Search Highlight is a feature in Windows 11 (Enterprise\Multi-session) that highlights search results in the Start menu and taskbar search box. While this feature can be helpful for some users, others may find it distracting or unnecessary. Fortunately, it is possible to disable the Search Highlight feature in Windows 11 using Microsoft Intune. Plenty of information is available on disabling the Windows 11 Search Highlight using Group policy, Registry and UI. However, we will leverage Custom OMA-URI settings from Microsoft Intune in this blog post.
Search – CSP Details
The Search – Policy configuration service provider enables the enterprise to configure policies on Windows 11. Following are the details on the one we are using for disabling the search highlights:
How to disable Search Highlights in Microsoft Endpoint Manager
To disable the Search Highlight feature in Windows 11 (Enterprise/Multi-session) using Microsoft Intune, follow these steps:
For Profile type, select Templates > Custom and select Create.
Enter a Name – DisableSearchHighlight and description and choose Next
Under the OMA-URI Settings, clicks on Add
Enter the Name, Description, and OMA-URI fetched in the references from the MS CSP link below. The value is an integer based on the documentation, and as we disable the setting, the value is 0.
Remember the MS documentation called out this setting only applies to Devices. In the case of Assignments, we will target Windows 365 Device Group and Azure Virtual Desktop Session Host Pools.
Click on Review and Save
Validate the Policy is applying
After 10-15 mins of waiting, go into the newly configured configuration profiles policy, and you will start seeing it getting applied to the targeted devices (MEM Portal > Devices > Configuration Profiles > DisableSearchHighlights)
Cloud PC – Within Windows 11
Login to the Windows 365 Cloud PC, and now when you click on Search, the advertisements and search highlights are gone.
I hope you will find this helpful information towards disabling the annoying Search Highlights on Windows 365, AVD environment and physical endpoints using Microsoft Endpoint Manager. Please let me know if I have missed any steps or details, and I will be happy to update the post.
Do you want to deploy an Azure Virtual Desktop – Host pools quickly and want a starting point for a golden image? Look no further in this blog post. I will show you how to create a golden image using PowerShell in no more than 10 min.
I will break down the code block into smaller chunks first to explain the critical bits, and in the end, I will post the entire code block that can be run all at once. In this way, explaining block by block becomes easier than pasting one single block.
Pre-requisites
Following are the pre-requisites before you begin
PowerShell 5.1 and above
Azure Subscription
Permissions within the Auzre Subscription for Azure Compute
Assumption
You have an existing Resource Group (RG)
You have an existing Azure Virtual Network (VNET)
You have an existing workload subnet within the VNET
Identify the VM Size you will be using for the golden image
We are going to use the Windows 11 22H2 Mutli-session – win11-22h2-avd within this script
Variable Region
Delcare all the variable within this section. Lets take a look at what we are declaring within the script:
Existing Resource Group within the Azure Subscription (AZ104-RG)
A location where you are deploying this virtual machine (Australia East)
Name of the golden image virtual machine (VM03)
NIC Interface name for the virtual machine (VM03-nic)
RG of the VNET (In my case they are same AZ104-RG, they can be seperate too and hence a independent variable)
Name of the existing subnet within the vNET (AZ104-VDI-Workload-L1)
Name of the existing VNET (AZ104-RG-vnet)
Mapping of the exisitng VNET
Mapping of the existing subnet
T-shirt size of the golden image we are deploying (Standard_D2s_v3)
Gallery details of the image
Published – MicrosoftWindowsDesktop
Offer – windows-11
SKU – win11-22h2-avd
version – Offcourse latest
Get credentials – A local admin account is created on the golden image (A input box to capture the uisername and password)
# Existing Resource Group to deploy the VM
$rgName = "AZ104-RG"
# Geo Location to deploy the VM
$location = "Australia East"
# Image template name
$vmName = "VM03"
# Networking Interfance Name for the VM
$nicName = "$vmName-nic"
# Resource Group for VNET
$vnetrgName = "AZ104-RG"
# Existing Subnet Name
$Existsubnetname = "AZ104-VDI-Workload-L1"
# Existing VNET Name
$Existvnetname = "AZ104-RG-vnet"
# Existing VNET where we are deploying this Virtual Machine
$vnet = Get-AzVirtualNetwork -Name $Existvnetname -ResourceGroupName $vnetrgName
# Existing Subnet within the VNET for the this virtual machine
$subnet = Get-AzVirtualNetworkSubnetConfig -Name $Existsubnetname -VirtualNetwork $vnet
# T-shirt size of the VM
$vmSize = "Standard_D2s_v3"
# Gallery Publisher of the Image - Microsoft
$publisher = "MicrosoftWindowsDesktop"
# Version of Windows 10/11
$offer = "windows-11"
# The SKY ending with avd are the multi-session
$sku = "win11-22h2-avd"
# Choosing the latest version
$version = "latest"
# Setting up the Local Admin on the VM
$cred = Get-Credential `
-Message "Enter a username and password for the virtual machine."
Execution block
Execution code block within this section. Lets take a look at what we are we executing within the script:
First its creating the network interface for the virtual machine (VM03)
Next, under the variable $VM all virtual machine configurations
Tshirt size of the virtual machine
Credentials for the local admin (username/password)
The network interface assignment along with the delete option (Note delete option is essential or/else during deletion of VM it will not delete the network interface)
The gallery image, sku, offer from the Microsoft Market Place gallery
The os disk assignment along with the delete option (Note delete option is essential or/else during deletion of VM it will not delete the disk)
The configuration around “Trusted Platform” and enabling of TPM and Secure Boot
The final command to create the virtual machine with all the above configurations
# Create New network interface for the virtual machine
$NIC = New-AzNetworkInterface -Name $nicName -ResourceGroupName $vnetrgName -Location $location -Subnet $subnet
# Creation of the new virtual machine with delete option for Disk/NIC together
$vm = New-AzVMConfig -VMName $vmName -VMSize $vmSize
$vm = Set-AzVMOperatingSystem `
-VM $vm -Windows `
-ComputerName $vmName `
-Credential $cred `
-ProvisionVMAgent `
-EnableAutoUpdate
# Delete option for NIC
$vm = Add-AzVMNetworkInterface -VM $vm `
-Id $NIC.Id `
-DeleteOption "Delete"
$vm = Set-AzVMSourceImage -VM $vm `
-PublisherName $publisher `
-Offer $offer `
-Skus $sku `
-Version $version
# Delete option for Disk
$vm = Set-AzVMOSDisk -VM $vm `
-StorageAccountType "StandardSSD_LRS" `
-CreateOption "FromImage" `
-DeleteOption "Delete"
# The sauce around enabling the Trusted Platform
$vm = Set-AzVmSecurityProfile -VM $vm `
-SecurityType "TrustedLaunch"
# The sauce around enabling TPM and Secure Boot
$vm = Set-AzVmUefi -VM $vm `
-EnableVtpm $true `
-EnableSecureBoot $true
New-AzVM -ResourceGroupName $rgName -Location $location -VM $vm
# Step 1: Import module
#Import-Module Az.Accounts
# Connect to the Azure Subcription
#Connect-AzAccount
# Get existing context
$currentAzContext = Get-AzContext
# Your subscription. This command gets your current subscription
$subscriptionID=$currentAzContext.Subscription.Id
# Command to get the Multi-session Image in Gallery
# Details from this command will help in filling out variables below on Gallery Image
# Get-AzVMImageSku -Location australiaeast -PublisherName MicrosoftWindowsDesktop -Offer windows-11
# Existing Resource Group to deploy the VM
$rgName = "AZ104-RG"
# Geo Location to deploy the VM
$location = "Australia East"
# Image template name
$vmName = "VM03"
# Networking Interfance Name for the VM
$nicName = "$vmName-nic"
# Resource Group for VNET
$vnetrgName = "AZ104-RG"
# Existing Subnet Name
$Existsubnetname = "AZ104-VDI-Workload-L1"
# Existing VNET Name
$Existvnetname = "AZ104-RG-vnet"
# Existing VNET where we are deploying this Virtual Machine
$vnet = Get-AzVirtualNetwork -Name $Existvnetname -ResourceGroupName $vnetrgName
# Existing Subnet within the VNET for the this virtual machine
$subnet = Get-AzVirtualNetworkSubnetConfig -Name $Existsubnetname -VirtualNetwork $vnet
# T-shirt size of the VM
$vmSize = "Standard_D2s_v3"
# Gallery Publisher of the Image - Microsoft
$publisher = "MicrosoftWindowsDesktop"
# Version of Windows 10/11
$offer = "windows-11"
# The SKY ending with avd are the multi-session
$sku = "win11-22h2-avd"
# Choosing the latest version
$version = "latest"
# Setting up the Local Admin on the VM
$cred = Get-Credential `
-Message "Enter a username and password for the virtual machine."
# Create New network interface for the virtual machine
$NIC = New-AzNetworkInterface -Name $nicName -ResourceGroupName $vnetrgName -Location $location -Subnet $subnet
# Creation of the new virtual machine with delete option for Disk/NIC together
$vm = New-AzVMConfig -VMName $vmName -VMSize $vmSize
$vm = Set-AzVMOperatingSystem `
-VM $vm -Windows `
-ComputerName $vmName `
-Credential $cred `
-ProvisionVMAgent `
-EnableAutoUpdate
# Delete option for NIC
$vm = Add-AzVMNetworkInterface -VM $vm `
-Id $NIC.Id `
-DeleteOption "Delete"
$vm = Set-AzVMSourceImage -VM $vm `
-PublisherName $publisher `
-Offer $offer `
-Skus $sku `
-Version $version
# Delete option for Disk
$vm = Set-AzVMOSDisk -VM $vm `
-StorageAccountType "StandardSSD_LRS" `
-CreateOption "FromImage" `
-DeleteOption "Delete"
# The sauce around enabling the Trusted Platform
$vm = Set-AzVmSecurityProfile -VM $vm `
-SecurityType "TrustedLaunch"
# The sauce around enabling TPM and Secure Boot
$vm = Set-AzVmUefi -VM $vm `
-EnableVtpm $true `
-EnableSecureBoot $true
New-AzVM -ResourceGroupName $rgName -Location $location -VM $vm
Note – It will give you a pop-up box for entering the username and password for the local account, and in under 10 mins you will see your virtual machine within the Azure portal
Next Steps on Golden Image
Now that the virtual machine is ready following are the next steps involved:
Using Azure Bastion console and installing all the required applications
Generalize and sysprep and shutdown the image
Capture the image to the Azure Compute Galleries
Deploy within the Azure Virtual Desktop
I hope you will find this helpful information for deploying a golden image within Azure – Virtual Machine to deploy the Azure Virtual Desktop – Host Pools. If you want to see a Powershell version of the host pool activities, leave me a comment below or on my socials. Please let me know if I have missed any steps or details, and I will be happy to update the post.
Recent Comments