cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Terminal Service Agent with Azure Virtual Desktop

L0 Member

Our organization is moving away from Citrix VDI and exploring Azure Virtual Desktop (AVD).  One of Security's requirements is that we get userID from the endpoints. We have successfully installed the TS Agent on the AVD and can get UserID; no issues here. 

The challenge we have is that our Desktop team is planning to dynamically stand up and tear down AVD machines, and would like to have the ability to add/remove TS Agent entries on the firewall via API. -which we have done successfully. the problem is that granting them access to add/remove TS Agent entries into the config also allows them to add/remove other configuration. therefore giving them write access to the firewall is not possible. 

I am looking for a way to dynamically add/remove TS Agents into the config, ideally via API or CLI, without them having more access than needed.  Or, if there is a way to have a 'range' of IPs for the TS Agent configuration. 

 

Thanks

Marcelo

 

Who Me Too'd this topic