Microsoft Brings Centralized RDP Shortpath Management to Group Policy and Intune

Microsoft has announced the general availability of centralized Remote Desktop Protocol (RDP) Shortpath configuration through Group Policy Objects (GPO) and Microsoft Intune. The update enables IT teams to centrally enforce and fine-tune RDP Shortpath behavior across Azure Virtual Desktop (AVD) session hosts and Windows 365 Cloud PCs.

RDP Shortpath is a Remote Desktop feature that improves performance and reliability by creating a more direct, UDP‑based network path between the client and the remote session host instead of relying completely on traditional TCP connections. This feature chooses the most efficient route available to reduce latency and improve responsiveness (especially for audio and video). It offers a smoother user experience for Azure Virtual Desktop and Windows 365 connections, even in complex or variable network conditions.

The management gap Microsoft is addressing

Previously, RDP Shortpath behavior lacked centralized, policy-driven management, forcing IT teams to configure settings manually on individual Azure Virtual Desktop session hosts or rely only on host pool–level controls. This made it difficult to enforce consistent networking behavior at scale, especially in complex or security‑sensitive environments where organizations need precise control over how RDP traffic flows.

In large and more distributed environments, however, this fragmented approach caused inconsistent configurations, operational overhead, and unpredictable connection behavior. It prompted the need for a centralized solution integrated with existing management tools like Group Policy and Microsoft Intune.

Centralized configuration via Group Policy and Intune

According to Microsoft, the latest update addresses that gap by allowing administrators to enforce Shortpath settings centrally to ensure predictable operation across all managed devices. It eliminates the need for manual, per-host tuning and helps to align configuration choices with security requirements, NAT environments, and network readiness.

Key benefits for IT and enterprise environments

Centralized RDP Shortpath policies reduce administrative overhead, ensure consistent performance and security controls, and make large-scale virtual desktop environments easier to manage and troubleshoot.

1. Centralized policy-based control

Microsoft highlighted that administrators can now manage RDP Shortpath settings centrally instead of configuring each session host individually. They can deploy policies using management tools (like Group Policy and Microsoft Intune) and apply consistently across environments.

2. Control of all Shortpath modes

Administrators can enable/disable the three RDP Shortpath transport options, including Managed, Public (STUN), and Public (TURN). Microsoft recommends IT admins to leave all options enabled for automatic optimization. However, organizations can choose to restrict specific modes to meet security or networking requirements.

3. Works alongside Azure Virtual Desktop Host Pool settings

For AVD environments, Shortpath policies applied via GPO or Microsoft Intune work in addition to host pool network settings. When both are configured, the session host policy takes priority and provides deterministic behavior.

Microsoft notes that administrators should keep in mind that RDP Shortpath continues to depend on proper network conditions (such as UDP connectivity and reachability of STUN or TURN endpoints) for it to function as intended. Moreover, any changes made through policy must be followed by a restart of session hosts or Cloud PCs to apply and enforce the new Shortpath configuration.