Optimizing Microsoft O365 Licensing on RDS/VDI using PWA

Optimizing O365 licensing on RDS/VDI deployments

Microsoft O365 licensing and the costs associated with it can be a challenge for enterprises with a mix of users requiring different functionalities.
Healthcare is a nice example of an enterprise that has multiple different users, and not all require the same functionalities and thus Microsoft Office licenses.
I recently co-invented a solution together with one of my customers on how to optimize the Microsoft O365 license costs on their RDS/VDI deployment using PWA (Progressive WebApps).

This sometimes poses a difficulty when utilizing a centralized digital workspace like a VMware Horizon of Citrix XenApp solution.
Especially with limited IT staff, utilizing a single image is most of the time the most efficient way for them. But how to provide O365 functionality to both F3 / E3 and E5 users (and all the other flavors that exist)?
When using RDS, we will have users with different licenses on a single machine, meaning we need to configure something on the user level. So this is where a Chrome PWA for Outlook came into play!

So first some additional backstory, I recently was at one of my customers (a hospital in Belgium) that was reviewing their Microsoft Office licenses.
Here we had the general medical staff user group that only required, the need of a “web-only” outlook as they spend 90% of the time on the floor. (F3 users)

The other user groups were the doctors and specialized medical staff, which did require a full-blow Office suite (with or without OneDive).

The initial thought was to utilize a web browser and redirect the user to the outlook webmail. This is a good viable solution that worked well but it had one drawback.
Users complained that the browser itself took too much space from the screen and limited the visible outlook portion. So this hurt the user’s efficiency.


Something that I didn’t know was Microsoft PWA’s, Progressive Web Apps (PWAs) are websites that are┬áprogressively enhanced.
The progressive enhancements include app-like features, such as installation, offline support, and push notifications. I just copied the explanation from the MS docs site, so if you want to learn more: https://learn.microsoft.com/en-us/microsoft-edge/progressive-web-apps-chromium/how-to/

So in essence a PWA offers a user a more sleek and optimized web application.


By default, PWA is generally made available through the Microsoft Store, apple store, or google play store. great for the end user but not so great for sysadmins.
So how do we configure a PWA within our VMware Horizon solution?

First, you need to choose the browser in which you want the PWA to be running the options are MS Edge or Google Chrome.
Next, you download and configure the necessary ADMX templates to force the deployment of the PWA within the browser.

PWA ADMX settings for chrome

You then configure the “Configure list of force-installed Web Apps” policy with the following settings:

[{ “custom_name”: “Outlook”,”create_desktop_shortcut”: false,”default_launch_container”: “window”,”url”: “https://outlook.office.com/mail” } ]

By setting this policy, the PWA will be pushed to all our machines to be utilized.
To have full control over the shortcut creation, we will create a DEM shortcut to have full control over who gets the PWA or the full FAT client.

First, we need to get the APP ID of the newly created PWA. Temporarily modify the “create_desktop_shortcut” to true. This will allow us to open the PWA and select the app information tab from within the chrome tab. (All screenshots are in Dutch)

PWA app information

Select Settings and this will open the app-config tab within chrome with the respective APP ID we need:

PWA chrome app id

Copy this ID, in our example, it was khlhhkpnlfadedlhmeilgfbafjmoenje.
Within DEM create a new shortcut as followed, and adjust where you find necessary of course!

DEM Outlook PWA shortcut

Target: “C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe”

Arguments: –user-data-dir=”%username%\AppData\Roaming\Chrome” –profile-directory=Default –app-id=khlhhkpnlfadedlhmeilgfbafjmoenje

Fill in the APP ID we copied previously. Apply a condition, most likely one to validate if the user is a member of the E3 users or not.
And as the last step, revert the “create_desktop_shortcut” to false, to maintain a clean desktop (i try to maintain a clean desktop principle as this directly impacts logon performance).

That’s it! You now have a fully working Microsoft Outlook PWA for your F3 users within your VMware Horizon RDSH and VDI environment.
This also works perfectly for Citrix CVAD and Microsoft AVD, only the shortcut part will be different depending on your user management tool.

So I hope this blog helped you in learning alternative methods for how to optimize your Microsoft O365 licensing using as we did with PWA’s!

Feel free to like, reshare and post any feedback!

Thank you for reading! Want to learn more about VDI in a hybrid cloud environment, see the VMware webinar I did: End-user computing (EUC) in the hybrid workspace

Leave a Reply

Your email address will not be published. Required fields are marked *