This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 65%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPP%3C/text%3E%3C/svg%3E)
Does a personal AVD host support EPM? I have read personal hosts are supported for EPM but not multi-user hosts.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
AFAIK, you're correct... As per https://www.microsoft.com/en-gb/microsoft-365/roadmap?rtc=3&filters=Microsoft+Intune&searchterms=endpoint+privilege+management , MDE's Endpoint Privilege Management does support personal AVD (Azure Virtual Desktop) hosts, but not multi-session (pooled) hosts.
Personal AVD hosts are treated much like regular Windows 10/11 Enterprise endpoints, so EPM works as expected — allowing standard users to elevate approved apps without full admin rights. EPM currently relies on per-user session control and context that is complex in multi-user environments, so effectively this is not supported.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
that is great information thank you. I am currently testing EPM and have gotten it to deploy to a few laptops (physical devices) but it fails to install the agent on the personal AVD, I have gone through several troubleshooting steps and it is not able to dual enroll with MMP-C.
not sure what else to try.
Follow https://mikemdm.de/2024/09/15/troubleshooting-intune-endpoint-privilege-management/
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
that is the doc I have been using. the mmp-c dual enrollment registry nor sched task gets created, which leads me to believe AVD Personal Hosts are not supported yet.
As per the URL I provided earlier (https://www.microsoft.com/en-gb/microsoft-365/roadmap?rtc=3&filters=Microsoft+Intune&searchterms=endpoint+privilege+management)
you might need to wait a bit longer...
Microsoft Intune: Endpoint Privilege Management on single session Azure Virtual Desktop
Microsoft Intune
IN DEVELOPMENT
ROLLOUT START
May 2025
With this release, you can use Endpoint Privilege Management elevation rules and policy to more easily manage standard users on Azure Virtual Desktop.
Roadmap ID
399928
Cloud instances(s)
Worldwide (Standard Multi-Tenant), GCC, GCC High, DoD
Platform(s)
Desktop
Release phases(s)
General Availability
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin