Windows 365 & ZScaler : Session disconnects at user login - Solution

When user logs in for the first time in their windows 365 cloud pc using windows app, it logs in and within few seconds the session gets disconnected and goes to retry counter and keeps on trying to reconnect. After closing the windows app and retrying again, the cloud pc gets connected fine. When checked, this was caused by the zScaler VPN. 

Below article explains in depth as why zScaler and other VPN cause this issue at first cloud pc login.

Reference: https://techcommunity.microsoft.com/t5/windows-365/optimizing-rdp-connectivity-for-windows-365/m-p/3554327

Download the Powershell script from here and run it to fetch the Ip addresses in a csv format as per the article.

After that copy the Ip addresses from the csv file and In the Zscaler Client Connector Portal go to ‘App Profiles’ then choose the policy to be applied to the Cloud PCs and click Edit 

In the App Profile, paste the IP addresses from the csv into the ‘HOSTNAME OR IP ADDRESS BYPASS FOR VPN GATEWAY’ field and click the plus sign and the IP addresses should be successfully added to the configuration.

Also add the below two IP that is used for critical communication to the Azure fabric in the configuration too.

169.254.169.254 - Azure Instance Metadata Service endpoint
168.63.129.16  - Cloud PC Health Monitoring

Once done, on the zScaler client connector go to More - About - click on update policy. Once done, the new app profile policy will be applied. 

After this, when you close and reopen the windows app and connect to the windows 365 cloud pc, the disconnects at first login should be disappeared and the connection should be constant.

Major point to note is that the Gateway address changes once in every month and so we have to run the script to obtain any new IP address and add it again to the ZScaler App profile policy.

Reference: https://techcommunity.microsoft.com/t5/windows-365/optimizing-rdp-connectivity-for-windows-365/m-p/3554327

https://community.zscaler.com/s/question/0D54u0000AA0livCQB/windows-365-cloud-pc-disconnecting-on-first-login-after-reboot

Windows 365 : Exploring the User Experience Monitor Section for w365 Cloud PC in Intune

Recently I was asked from quite some enthusiast who are new to Windows 365 as how they can measure cloud pc’s user experience. There are several reports available for each use cases like below options.

In Addition to the above, Microsoft Intune also offers IT administrators comprehensive tools to monitor and manage Windows 365 Cloud PCs. The User Experience section, located under the Monitor tab for each Cloud PC, provides a detailed view of device performance and end-user satisfaction similar to other device reporting.

It also provides essential tools for IT administrators to ensure a seamless user experience. This section offers detailed insights to enhance device management, from tracking performance metrics and startup processes to monitoring battery health and application reliability.

First click on Devices and navigate to windows 365 and select the cloud pc. Under monitor section you can see the User experience tab.

This blog explores the various tabs within the User Experience section, explaining what each feature offers and how they can enhance the management of Cloud PCs

1. Endpoint Analytics

The Endpoint Analytics tab offers insights into the overall health and performance of the Cloud PC from the user’s perspective. This data helps IT administrators identify and resolve performance bottlenecks.

Key Metrics:

• Score Overview: A comprehensive score reflecting the device's overall health and user satisfaction.
• Device Performance Trends: Tracks key indicators like boot times, responsiveness, and reliability.
• Comparison Benchmarks: Enables comparison of Cloud PC performance against organizational or global benchmarks.

Reference: Scores, baselines, and insights in Endpoint Analytics - Microsoft Intune | Microsoft Learn

Benefits:

• Pinpoint underperforming devices.
• Proactively address issues affecting user satisfaction.
• Continuously improve user experience based on actionable insights.

2. Startup Performance

The Startup Performance tab evaluates the time and processes involved during device startup.

Details Provided:

• Boot History: Tracks the boot times of the device over time to identify trends or anomalies.
• Sign-In History: Monitors user login times to detect delays during the authentication process.
• Top 10 Impacting Startup Processes: Lists the processes that significantly affect startup time.
• OS Restart History: Provides details on operating system restart patterns and their durations.

Reference: Startup performance in Endpoint Analytics - Microsoft Intune | Microsoft Learn

Benefits:

• Identify and resolve slow startup processes.
• Optimize configurations for quicker logins and system boots.
• Enhance user productivity by minimizing delays during device startup.

3. Application Reliability

This section monitors the stability and reliability of applications running on the Cloud PC.

Details Provided:

• App Crash Reports: Identifies applications with frequent crashes and their causes.
• App Responsiveness: Measures the speed and efficiency of app interactions.
• Usage Trends: Shows patterns of app usage and their reliability over time.

Reference:Application reliability in Endpoint analytics - Microsoft Intune | Microsoft Learn

Benefits:

• Quickly identify problematic applications.
• Improve user satisfaction by addressing app stability issues.
• Monitor usage trends to prioritize application support or updates.

4. Resource Performance

The Resource Performance tab focuses on system resource utilisations and spikes that may impact user experience.

The resource performance score indicates how well CPU and RAM are matched to its current use. You can also refer to the insights and recommendations to learn how to improve scores for the cloud pc device.

Details Provided:

• CPU Spike Time Score: A score indicating the stability of CPU performance.
• RAM Spike Time Score: A score representing memory utilization efficiency.
• CPU Spike Time History: A 14-day trend of CPU spikes and their causes.
• RAM Spike Time History: A 14-day analysis of memory usage patterns.

Benefits:

• Detect resource bottlenecks impacting Cloud PC performance.
• Plan proactive measures to optimize resource usage.
• Improve device stability and responsiveness for end users.

5. Work From Anywhere

This section evaluates the device's readiness for remote work and hybrid scenarios by providing scores for key capabilities.

This report shows the ability for your employees to work from anywhere and be productive and also offers insights on how you can prepare the device to be productive from anywhere.

You can also refer to the insights and recommendations to learn how to improve scores for the cloud pc device.

Refer Work from Anywhere Report 

Details Provided:

• Work From Anywhere Score: An overall score summarizing the device's ability to support remote work.
• Capability Scores: Individual scores for critical enablers, such as:
  • Windows
  • Cloud Identity
  • Cloud Management
  • Cloud Provisioning

Benefits:

• Identify and address gaps in remote work readiness.
• Ensure optimal performance for remote users.
• Provide actionable insights to improve hybrid work capabilities.

6. Battery Health Experience

This tab provides a detailed view of battery performance for physical devices linked to the Cloud PC.

Details Provided:

• Battery Health Score: Overall assessment of battery condition.
• Battery Health Details: Specific metrics, such as charge cycles and efficiency.
• Top Interactive Apps Consuming Battery: Applications using the most battery during active usage.
• Top Non-Interactive Apps Consuming Battery: Background applications with significant battery usage.
• Estimated Runtime Trends: Insights into how long the device can operate under typical usage conditions.

Benefits:

• Proactively identify and replace degrading batteries.
• Optimize app usage to extend battery life.
• Enhance user productivity by minimizing battery-related issues.

7. Device Timeline

The Device Timeline tab provides a chronological record of significant events and changes on the Cloud PC.

Device timeline allows you to view events for a device when you're troubleshooting user experience-impacting issues.

Details Provided:

• Updates Installed: History of OS and application updates applied to the device.
• Application Installations: Records of newly installed or updated apps.
• Policy Changes: Logs of security, compliance, and configuration policy changes.

Benefits:

• Troubleshoot issues by reviewing recent changes or configurations.
• Maintain compliance by monitoring device activity.
• Gain a clear understanding of the Cloud PC’s lifecycle.

Reference: Enhanced device timeline

By leveraging these, organizations can proactively identify and address issues, optimize resources, and ensure their Cloud PCs deliver consistent and reliable performance for end users.

Whether you’re an IT admin or an end-user looking to maximize the potential of Windows 365, the User Experience section is an invaluable resource for maintaining productivity and satisfaction.

Windows 365: How to use Bulk device actions command directly on the Cloud PCs that aren't available report

Managing Cloud PCs has become more efficient with the introduction of applying Bulk Device Actions directly on the Cloud PCs that aren't available report. 

Check for the official Windows 365 What's New reference here.

This feature allows administrators to perform actions like restoring, restarting, troubleshooting, and cross-region disaster recovery options directly from the report.

For detailed guidance about the report, visit: Cloud PCs that aren't available report.

Key Considerations:

• The report reflects conditions from the past 5 to 15 minutes, meaning some Cloud PCs listed may have already recovered or new issues may not yet appear soon. 

Using Bulk Device Actions:

1. Sign in to Microsoft Intune:

• Navigate to Reports > Cloud PC Overview > Cloud PCs that aren't available.

2. Apply Filters (Optional):

Narrow down the report data to focus on specific Cloud PCs. 

3. Select Cloud PCs:

• Select the cloud pc's that need to be actioned.
• You can choose up to 100,000 devices for bulk management.

4. Perform Actions:

• Navigate to Bulk device actions and select the desired action. 

5. Complete Action Steps:

• Follow the prompts to finalize the chosen action.

6. Processing Time:

• Completion time varies based on the action type and number of devices.

7. Report:

• You can check the status of the action by checking in the Bulk batches tab in the Cloud Pc Actions report.

These enhancements make managing large-scale Cloud PC environments more effective and less time-consuming.

So why wait,  go and explore now 🔜

Windows 365: Introducing Granular Move Enhancements for Cloud PCs

 Earlier I had blogged about how to move cloud pc's here. 

Today managing Cloud PCs just got more flexible and efficient with the introduction of granular move enhancements in Windows 365. These updates empower administrators to manage Cloud PC provisioning with greater control, enhanced visibility, and streamlined processes.

 Let’s dive into the key features and steps to implement these improvements.

What’s New in Cloud PC Management?

1. Flexible Batch Moves
   Previously, administrators were required to move all Cloud PCs tied to a specific policy at once. The granular move enhancement changes this by allowing smaller, more manageable batches of up to 100 devices to be moved at a time. This flexibility is particularly beneficial for phased rollouts or targeted policy updates.

2. Enhanced Tracking and Reporting
   Admins can now track and monitor the progress of bulk Cloud PC moves in real-time. The Cloud PC actions report bulk batches tab provides insights into the progress, success or failure status, and time elapsed for each batch move operations. This enhanced visibility simplifies troubleshooting and ensures smoother transitions during policy updates.

3. Winodws 365 Move now supports front line cloud pc's too. 

How to Move a Subset of Cloud PCs

Here’s a step-by-step guide to leveraging granular moves:

1. Access Provisioning Policies

• Sign in to the Microsoft Intune admin center.
• Navigate to Devices > Windows 365 (under the Provisioning section) > Provisioning policies.
• Select the policy you want to modify.

2. Update Join Type Details

• Under the General tab, select Edit.
• Modify the join type settings based on the current configuration:
  • Hybrid Microsoft Entra Join: Update the Azure Network Connection (ANC).
  • Microsoft Entra Join:
    • Switch the network type between ANC and Microsoft-hosted network.
    • Adjust the Geography or Region for Microsoft-hosted networks.
    • For Azure network connections, update the ANC.
• Click Next and select Update to save changes.

3. Apply Changes to Selected Cloud PCs

• Once the new configuration is ready, click Apply this configuration.
• In the confirmation dialog, select Region or Azure network connections for select devices (preview) and then choose Apply.

4. Select Cloud PCs for Migration

• Under Select devices (preview), choose the specific devices to move.
• You can select up to 100 devices in one batch.
• Click Select, then Continue to initiate the migration.

Why These Enhancements Matter?

The granular move and tracking features bring multiple benefits:

• Efficient Resource Management: Moving smaller batches reduces downtime and ensures smoother transitions.
• Real-Time Insights: Detailed reporting allows admins to stay informed throughout the process, helping to identify and resolve issues promptly.
• Customized Deployments: Flexible migration paths make it easier to align Cloud PC provisioning with evolving organizational needs.

By empowering administrators with more control and visibility, Windows 365 continues to enhance the Cloud PC management experience. Start exploring these new features today to streamline your workflows and maximize productivity!