AVD support for EPM

Question

AVD support for EPM

Pedinotti, Paul 1

Does a personal AVD host support EPM? I have read personal hosts are supported for EPM but not multi-user hosts.

2 answers

Your answer

Answer 1

Marcin Policht 50,495 MVP Volunteer Moderator

AFAIK, you're correct... As per https://www.microsoft.com/en-gb/microsoft-365/roadmap?rtc=3&filters=Microsoft+Intune&searchterms=endpoint+privilege+management , MDE's Endpoint Privilege Management does support personal AVD (Azure Virtual Desktop) hosts, but not multi-session (pooled) hosts.

Personal AVD hosts are treated much like regular Windows 10/11 Enterprise endpoints, so EPM works as expected — allowing standard users to elevate approved apps without full admin rights. EPM currently relies on per-user session control and context that is complex in multi-user environments, so effectively this is not supported.

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin

Pedinotti, Paul 1 Reputation point

2025-04-15T17:31:50.3466667+00:00

that is great information thank you. I am currently testing EPM and have gotten it to deploy to a few laptops (physical devices) but it fails to install the agent on the personal AVD, I have gone through several troubleshooting steps and it is not able to dual enroll with MMP-C.

not sure what else to try.
Marcin Policht 50,495 Reputation points MVP Volunteer Moderator

2025-04-15T20:16:51.96+00:00

Follow https://mikemdm.de/2024/09/15/troubleshooting-intune-endpoint-privilege-management/

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin
Pedinotti, Paul 1 Reputation point

2025-04-16T12:15:09.3766667+00:00

that is the doc I have been using. the mmp-c dual enrollment registry nor sched task gets created, which leads me to believe AVD Personal Hosts are not supported yet.
Marcin Policht 50,495 Reputation points MVP Volunteer Moderator

2025-04-16T12:35:24.5733333+00:00

As per the URL I provided earlier (https://www.microsoft.com/en-gb/microsoft-365/roadmap?rtc=3&filters=Microsoft+Intune&searchterms=endpoint+privilege+management)

you might need to wait a bit longer...

Microsoft Intune: Endpoint Privilege Management on single session Azure Virtual Desktop

Microsoft Intune

IN DEVELOPMENT

ROLLOUT START

May 2025

With this release, you can use Endpoint Privilege Management elevation rules and policy to more easily manage standard users on Azure Virtual Desktop.

Roadmap ID

399928

Cloud instances(s)

Worldwide (Standard Multi-Tenant), GCC, GCC High, DoD

Platform(s)

Desktop

Release phases(s)

General Availability

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin

Answer 2

Please see the official content for Endpoint Privilege Management on learn.microsoft.com: https://learn.microsoft.com/intune/intune-service/protect/epm-overview#requirements

As of June, 2025, the requirements section calls out that AVD isn't supported at this time. There is currently no distinction there between mulit-session or single-session.
Per the roadmap (https://www.microsoft.com/en-gb/microsoft-365/roadmap?rtc=3&filters=Microsoft+Intune&searchterms=endpoint+privilege+management), July looks to be when support for AVD single session will arrive.

You can also monitor the Intune articles for Intune’s In Development and What's new articles to better glean what is in the works, and what changes or new capabilities are now available.

Share via

AVD support for EPM

2 answers

Your answer