Point-in-time restore for Windows 365 Enterprise

Point-in-time restore lets an administrator restore a Cloud PC to the exact state it was at an earlier point in time. You can create new or edit settings to automatically create restore points at regular intervals for groups of Cloud PCs. You can also create on-demand restore points for specific times. Admins can also give users permission to restore their own Cloud PCs.

Restore point options

There are three different ways to set restore points:

  • Short-term restore points
  • Long-term restore points
  • On-demand manual restore points

Each type of restore point can be restored in the same way.

Short-term restore points

You can choose to set short-term restore points every 4, 6, 12, 16, or 24 hours. Each Cloud PC in the assigned groups has 10 short-term restore points saved at the intervals that you define in the user setting. For example, if you chose four hour intervals, each assigned Cloud PC has 10 restore points spread out every four hours over the last 40 hours.

Long-term restore points

In addition to the configurable short-term restore points, there are also four long-term restore points that aren't configurable. These long-term restore points are saved every seven days.

On-demand manual restore point

Manual restore points let administrators create a restore point whenever they want, for both a single Cloud PC and groups of Cloud PCs (using bulk actions). Manual restore points are in public preview.

Among other uses, on-demand manual restore points are useful:

  • For creating a backup before taking management actions.
  • During employee off-boarding with sharing a restore point.

Only administrators can create a manual restore point, and each Cloud PC can have only one manual restore point at a time.

Expiration of restore points

For short- and long-term restore points, as time passes and a new restore point is added, the oldest restore point is removed.

Each Cloud PC can have one manual restore point. If you create another manual restore point for a Cloud PC that already has a manual restore point, the existing restore point will be overwritten by the new restore point. If not overwritten, a manual restore point expires in approximately 28 days. Manual restore points have an expiration date shown when they are created.

Risks and results of restoring a Cloud PC

Cloud PCs have same risks as all Windows PCs when performing a full disk restore. These risks and results include:

  • All changes made to the Cloud PC between the saved restore point and when the restore is started will be lost. This lost information includes all data, documents, installed applications, configurations, downloads, and other changes. External data stored in cloud services, like OneDrive, won't be lost.
  • Various applications, agents and tools also use rolling passwords, secrets, certificates, and keys. If any of these credentials are updated between the current time and the restore point, the associated service or application will be impacted.
  • The chances of data loss and automated machine account password updates increase with longer time gaps between the selected restore point and the current time.

Best practices

  • To minimize data loss and the risk of a rolling password conflict, choose a restore point that is as close as possible to the current time.
  • After a restoration is complete, the user should immediately sign into their Cloud PC to verify that they can successfully connect. If a user can't connect, or experiences unexpected behavior, try a second restoration to a different restore point that is more recent. On rare occasions, you may need to reprovision/reset a Cloud PC if all restore points have obsolete rolling credentials.

Disaster recovery

When a restore is started, the virtual infrastructure used for the Cloud PC remains the same. If the infrastructure is unavailable, but appropriate alternate infrastructure is available in the same Azure region, then the Cloud PC is automatically placed in the available infrastructure. This automation makes sure that, in the case of a disaster recovery scenario in an Azure zone, that the Cloud PC is resilient through recovery to a different Zone in the region. The recovery to an alternate infrastructure is automatic. There is nothing required of the administrator or user other than to start the restore.

Next steps