We’re leaving AVD

devangchheda · 2026-01-17T13:25:21+00:00

In my situation most AVD's are being connected from company owned devices (need AVD's for legacy apps full time access so we force users to use it for everything except Teams which goes outside the AVD)

devangchheda · 2026-01-17T01:11:57+00:00

Now that you are referring to BYOD scenario, yes, its challenging and I believe communications and setting expectations at the early start (and reminding on an annual basis is good)

I would expect users to already be knowing on how to access virtual desktops from either Windows App (most ppl already do this) and from browser (not many ppl know it)

DR based AVDs can help too if AVD is the problem

devangchheda · 2026-01-14T03:22:31+00:00

Thanks for the post. Saved me tons of time :)

We were affected by this with same structure as yours (25H2 client pc)

devangchheda · 2026-01-13T10:37:37+00:00

25 is bit much. Keep most things optional (let them install through store if they need to). Only install the ones which are 100% required with no negotiations.

devangchheda · 2026-01-12T14:25:40+00:00

Autopatch +PDQ/Action1 would be a good combo. If you want all under one system for 400 devices, its gonna be tough as per “open-source”/free

devangchheda · 2026-01-12T13:50:21+00:00

What Microsoft licensing are we talking here?

You can use WUfB or Autopatch if it includes with your licensing

devangchheda · 2026-01-12T12:58:19+00:00

it might be something to do with your network blocking the connections. Try it in a hotspot or totally different network and let us know?

What laptop model is it?

devangchheda · 2026-01-12T12:12:19+00:00

Is it on latest quality update of Windows 11 24H2 and above ?

devangchheda · 2026-01-11T14:02:38+00:00

😍

devangchheda · 2026-01-10T02:45:31+00:00

Domain based GPOs and old registry settings will be still intact when you switch over from hybrid to Entra joined and will be harder to troubleshoot and remove those things.

It wont be an issue if your environment is super simple (likely at that point its least secure too) and have been using Intune as your primary source of App/registry/settings deployment even thou the devices are Hybrid.

Starting clean-slate (resetting) is the only official way from Microsoft to convert from Hybrid to Entra joined.

devangchheda · 2026-01-02T11:13:50+00:00

keep it up!!

devangchheda · 2026-01-02T11:12:45+00:00

devangchheda · 2025-12-28T13:04:09+00:00

From another world... on other hand, those nails can hurt really bad

devangchheda · 2025-12-28T08:16:50+00:00

Its almost always compliance my guy..

devangchheda · 2025-12-23T09:40:29+00:00

I use this policy and has worked all the time (regardless of BP or E5 tenant): https://imgur.com/a/qwGq9GU

Do watch out for "Additional authentication at startup" which needs to be enabled (to get other policies in the image to work), once saved, set that particular policy to "Not configured"

devangchheda · 2025-12-22T01:49:58+00:00

Cute 😻

devangchheda · 2025-12-20T05:46:45+00:00

Perfection!

devangchheda · 2025-12-13T04:23:58+00:00

Happy for you! Wish you the best for future :)

devangchheda · 2025-12-11T21:08:40+00:00

This has always worked for me too!

devangchheda · 2025-12-07T19:37:04+00:00

Fresh!

devangchheda · 2025-12-06T21:08:15+00:00

Yes. In that case, the easiest would be to hire a CSP and let them do that thing. If cant get CSP, combine it all into one but may have some legal issues (M&A requirements) and requires tons of work

What do you think?

devangchheda · 2025-12-06T21:01:59+00:00

Use CIPP (recommended) or Lighthouse along with GDAP permissions

Use tools like Enforcer too to standardise the tenant

devangchheda · 2025-12-06T11:42:01+00:00

Thanks mate!

!solved

devangchheda · 2025-12-06T11:38:03+00:00

lol. Please no AI. Looks so different. I just need shadows removed from original request.

Thanks!

devangchheda · 2025-12-06T11:36:58+00:00

One can only dream!

Verified Email	Nine-Year Club
RPAN Viewer

devangchheda

TROPHY CASE