Terminal Service Agent with Azure Virtual Desktop

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Terminal Service Agent with Azure Virtual Desktop

L0 Member

Our organization is moving away from Citrix VDI and exploring Azure Virtual Desktop (AVD).  One of Security's requirements is that we get userID from the endpoints. We have successfully installed the TS Agent on the AVD and can get UserID; no issues here. 

The challenge we have is that our Desktop team is planning to dynamically stand up and tear down AVD machines, and would like to have the ability to add/remove TS Agent entries on the firewall via API. -which we have done successfully. the problem is that granting them access to add/remove TS Agent entries into the config also allows them to add/remove other configuration. therefore giving them write access to the firewall is not possible. 

I am looking for a way to dynamically add/remove TS Agents into the config, ideally via API or CLI, without them having more access than needed.  Or, if there is a way to have a 'range' of IPs for the TS Agent configuration. 

 

Thanks

Marcelo

 

3 REPLIES 3

L1 Bithead

Did you come up with a solution for this? 

sort of. We have a script that performs the add/remove TS Agent entries and only allow the other team to call the script remotely with their variables (IP entries). we also monitor the account for what it commits. 

L1 Bithead

I assume you are using the PAN API for this. Can you share the script? 

  • 1628 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!