Microsoft AVD Hostpool RDP Properties – Would that be an enforced policy or a preference? Know your risks! – How could IGEL OS help to mitigate risks?

By Fredrik Brattstig @virtualbrat

FYI – The following text does not have the intention to discourage using the Microsoft Documentation, and it is not providing criticism of the Microsoft Documentation. I’m trying to give a broader understanding of how to limit the risks for your engagement in Azure Virtual Desktop.

While playing around with IGEL OS and AVD testing quite some features and functions, I got interested in finding out the meaning of the RDP Properties that can be configured per AVD HostPool. You can change settings on how the session should behave when it comes to compression, video playback, redirection functions on/off, multi-display settings, etc. Very nice, neat, and easy to configure. But, wait a minute. Would that be a policy that is enforced or a preference?

In this blog, I will focus on the specific “Clipboard Redirection” as that can lead to a security flaw if you don’t know what you are doing when trying to control this. Though, this applies to more of the settings in the RDP Properties.

1st, what is Clipboard Redirection?
Clipboard Redirection is a feature that allows you to copy text/pictures/files between the AVD session desktop and the endpoint device that the user use to access the remote desktop/application. Example: the user has a text on the local endpoint, the user marks this text and hit the keys Ctrl+C (copy text to clipboard), then the user opens the AVD session and in ex a word document and hit the keys Ctrl+V (paste text in clipboard) – the result will be that the text that only existed in the endpoint device now appears in the document in the AVD session. You can do this the other way around (Copy text in session and paste the text in the local endpoint) – It becomes even more interesting when we look at files. You can copy a file from the local file system of the endpoint and paste it in the remote AVD session in the same way. That file will be transferred encapsulated in the RDP protocol – invisible to firewalls and other filters. Noone will know what is transferred within the RDP session…

Simplified image describing the encapsulated virtual channels in RDP
Image borrowed from:
https://thalium.github.io/blog/posts/fuzzing-microsoft-rdp-client-using-virtual-channels/



Let’s have a look at what Microsoft documentation says:
ref: https://docs.microsoft.com/en-us/azure/virtual-desktop/configure-device-redirections
Configuring device redirections for your Azure Virtual Desktop environment allows you to use printers, USB devices, microphones and other peripheral devices in the remote session. Some device redirections require changes to both Remote Desktop Protocol (RDP) properties and Group Policy settings.

And, looking specifically at the Clipboard Redirection note:

If we combine the Microsoft documentation heading text and the Clipboard Redirection note above we see that we can enable or disable Clipboard redirection basically by setting:

Clipboard on a local computer isn’t available in a remote session as of the RDP Properties Settings for the AVD host-pool

Super great for an IT Admin trying to remove a potential risk… Or, is it?
To me, by reading the text and opening the configuration pane of RDP Properties it is hard to tell if the setting will be enforced or not.

Before going forward, I need to make a statement of my personal view:
I love the feature of clipboard redirection, and I also know the “risks” of using it.
Maybe regular users in reality shouldn’t understand the risks? Some basic IT security training could come in handy to increase the user’s understanding of risks.

So, now to the catch: What happens when you set the “Clipboard on local computer isn’t available in remote session” in the AVD Host Pool properties? We will take this from the beginning to enlighten the understanding:
A published resource in Microsoft Azure Virtual Desktop is delivered to the user when enumerating the AVD Feeds:

  1. User login to the AVD client
  2. After successful authentication, the RDP feed is asked to return the resources the user has access to
  3. The feed is basically a series of RDP files that are sent from the Feed servers to the user’s device and is shown as familiar icons to the user
  4. User clicks a selected icon to connect to the AVD session – the RD client reads the RDP file and opens the session based on the characteristics of the RDP file.

In 3. and 4. I’m referencing to the RDP file and its characteristics. How does a RDP file look?

Sample RDP file from the AVD ARM HTML5 webfeed – redirectclipboard:i:0

Within the RDP file we see the reference to Clipboard Redirection and that the value of the setting is “0” which means that Clipboard Redirection is disabled.
The RDP file tells the RD Client when it is connecting to the selected resource which features should be enabled or disabled and builds up the session based on those parameters.
And this is the catch!:
I can modify this file and change the redirectclipboard value from “0” to “1” before launching the RDP file, giving me the result that Clipboard Redirection will be enabled in session – circumventing the preference set by the IT Administrator. As this can be done, the correct way to name RDP Properties in the Azure pages for the host-pools would in my mind be RDP Preferences as it can be overridden from client-side.
If you really want to control (Policy restrict) RDP Clipboard redirection in your AVD sessions, there are multiple ways to achieve this, but the RDP properties isn’t one of those ways.
Let’s have a look at how it is handled in an IGEL OS profile allowing the UMS administrator to restrict usage of Clipboard Redirection as a enforced policy:

In Session->Options you can disable the IGEL OS RD Client to allow Clipboard Redirection (etc)
Preventing this feature to be enabled even if the RDP file offers it as enabled.

I’m hoping this blog post was of interest for you and helped you getting a better understanding of that RDP Properties for AVD Host Pools is only a preference, not a policy. And of course, IGEL gives you granular and enforced control.

Stay safe out there

/Fred