Deploy a Microsoft Edge shortcut with a URL in Azure Virtual Desktop
Recently, a company I work with requested a way for users to access a web app that they were hosting on-premises, but didn't want to open up connections to the app to the internet. The app is out of support from the vendor and can't be opened outside of their secure network.
We planned to allow access to the app by instructing users to connect over a VPN, but we found this would be a hassle for users, as they would need to install the VPN client, connect to the VPN, and then launch a browser to access the app. In this case, the site also requires IE11 with a custom extension to be installed. These requirements just to access a single site really made it a headache for users and the Helpdesk received regular tickets from staff who had issues accessing the site.
Instead of the VPN approach, we deployed a Microsoft Edge shortcut in Azure Virtual Desktop. This approach has advantages because it allows users to launch a browser window and jump onto the network that the Host Pool is connected to. If you have your networking configured correctly in Azure, you can access internal sites and apps without going over the internet directly from the client PC. This also allows you to control the browser version and other settings that are configured in the Host Pool. If paired with Intune policies, you can define the browser settings and extensions that are available to users and require certain sites to open in Internet Explorer Compatibility Mode. This could be helpful if you have a legacy app that only works in IE11 and requires a specific extension to be installed.
In this post, I'll show you how to deploy a Microsoft Edge shortcut in Azure Virtual Desktop.
To start, you must have an existing Azure Virtual Desktop deployment set up with Host Pools and a Workspace. You'll also need at least Contributor access to the Resource Group you're working in.
Create a new Application Group in Azure Virtual Desktop.
On the Basics tab, make the following changes:
- Subscription and Resource group – Set for your AVD environment.
- Host Pool – Select the Host Pool you want to deploy the shortcut to.
- Application group type –
Remote App (RAIL) - Application Group name – Something like
BrowserShortcuts
On the Applications tab, click the “Add applications” button and set the following properties:
- Application source:
File path - Application path:
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Application name:
Your shortcut name - Display name:
Your shortcut name - Icon path:
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Icon index:
0 - Description:
- Require command line:
Yes - Command line:
http://google.com/
If you want multiple tabs to open, separate the URLs with a space. For example, http://google.com/ http://bing.com/
On the Assignments tab, select your user or group:
On the Workspace tab, change the “Register application group” to “Yes” and you should already have an application group assigned.
You can leave the Advanced and Tags tabs as default.
After saving the Application Group, you should see the shortcut in the Azure Virtual Desktop client in a few minutes. You may need to click the Refresh button to force it to update:
These steps allow you to deploy secure web apps inside your AVD deployment. Whether you're connecting to a legacy web app that you're hosting on prem or you have specific application or environment requirements that you need to meet, this is a great way to provide access to your users without having to jump through hoops.
If you combine this Edge shortcut with Intune policies that require Edge to open certain sites in Internet Explorer Compatibility Mode, you can ensure your users can easily access apps and sites quickly without compromising your secure internal network.
