Due to security measures, organisations will want to restrict clipboard restrictions (copy-paste) from the cloud pc to base laptop but allow copy-paste to work from base laptop to cloud pc. In this case, how can we achieve this??
The Intune July update (service release 2407) now supports the Clipboard redirection in the settings catalog.
What is Clipboard redirection?
Clipboard redirection in windows 365 cloud pc's permits users to copy and paste various types of content, such as text, images, and files, between their local device and the remote session in both directions. To enhance security and prevent potential data leaks or the transfer of harmful files, you might consider restricting the clipboard functionality for users/Device.
Administrators have the flexibility to control clipboard usage by determining whether data can be transferred from the session host(windows 365) to the client or from the client to the session host, and also specifying the types of content to be allowed.
Pre-Reqs: Configure the clipboard transfer direction in Azure Virtual Desktop | Microsoft Learn
To do this, open Intune portal and navigate to Devices > Manage devices > Configuration > Create > New policy > Windows 10 and later for platform > Settings catalog.
In the settings catalog, open Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection
The below settings options are available for both Device and User.
- Restrict clipboard transfer from server to client - (w365 to base device)
- Restrict clipboard transfer from server to client (User)
- Restrict clipboard transfer from client to server - (Base device to w365)
- Restrict clipboard transfer from client to server (User)
- Restrict clipboard transfer from server to client/(User)- (w365 to base device) - Not configured or enabled, users can copy paste from w365 cloud pc to the base device.
- Restrict clipboard transfer from client to server/(User) - (Base device to w365) - Not configured or enabled, users can copy paste from the base device to the w365 cloud pc.
- Restrict clipboard transfer from server to client
- Restrict clipboard transfer from client to server
- Disable clipboard transfers from session host to client, client to session host, or both.
- Allow plain text only.
- Allow plain text and images only.
- Allow plain text, images, and Rich Text Format only.
- Allow plain text, images, Rich Text Format, and HTML only.
Now, you can select the desired options from above and assign it to the user/device/groups in the Assignments section.
Once assigned, in the windows 365 cloud pc (Session Host), sync the device and reboot for the settings to take effect.
Powershell scripts:
https://github.com/app2pack/Windows365-Scripts
Reference: Configure the clipboard transfer direction in Azure Virtual Desktop | Microsoft Learn
If you are interested in understanding how redirection works between client π» and ☁ cloud pc's π» then check this detailed article.
https://learn.microsoft.com/azure/virtual-desktop/redirection-remote-desktop-protocol
No comments:
Post a Comment