPU, 16GB ram so I'll select that (it's actually an upgrade, but let's give it a test). Here is the current spec of my Cloud PC (8GB ram, 2vCPU). The specs of your existing Cloud PC that you intend to Resize are listed in your Resize options also under the Current size heading. Select a resize option that is available to you and then click Resize. Note that if you click a SKU upgrade that isn't available then you'll get a red warning informing you of that. You'll be prompted to confirm the resize operation, and have to click Resize for a third time. In the Intune portal you'll get a notification that the remote action was started Back in the Intune portal, the resize option is now greyed out for the selected Cloud PC and the status has changed to Resize pending. You can probably refresh this view in Intune for a few minutes/hours, but I got impatient and attempted to RDP back to the device. To my surprise it was already resized, however the RDP session was not yet aware of that. Side note: That disk sure looks busy after the resize ? It did calm down shortly after, but it's probably worth keeping in mind that directly after a resize things might need a few minutes to stabilize. At this point, I went back to Intune and refreshed, and now it updated the remote Resize (preview) action to Completed. However, it still listed the old specs under Device Model. This may change after a hardware inventory is sent back to Intune but I did trigger a SYNC and it's still wrong. Update: After checking the same device the following morning in Intune, it correctly reports the Device Model. If you look at Provisioned PC's, the data there is correct and it shows the new size under PC Type. Licenses As part of the resize the affected user is moved from their current Cloud PC license, to a valid license for the target model. In the resize done previously where we resized a Cloud PC from 2vCPU 8GB Ram to 4vCPU 16GB Ram, the license involved would move from one Cloud PC type to the other, below is a screenshot of the licenses before the resize. Notice how there is one 'free' license available in the Windows 365 Enterprise 4 vCPU, 16 GB, 128 GB. and below is what those same licenses look after the resize is complete. Actually, the license move happens right at the beginning of the operation and if there are no licenses available the resize operation will fail in the Intune portal. I have got to admit the Resize remote action was impressive, and very fast, but I'd like to see some improvements however such as: Custom email notification (to user/group/admin about the resize about to occur) Customizable ALERT toast notification sent to the user warning them to save their data Custom alert/email sent to user/admin notifying them that the resize is completed or if there was an issue, describe it that was it for this blog post, see you in the next one If you'd like to get started with Windows 365, checkout our brand new series here. cheers niall