Manage RDP device redirections for Cloud PCs
Remote Desktop Protocol (RDP) can be used to create redirections that let users connect to peripherals (like cameras, USB drives, and printers) from remote devices like Cloud PCs. By default, these redirections are enabled for Cloud PCs. Update these redirections according to your organization's policies.
To understand which redirections are supported based on which platform is used to access the Cloud PC, see Compare the clients: redirections.
RDP device redirection settings
The following redirections can be managed by using the appropriate setting:
| Redirection | Group policy |
|---|---|
| Audio input | Allow audio recording redirection |
| Audio output | Allow audio and video playback redirection |
| Cameras | Do not allow video capture redirection |
| Clipboard | Do not allow Clipboard redirection |
| COM ports | Do not allow COM port redirection |
| Drives | Do not allow drive redirection |
| Location | Do not allow location redirection |
| Printers | Do not allow client printer redirection |
| Smartcards | Do not allow smart card device redirection |
| USB drives | Do not allow supported Plug and Play device redirection |
Some settings may not be immediately available in the Settings Catalog.
There are two ways to manage these redirections:
- Settings Catalog: Use a device configuration policy in Microsoft Intune. Supports both Microsoft Entra join and Microsoft Entra hybrid join Cloud PCs.
- Group Policy Object (GPO): Use GPOs in Windows Server Active Directory. Supports Microsoft Entra hybrid join Cloud PCs only.
Follow the appropriate guidance to manage RDP device redirections.
Use the Settings Catalog to manage RDP device redirections
To manage any of the redirections by using the Settings Catalog, create and assign a device configuration policy:
Sign in to the Microsoft Intune admin center, select Devices > Configuration profiles > Create profile.
Select the Windows 10 and later platform, the Settings catalog profile type, then Create.
On the Basics page, enter a Name and Description (optional) for the new policy.
On the Configuration settings page, select + Add settings to list and select settings to manage.
- To manage printer redirection settings, search for “Printer Redirection”, select the resulting category, and select the settings you want to manage.
- To manage other redirection settings, search for “Device and Resource Redirection”, select the resulting category, and select the settings you want to manage.
After you've selected all the redirection settings that you want to manage, close the Settings picker view, configure the settings on the Configuration settings page, then select Next.
On the Scope tags page, select any desired scope tags to apply, then select Next.
On the Assignments page, select the users or groups that will receive the redirection policy, then select Next.
On the Review + create* page, select Create.
For more help using the settings catalog to create a device configuration policy, see Use the settings catalog to configure settings on Windows and macOS devices.
Note
The settings catalog configures policies by using the Policy CSP. To make sure that these settings take precedence over a conflicting GPO, you can also configure the ControlPolicyConflict CSP.
Use a GPO to manage RDP device redirections
To manage any of the redirections by using GPO, create and assign a GPO in your Windows Server Active Directory domain. Make sure to use the corresponding policies as shown in the RDP device redirection settings table. To learn more about the policies, download the Group Policy Settings Reference Spreadsheet.
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for