How to Manage Azure Virtual Desktop (WVD) With Group Policy

If you have Azure Virtual Desktop (formally WVD) running in Azure, you can centrally manage all hosts configuration using Group Policy.

This post will show you how to manage WVD using Active Directory Group Policy.

If your WVD deployment has Azure Active Directory Domain Services (Azure AD DS), you can control and manage the configuration of hosts with Group Policy Objects (GPOs).

Install GPMC

To manage GPOs in WVD, we need to install the Group Policy Management Console (GPMC) inside one WVD host. To install GPMC, you will need to be a member of the AAD DC Administrators group (Azure AD).

Once you have the necessary permissions, log in to WVD, open the PowerShell console as an administrator, and run the following commands.

The first command will install the GPMC, and the second command will install Active Directory Users and Computer console.

Add-WindowsCapability -Online -Name Rsat.GroupPolicy.Management.Tools~~~~
 Add-WindowsCapability -Online -Name  Rsat.ActiveDirectory.DS-LDS.Tools~~~~

Once the console is installed, you can start managing the default GPOs with WVD or create new ones. You can open the GPMC from the Windows 10 administrative tools section.

Below are all the default GPOs that comes with WVD. You can edit them or delete them if needed; however, you need to make sure you open GPMC using the Run as Administrator open.

If your WVD deployment is part of a Hybrid configuration where you have a local Active Directory forest with Azure AD Connect, you will need to manage the GPO from your local forest.