Let's learn how they areUsers connect to AVD? Query KQL to getPuertadetails,AVD RD against the web client,ySEA URCHINClient version. You can get all this information from the AVD service using Azure Monitor (also known as Monitor).
You need to have a completeConfiguring AVD Azure Monitor diagnostic settingsbefore continuing with the details of the KQL query. OnceAVD diagnostic datais available in azure monitor, you can get all these details AVD RD Thick Vs. Web Client.
It is very important to understand if users connect fromthin client operating system(like iGel) orWindows operating systemto fix performance issues and other connection errors in the AVD world.
It is also important to understand if users use aweb clientor a complete oneremote desktop client to connect to Azure Virtual Desktop (also known as AVD). There could be a performance impact with different versions of the client.
You can also check if users connect to aremote applicationo oneRemote DesktopAzure Monitor Log Analytics workspace. This blog post shares all types of KQL queries for AVD connection details. You can also get all the information on the client sideIP addressesusing KQL queries.
- FIX: Azure AD AVD joined VM login issue with error code 0x9735
- AVD VM RD client connection error 0x83886181
How to configure Azure Monitor diagnostic settings for AVD
You need to install and configure theAVD platform logsto the Azure Log Analytics workspace to use the Azure Monitor solution. The Azure Monitor solution will provide you with a lot of information about AVD.
I have explained the process in the following blog post:Configuring AVD Azure Monitor diagnostic settings. As a first step, you shouldcreate a log analysis workspaceto store the AVD logs. You must configure these diagnostic settings for eachAVD Host Group.
USE! – If this is your first time opening Azure Monitor for AVD, you must configure Azure Monitor for your AVD environment. More details on how to configure theAzure Monitor book.
AVD client devices
Let's understand AVD client devices. There are different types of AVD components, and in this post, you get all the details of theclient deviceWhere fromend users are connecting to AVD.
All of the following information refers to client devices and there are different types of client devices in the AVD context. End users can connect to AVD virtual machines using anyclient device type. Some of those base client devices are listed below.
- windows
- iOS/iPad OS
- MacOS
- Android
- Thin Client (Linux etc) -> eg iGel devices
WVCD connection table
WVCD connectionsazure tablelog analysis workspacewill give you a lot of information about AVDclient connections. This information is very important to understand issues with disconnection, performance, etc.
You can get information from theWVCD connectionstable. We will focus on the followingmain columnsin this post
| Column | Description |
|---|---|
| clientele | The operating system of the client that is connecting (if available) |
| connection type | The connection type, either RAIL (RemoteApp Integrated Locally) or Desktop. |
| client side IP address | The remote IP address from the client side |
| Customer type | The type of client that is connecting (if available) |
| ClientVersion | The version of the client that is connecting (if available) |
- Fix AVD failed to connect to session Desktop administrator restricted login type
- Fix AVD updating its token error | Could not connect to desktop session
monitor azul
Let's open Azure Monitor from the Azure portal and go to the logs tab to run the following set of KQL queries.
- Abra Azure.portal.com
- Search with the keyword “Monitor.”
- OpenMonitor(Azure Monitor) and go to therecordseyelash.
Users connect to AVD using the Microsoft Store RD app
Let's find out the client devices that use the Microsoft Store RD app to connect to AVD. You can easily find this information in theWVCD connectionsmesa.
You can use the following KQL query to get the details of client devices connecting to AVD usingRD client installed fromMS Store. The customer type is the key value here to identify the type ofremote desktop clientdetails.
You can also get the RD client version details from the following query. The version of the MS Store RD client is1817,according to the following example. This query also provides the basisclient operating system versiondetails too.
WVCD connections| whereclientelecontains "Windows" andCustomer type== "com.microsoft.rdc.windows.tienda"
Windows RD Client MSI version to connect to AVD
Most IT professionals use Windows RD clients to connect to AVD. You can use the following KQL query to get the details of users connecting to AVD usingWindows Remote Desktop Client(64-bit MSIversion).
This gives you to understand that the AVD platform may collect thebasic datafrom the client device from which end users connect to AVD. The version of the client in the following example is1.2.3317.0.
- The client type for the MSI version of the RD client iscom.microsoft.rdc.windows.msrdc.x64
WVCD Connections | whereclientelecontains "Windows" andCustomer typecontains "com.microsoft.rdc.windows.msrdc.x64"
How many users connect to AVD using web clients
Let's find out how many users are connecting to AVD usingWeb Clients. The AVD web client type can be used from different client operating systems like Windows, macOS, etc.
In the following KQL query, I wanted to quickly analyze users connected from Windows devices using the Web Client. It would be an interesting point to understand why they don't want to use thickDR clientsinstead.
Use the following KQL query to understand how many users connect to AVD using theweb client. The client type for a web client ends with HTML ->com.microsoft.rdc.html.
WVCD Connections | whereclientelecontains "windows" yCustomer typecontains "com.microsoft.rdc.html"
AVD connections from IGEL devices
Let's see how many users useSEA URCHINdevices o IGEL Linux OS yIGEL RD Clientto connect to AVD. This helps identify some of the issues with IGEL's on-premises infrastructure or cloud infrastructure and AVD connectivity issues.
How do you identify AVD connections coming from thin client devices using IGEL RD Client version 21 or 23? Try using the following KQL query to identify theSO Linux IGELdevice connection to AVD.
- SEA URCHINremote desktop clientVersion->21o23
- SEA URCHINRDCustomer type->com.igel.rdc.linux
WVCD Connections | whereclientelecontains "SO Linux IGEL" yCustomer typecontains "com.igel.rdc.linux"
Identify macOS RD client connections to AVD
Let's see how to identify connections from the macOS RD client to AVD. You can easily identify connections coming from macOS devices. You can also segregate the connections coming from the bulkmacOS RD clientand the web client.
el avdweb client typefor all device platforms are the same. The Windows web client type is the same asMacOS,iOS, yAndroidplatform web client.
- macOS RD clientVersion->2006
- Type of customer forMacOS->com.microsoft.rdc.macos
WVCD Connections | whereclientelecontains "MacOS" yCustomer type== "com.microsoft.rdc.macos"
Identify AVD connections coming from iOS devices
Let's identify AVD connections coming from iOS devices. You can use the followingKQL Queryto identify users who are usingiOS/iPad OSdevices to connect to AVD.
This query helps to understand the basic information that iOS/iPadOS collects from the iOS/iPadOS platform. This also helps the version of the client's operating system and many other information.
- iOS RDclient version-> 5170
- iOS Client Type ->com.microsoft.rdc.ios
WVCD Connections | whereclientelecontains "iOS" yCustomer type== "com.microsoft.rdc.ios"
Get AVD Gateway Region Details
With the Azure Monitor option, you can get theAVD Gateway Regiondetails using theKQL Queryfrom the WVDC connection table. Remote desktop or web clients will connect to the closest AVD gateway region.
You can consult the RD Clientevent recordsfor details aboutTCP Reverse Connection Flow for AVD. From the AVD service side, you can find out the connection details of the AVD gateway using the following KQL query.
- AVDPuertaRegion ->UEO.
WVCD Connections | whereGatewayRegion!= "SPG" | proyecto GatewayRegion, ClientOS, ClientType, UserName, SessionHostOSVersionyou can get thetotal number of AVD gateway regionsThe Remote Desktop clients are connecting using the following KQL query.
WVCD Connections |resumeOperationCount=count() porGatewayRegion
You can check whether users connect to the remote application or remote desktop from the following KQL query.
WVCD connections| whereconnection typecontains "APP" orconnection type!= "DESKTOP"Resources ->Azure Monitor Logs Reference: WVDC Connections | Microsoft documents
Author
AnoopC NairIt's Microsoft MVP! He is a device management administrator with more than 20 years of experience (estimated in 2021) in IT. He is a blogger, speaker, and HTML community leader of the local user group. His main focus is on device management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.