Tag Archive for: Proactive remediation

ManageFSLogixGroups

Manage FSLogix groups on Azure AD joined AVD session hosts

FSLogix can be used to redirect user profiles to an Azure file share. This is something you want for normal users, but not for administrators. To prevent this, you need to add the local administrators to the FSLogix exclude groups and add Everyone to the FSLogix include groups.

AppInstaller

Control Winget with the Desktop App Installer policy

By default every Windows 10/11 can have the App Installer package installed and use Winget to install apps from the Winget or Microsoft Store repository. Even if the user has no admin permissions it can still install apps in user context by using the “Winget install” command.