If you are using Azure Virtual Desktop (AVD), you may already know you can redirect the clipboard to allow data transfer (plain text, image, rich or HTLM data) between client and Azure Virtual Desktop session.
Well, good news as now you can also manage this clipboard redirection using Intune, helping device administrators to ensure data is protected.
To enjoy this new Intune management capability, you need to meet the following prerequisites:
- Host pool RDP properties must allow clipboard redirection, otherwise it will be completely blocked
- Windows 11 Enterprise or Enterprise multi-session, version 22H2 or 23H2 with the 2024-06 cumulative update (KB5039212) or later installed
- Windows 11 Enterprise or Enterprise multi-session, version 21H2 with the 2024-06 cumulative update (KB5039213) or later installed
- Windows Server 2022 with the 2024-07 cumulative update (KB5040437) or later installed
- Azure Virtual Desktop session host enrolled in Intune (obviously as you are going to manage the redirection using Intune configuration profile)
Once you have meet the prerequisites, connect to your Intune portal https://intune.microsoft.com to create (or edit) a device configuration profile targeting the AVD session host.
There, use a Settings catalog profile type to configure the clipboard redirection settings available under Administrative templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection using one of the available options:
- Device scope settings:
- Restrict clipboard transfer from server to client
- Restrict clipboard transfer from client to server
- User scope settings:
- Restrict clipboard transfer from server to client (User)
- Restrict clipboard transfer from client to server (User)