Configure Media Transfer Protocol and Picture Transfer Protocol redirection on Windows over the Remote Desktop Protocol
Tip
This article is shared for services and products that use the Remote Desktop Protocol (RDP) to provide remote access to Windows desktops and apps.
Select a product using the buttons at the top of this article to show the relevant content.
You can configure the redirection behavior of peripherals that use the Media Transfer Protocol (MTP) or Picture Transfer Protocol (PTP), such as a digital camera, from a local device to a remote session over the Remote Desktop Protocol (RDP).
For Azure Virtual Desktop, we recommend you enable MTP and PTP redirection on your session hosts using Group Policy, then control redirection using the host pool RDP properties.
For Windows 365, you can configure your Cloud PCs using Group Policy. Once enabled, Windows 365 redirects all supported MTP and PTP peripherals.
For Microsoft Dev Box, you can configure your dev boxes using Group Policy. Once enabled, Microsoft Dev Box redirects all supported MTP and PTP peripherals.
This article provides information about the supported redirection methods and how to configure the redirection behavior for MTP and PTP peripherals. To learn more about how redirection works, see Redirection over the Remote Desktop Protocol.
MTP and PTP redirection vs USB redirection
Most MTP and PTP peripherals connect to a computer over USB. RDP supports redirecting MTP and PTP peripherals using native MTP and PTP redirection or opaque low-levelUSB device redirection, independent of each other. Behavior depends on the peripheral and its supported features.
Both redirection methods redirect the device to the remote session listed under Portable Devices in Device Manager. This device class is WPD
and the device class GUID is {eec5ad98-8080-425f-922a-dabf3de3f69a}
. You can find a list of the device classes at System-Defined Device Setup Classes Available to Vendors
Devices are redirected differently depending on the redirection method used. MTP and PTP redirection uses high-level redirection; the peripheral is available locally and in the remote session concurrently, and requires the relevant driver installed locally. Opaque low-level USB redirection transports the raw communication of a peripheral, so requires the relevant driver installed in the remote session. You should use high-level redirection methods where possible. For more information, see Redirection methods.
The following example shows the difference when redirecting an Apple iPhone using the two methods. Both methods achieve the same result where pictures can be imported from the iPhone to the remote session.
Using MTP and PTP redirection, the iPhone is listed as Digital Still Camera to applications and under Portable Devices in Device Manager:
Using USB redirection, the iPhone is listed as Apple iPhone to applications and under Portable Devices in Device Manager:
The rest of this article covers MTP and PTP redirection. To learn how to configure USB redirection, see Configure USB redirection on Windows over the Remote Desktop Protocol.
Prerequisites
Before you can configure MTP and PTP redirection, you need:
An existing host pool with session hosts.
A Microsoft Entra ID account that is assigned the Desktop Virtualization Host Pool Contributor built-in role-based access control (RBAC) roles on the host pool as a minimum.
- An existing Cloud PC.
- An existing dev box.
A device that supports MTP or PTP you can use to test the redirection configuration connected to a local device.
To configure Group Policy, you need:
- A domain account that has permission to create or edit Group Policy objects.
- A security group or organizational unit (OU) containing the devices you want to configure.
You need to connect to a remote session from a supported app and platform. To view redirection support in Windows App and the Remote Desktop app, see Compare Windows App features across platforms and devices and Compare Remote Desktop app features across platforms and devices.
MTP and PTP redirection
Configuration of a session host using Group Policy, or setting an RDP property on a host pool governs the ability to redirect MTP and PTP peripherals between the remote session and the local device, which is subject to a priority order.
The default configuration is:
- Windows operating system: MTP and PTP redirection isn't allowed.
- Azure Virtual Desktop host pool RDP properties: MTP and PTP devices are redirected from the local device to the remote session.
- Resultant default behavior: MTP and PTP peripherals aren't redirected.
Important
Take care when configuring redirection settings as the most restrictive setting is the resultant behavior. For example, if you disable MTP and PTP redirection on a session host with Group Policy, but enable it with the host pool RDP property, redirection is disabled. You can also specify individual MTP and PTP peripherals to redirect only.
Configuration of a Cloud PC governs the ability to redirect MTP and PTP peripherals between the remote session and the local device, and is set using Group Policy.
The default configuration is:
- Windows operating system: MTP and PTP redirection isn't allowed.
- Windows 365: MTP and PTP redirection is enabled.
- Resultant default behavior: MTP and PTP peripherals are redirected.
Configuration of a dev box governs the ability to redirect the MTP and PTP peripherals between the remote session and the local device, and is set using Group Policy.
The default configuration is:
- Windows operating system: MTP and PTP redirection isn't allowed.
- Microsoft Dev Box: MTP and PTP redirection is enabled.
- Resultant default behavior: MTP and PTP peripherals are redirected.
Configure MTP and PTP redirection using host pool RDP properties
The Azure Virtual Desktop host pool setting MTP and PTP device redirection controls whether to redirect MTP and PTP peripherals between the remote session and the local device. The corresponding RDP property is devicestoredirect:s:<value>
. For more information, see Supported RDP properties.
To configure MTP and PTP redirection using host pool RDP properties:
Sign in to the Azure portal.
In the search bar, type Azure Virtual Desktop and select the matching service entry.
Select Host pools, then select the host pool you want to configure.
Select RDP Properties, then select Device redirection.
For MTP and PTP device redirection, select the drop-down list, then select one of the following options:
- Don't redirect any devices
- Redirect portable media players based on the Media Transfer Protocol (MTP) and digital cameras based on the Picture Transfer Protocol (PTP) (default)
- Not configured
Select Save.
Tip
If you enable redirection using host pool RDP properties, you need the check that redirection isn't blocked by a Group Policy setting.
Optional: Retrieve specific MTP and PTP device instance IDs and add them to the RDP property
By default, the host pool RDP property will redirect all supported MTP and PTP peripherals, but you can also enter specific device instance IDs in the host pool properties so that only the peripherals you approve are redirected. To retrieve the device instance IDs available of the USB devices on a local device you want to redirect:
On the local device, connect any devices you want to redirect.
Open a PowerShell prompt and run the following command:
Get-PnPdevice | Where-Object {$_.Class -eq "WPD" -and $_.Status -eq "OK"} | FT -AutoSize
The output is similar to the following output. Make a note of the InstanceId value for each device you want to redirect.
Status Class FriendlyName InstanceId ------ ----- ------------ ---------- OK WPD Apple iPhone USB\VID_05AC&PID_12A8&MI_00\B&1A733E8B&0&0000
In the Azure portal, return to the host pool RDP properties configuration, and select Advanced.
In the text box, find the relevant RDP property, which by default is
devicestoredirect:s:*
, then add the instance IDs you want to redirect, as shown in the following example. Separate each device instance ID with a semi-colon (;
).devicestoredirect:s:USB\VID_05AC&PID_12A8&MI_00\B&1A733E8B&0&0000
Select Save.
Tip
The following behavior is expected when you specify an instance ID:
If you refresh the Azure portal, the value you entered changes to lowercase and each backslash character in the instance ID is escaped by another backslash character.
When you navigate to the Device redirection tab, the value for MTP and PTP device redirection is blank.
Configure MTP and PTP redirection using Group Policy
Configure MTP and PTP redirection using Group Policy
Select the relevant tab for your scenario.
To allow or disable MTP and PTP redirection using Group Policy:
Open the Group Policy Management console on device you use to manage the Active Directory domain.
Create or edit a policy that targets the computers providing a remote session you want to configure.
Navigate to Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection.
Double-click the policy setting Do not allow supported Plug and Play device redirection to open it.
To allow MTP and PTP redirection, select Disabled, then select OK.
To disable MTP and PTP redirection, select Enabled, then select OK.
Ensure the policy is applied to the computers providing a remote session, then restart them for the settings to take effect.
Note
When you configure the Group Policy setting Do not allow supported Plug and Play device redirection, it also affects USB redirection.
Test MTP and PTP redirection
To test MTP and PTP redirection:
Make sure a device that supports MTP or PTP is connected to the local device.
Connect to a remote session using Window App or the Remote Desktop app on a platform that supports MTP and PTP redirection. For more information, see Compare Windows App features across platforms and devices and Compare Remote Desktop app features across platforms and devices.
Check the MTP or PTP device is available in the remote session. Here are some ways to check:
Open the Photos app (from Microsoft) in the remote session from the start menu. Select Import and check the redirected device appears in the list of connected devices.
Open a PowerShell prompt in the remote session and run the following command:
Get-PnPdevice | ? Class -eq "WPD" | FT -AutoSize
The output is similar to the following output:
Status Class FriendlyName InstanceId ------ ----- ------------ ---------- OK WPD Digital Still Camera TSBUS\UMB\2&FD4482C&0&TSDEVICE#0002.0003
You can verify whether the device is redirected using MTP and PTP redirection or USB redirection by the InstanceId value:
For MTP and PTP redirection, the InstanceId value begins with
TSBUS
.For USB redirection, the InstanceId value begins
USB
.
Open an application and print a test page to verify the printer is functioning correctly.