Microsoft Azure Virtual Desktop
  • 24 Nov 2023
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Microsoft Azure Virtual Desktop

  • Dark
    Light
  • PDF

Article Summary

This connector type allows you to set up a connection to Microsoft Azure Virtual Desktop (ARM or legacy) to import the applications defined there as ready-to-use applications within Liquit Workspace for distribution.

Prerequisites

  • A Microsoft Entra ID (Azure AD) username and password to connect to Microsoft AVD.
  • A template type credential within the Liquit Credential Store that can provide the username for the Remote Desktop application. A common format for the username is "${Identity.UserName}".

For more information about the Overview, Entitlements, Synchronization Profile, Releases and Managed packages screens, see Connectors.

Settings screen

Scope - The type of resources that will be synchronized.
Username - The username which will be used to import the applications; it should be a Microsoft Entra ID (Azure AD) UPN. The identity needs to have permission to read all the desired applications and desktops.
Password - The password of the username.
Application ID - The Azure application ID that should be used for authentication (applies only to ARM resources).
Client secret - The Azure application client secret that should be used for authentication (applies only to ARM resources).

Package
Network Credentials - The template type credential within the Liquit Credential Store that will be used to start up the Remote Desktop application.
Install dependency - Adds an install dependency to the managed packages.
Use web client when no agent is present - If selected, the RDP file is downloaded or the web client is opened in a web browser when no Agent is present.

Azure Resource Manager

Before AVD ARM resources can be synchronized, make sure the desired applications are registered within the Microsoft Entra ID (Azure AD) and have the "Windows Virtual Desktop" - "User.Access" API permissions. A registered application can be for example the Liquit Workspace application, which is also used for a Microsoft Entra ID (Azure AD) identity source.

Adding permissions

  1. Navigate to the desired registered application within the Azure Portal.
  2. In the left pane, navigate to Manage > API permission.
  3. Click Add Permission and then go to the APIs my organization uses tab.
  4. Choose Windows Virtual Desktop with the Application ID "9cdead84-a844-4324-93f2-b2e6bb768d07".
  5. Go to the Delegated permissions tab and select the User.Access.

image.png

  1. Click on the Grant admin consent for {your tenant}. It can take up to an hour before these settings take effect in Microsoft Entra ID (Azure AD).

For more information about granting API permissions in Azure Portal, see Microsoft documentation.


Was this article helpful?