I have a blog post about creating a dedicated PowerShell – Frontline Workers – Create Windows 365 Cloud PC Provisioning Policy | AskAresh. In this post blog, I will demonstrate how to create the provisioning policy using PowerShell and MS Graph API with beta modules for Windows 365 Cloud PC – Shared Frontline Workers.
Introduction
I will not attempt to explain Frontline, but the best explanation is here: What is Windows 365 Frontline? | Microsoft Learn.
Example – With Windows 365 Frontline Shared licensing, you don’t assign a license to each individual user. Instead, you provision a pool of shared virtual desktops and grant access to a designated group of users. Each shared license represents a virtual desktop that can be dynamically used by any authorized user when available. For example, rather than needing a strict 1:1 (or even 1:3) mapping between users and desktops, you can support many more employees than the number of desktops you provision—much like a traditional non-persistent VDI setup. Once a user logs off, their desktop resets and becomes available for another user, allowing you to meet peak concurrency needs without assigning a dedicated device to every single employee.
Connect to MS Graph API
Step 1 – Install the MS Graph Beta Powershell Module
#Install Microsoft Graph Beta Module
PS C:WINDOWSsystem32> Install-Module Microsoft.Graph.BetaStep 2 – Connect to scopes and specify which API you wish to authenticate to. If you are only doing read-only operations, I suggest you connect to “CloudPC.Read.All” in our case, we are creating the policy, so we need to change the scope to “CloudPC.ReadWrite.All”
#Read-only
PS C:WINDOWSsystem32> Connect-MgGraph -Scopes "CloudPC.Read.All" -NoWelcome
Welcome To Microsoft Graph!
OR
#Read-Write
PS C:WINDOWSsystem32> Connect-MgGraph -Scopes "CloudPC.ReadWrite.All" -NoWelcome
Welcome To Microsoft Graph!
Step 3 – Check the User account by running the following beta command.
#Beta APIs
PS C:WINDOWSsystem32> Get-MgBetaUser -UserId admin@wdomain.com
Create Provisioning Policy (Frontline Shared Worker)
We are creating a provisioning policy that involves the following: avdwin365mem/win365sharedfrontlineCreateProvPolicy at main · askaresh/avdwin365mem
- Azure AD Joined Cloud PC desktops
- The region for deployment – Australia East
- Image Name – Windows 11 Enterprise + Microsoft 365 Apps 24H2 (from the Gallery)
- Language & Region – English (United States)
- Network – Microsoft Managed
- SSO – True
- the biggest change for share front like is this provisioningType = “sharedByEntraGroup”
- Cloud PC Naming format – FLWS-%RAND:10% (FLSW – Frontline Worker Shared)
$params = @{
displayName = "Demo-Shared-FrontLine"
description = "Shared Front Line Workers Prov Policy"
provisioningType = "sharedByEntraGroup"
managedBy = "windows365"
imageId = "microsoftwindowsdesktop_windows-ent-cpc_win11-24H2-ent-cpc-m365"
imageDisplayName = "Windows 11 Enterprise + Microsoft 365 Apps 24H2"
imageType = "gallery"
microsoftManagedDesktop = @{
type = "notManaged"
profile = $null
}
enableSingleSignOn = $true
domainJoinConfigurations = @(
@{
type = "azureADJoin"
regionGroup = "australia"
regionName = "australiaeast"
}
)
windowsSettings = @{
language = "en-US"
}
cloudPcNamingTemplate = "FLWS-%RAND:10%"
}
New-MgBetaDeviceManagementVirtualEndpointProvisioningPolicy -BodyParameter $params
The policy will show up in the Intune Portal
Optional Properties
If you are doing on-premise network integration (Azure Network Connection) , then the following additional property and value is required. In my lab, I am leveraging the Microsoft Managed Network, so this is not required.
OnPremisesConnectionId = "4e47d0f6-6f77-44f0-8893-c0fe1701ffff"Additionally, if you have enrolled into autopatch the following is the parameter. You will have to put the name from the Intune Portal.
"autopatch": null,I hope you will find this helpful information for creating a shared frontline worker provisioning policy using PowerShell. Please let me know if I have missed any steps or details, and I will be happy to update the post.
Thanks,
Aresh Sarkari
good! 33 2025 Cloud PC Maintenance Windows: Scheduling Resize Operations for Maximum Efficiency + Bonus Microsoft Graph Powershell way of implementation adorable