Microsoft Endpoint Manager (Intune) currently supports Windows 10/11 personal (1:1) desktops and now alsoWindows 10 multi-session. Windows 10/11multi-session is a much more cost-effective approach to hosting virtual desktops, and at least for our customers, the most common deployment approach.
Intune will provide a single pain of glass to manage all your physical and virtual desktops, thus simplifying management.
A quick side note on Windows 10 / 11 Enterprise multi-session
Windows 10 / 11 Enterprise multi-session is a Remote Desktop Session Host exclusive to Azure Virtual Desktop on Azure. It provides the following benefits:
- Allows multiple concurrent user sessions
- Gives users a familiar Windows 10 / 11 experience
- Supports the use of existing per-user Microsoft 365 licensing
Manage Azure Virtual Desktop with Intune: Generally Available
Manage Azure Virtual Desktop with Endpoint Manager where you have VM’s that are:
- Running Windows 10 / 11 Enterprise, version 1809 or later
- Hybrid Azure AD-joined
- Set up as personal (1:1) remote desktops in Azure or multi session.
- Enrolled in Intune in one of the following methods:
- Auto enrollment through hybrid Azure AD
- Configuration Manager co-management
- User enrollment via Azure AD Join
Intune treats Azure Virtual Desktop personal VM’s the same as Windows 10/11 Enterprise physical desktops. Therefore, you can use your existing configurations.
Manage Azure Virtual Desktop with Endpoint Manager: Public Preview
Manage Azure Virtual Desktop with Endpoint Manager and Windows 10 / 11 Enterprise multi-session VM’s. At the time of writing, these are the requirements:
- Windows 10 Enterprise multi-session, version 1903 or later
- Hybrid Azure AD-joined – see Active Directory Options Demystified
- Set up as virtual desktops in pooled host pools in Azure
- Azure Virtual Desktop agent version of 2944.1400 or later
- Enrolled in Microsoft Endpoint Manager using one of the following methods:
- Configured with Active Directory group policy, set to use Device credentials, and set to automatically enrol devices that are Hybrid Azure AD-joined. The preview only supports enrollment via group policy if you’re using a single MDM provider
- Configuration Manager co-management
Windows 10 / 11 multi-session VM’s are treated as a separate OS edition and some existing Windows Enterprise configurations are not supported. When managing Windows 10 / 11 multi-session VM’s you must use device-based configurations (user-less enrollment This means only policies defined in the OS scope and apps configured to install in the system context can be applied to Windows Virtual Desktop multi-session VM’s. Additionally, all multi-session configurations must be targeted to devices or device groups. User scope policies are not supported at this time.
For more information see Microsoft’s documentation.