When Windows Virtual Desktop was free as a public preview the planet went wild. Rumors were shortly flying regarding what it may do and the way it might work. The unwashed plenty of IT professionals felt the joy of anticipation in their bones.
Well, maybe not. however the actual fact is, Windows Virtual Desktop are a few things fully new and innovative wherever Microsoft worries, therefore organizations that area unit Windows-centric retailers justifiably began to require notice and start exploring the new capabilities that would come back from deploying Windows desktops and apps within the Microsoft Azure cloud.
Microsoft recently updated its introductory information regarding Windows Virtual Desktop and its price taking a glance at if you aren’t however conversant in Microsoft’s new Windows-as-a-service providing. As for myself, however, I choose to study things like this from specialists operating within the field rather than from Microsoft’s marvelous selling engine. That’s why I recently asked fellow IT skilled Gerry Hampson to fill US in on however we are able to start operating with Windows Virtual Desktop. Gerry may be a senior authority for Ergo cluster primarily based in capital of Ireland, Ireland, and may be a specialist in Microsoft practice and implementations, notably within the space of enterprise shopper management. He has co-authored many books on System Center Configuration Manager, last the newest within the ConfigMgr Unleashed series. Gerry was 1st awarded Microsoft most valuable player in 2015 and may be a regular speaker at Microsoft Management Summit (MMS). Gerry features a web log known as Gerry Hampson Device Management, and you’ll be able to conjointly realize him on Twitter @Gerry Hampson. Let’s concentrate currently as Gerry fills US in on the way to found out Windows Virtual Desktop and set up logic containers for profile management.
What is Windows Virtual Desktop?
Microsoft proclaimed general accessibility of Windows Virtual Desktop in Sept. i feel it’s nice. What’s to not like? We are able to currently deploy a foreign Desktop answer in Azure while not having to fret regarding the underlying infrastructure. Services like entryway, brokering, licensing, and medicine area unit provided as a service in Azure
Windows Virtual Desktop permits you to deploy and scale virtualized Windows desktops and apps on Azure. It will be deployed in minutes and offers simplified management, multisession Windows ten and optimizations for workplace 365 ProPlus. We are able to deploy VMs with Windows ten or Windows Server 2016. We are able to conjointly use our own custom Windows seven pictures. As a bonus, this includes free extended support for Windows seven (extended security updates for 3 years). That’s a no brainer.
Windows ten Enterprise multisession may be a new Remote Desktop Session Host that enables multiple simultaneous interactive sessions that antecedently solely Windows Server may do. this is often solely offered with Windows Virtual Desktop.
Windows Virtual Desktop is domain-based however leverages Azure AD as associate degree identity supplier; therefore you’ll be able to use extra security controls like multifactor authentication (MFA) or conditional access. With Active Directory Federation Services (ADFS) you’ll be able to have single-sign on (SSO), that the user won’t be prompted for credentials once connecting to the VM.
Also, you’ll be able to manage the pool VMs victimization tools like ConfigMgr or Intune. ConfigMgr 1910 includes multisession support in shopper settings.
What area unit the utilization cases? In my company, we’ve enforced the answer for contractors. It saves US having to produce laptops to access company resources. It also can be used for remote operating, desktop DR, restrictive restricted environments and to help with application compatibility once upgrading from Windows seven.
Windows Virtual Desktop stipulations:
There area unit some necessities before you’ll be able to start.
- Licenses: A minimum Windows ten Enterprise E3. You ought to consult the official docs however I actually have Microsoft 365 E3 for testing.
- Obviously, you wish associate degree Azure subscription. This can price you cash (but not too much).
- User accounts: You’ll would like associate degree Azure world admin account to grant the WVD service permissions to your AD instance. You’ll conjointly have to be compelled to nominate a WVD Tenant Creator and a few check host pool users.
- You need to make a decision that directory services you may use to support your infrastructure. You’ll be able to use Azure AD, a website controller hosted in Azure, or a DC hosted on-premises with a VPN to Azure. The Azure VMs that you simply produce will be AD-joined or hybrid AD-joined (but not Azure AD-joined).
- Azure network: you wish to own a virtual network in Azure. Remember, you don’t set up DHCP in Azure virtual networks. Information science addressing is dynamic supported the appointed subnet.
- In my deployments thus far, I’ve used a DC hosted in Azure, therefore I designed a static DNS record for the DC within the properties of the virtual network. That method the host pool VMs were able to realize the DC and be part of the domain.
- Download and install the Windows Virtual Desktop PowerShell module.
Before you begin, you’ll be able to assess if the expertise would be sensible in your region. Microsoft provides associate degree expertise computer permitting you to estimate the affiliation round-trip time from your current location, through the WVD service, to every of the Azure regions within which you’ll deploy VMs.
Setting up Windows Virtual Desktop:
When all the stipulations area unit in situ, you’ll be able to deploy WVD.
- The first factor you wish to try and do is to permit Windows Virtual Desktop services to access the Azure AD tenant:
- Navigate to Windows Virtual Desktop services. Add your tenant ID and click on Submit for the Server App.
- Repeat for the shopper app.
- Then you produce the WVD tenant. this is often finished a number of straightforward PowerShell cmdlets:
- Sign into WVD victimization the Tenant Creator user account
- Create a replacement Windows Virtual Desktop tenant related to the Azure Active Directory tenant. The name you select for your new Windows Virtual Desktop tenant ought to be distinctive. You’ll would like the Tenant ID and Subscription ID for this cmdlet:
Add-RdsAccount -DeploymentUrl https://rdbroker.wvd.microsoft.com
New-RdsTenant -Name <TenantName> -AadTenantId <DirectoryID> -AzureSubscriptionId <SubscriptionID>
Then you’ll be able to produce a number pool:
- Sign in to the Azure Portal and choose produce a Resource.
- Search for Windows Virtual Desktop and choose Windows Virtual Desktop — Provision a number pool.
- There area unit four pages of details to set up. the primary page has some basics like subscription, resource cluster, Azure region, name of host pool, and desktop kind. you furthermore may set up the users which will log into these VMs (comma-separated list).
- The next page is for expected usage. This determines what number VMs are going to be deployed. Click “Change Size” if you wish to alter any VM details.
- I’m tuned in to price in my work therefore I’ve done that. Also, enter a prefix for the names of the VMs.
- The third page permits you to set up the VMs. select the following:
Image in operation System: I’ve chosen Windows ten Enterprise multi session with workplace 365 ProPlus.
- Disk type: I’ve chosen Premium SSDs for performance.
- Domain is part of account and password: The account should already be designed on the domain. this needs positive identification complexness therefore take care here.
- Domain and domain OU: keep in mind, the VMs should be able to realize the DC.
- Virtual network and subnet: make certain your DNS configuration is in intact
- The final page asks for the WVD tenant details. Enter the tenant name and therefore the owner account details.
- The host pool is revealed mechanically to the users you set up.
Then you’ll be able to set up the fslogix instrumentality, which can get into within the next section.
Remember roaming profiles? I’ve invariably scorned them. They grow in
size and find out
of management. Once a user logs within the entire profile
is traced from a
central location to the desktop. this
will take ages and provides a awfully poor user expertise.
Fslogix containers area unit designed to produce “similar” practicality in remote computing environments, like WVD. The profile is kept in associate degree fslogix instrumentality. Once a user logs into a VM within the host pool, the instrumentality is dynamically connected as a VHD or VHDX file — primarily a tough disk. The user profile is straight away offered and seems specifically sort of a native user profile. No knowledge is traced that the performance and user expertise area unit first-class (which is why fslogix has been the trade leader during this house for quite some time).
Microsoft has purchased fslogix therefore this technology is currently offered in WVD, for free. Fslogix isn’t authorized severally (and doesn’t really need a license key to install). It’s enclosed with several Microsoft licensing bundles (for example, Microsoft 365 E3/E5).
The next call that has got to be created is wherever to host the fslogix containers. you have got some choices:
- On a file share: this is often the one I’ve enforced in my work and it’s the simplest. I created a replacement VM and designed a share \\WVDShare\fslogix.
- You can use Azure Files in conjunction with Azure AD Domain Services.
- Azure NetApp Files: this is often associate degree enterprise-class, superior, metered file storage service. you have got to register by submitting a waitlist request.
Download this nothing file and install the fslogix software system on all the VMs within the host pool. I solely had 3 VMs therefore I did this manually. However, you’ll use a management tool like SCCM to automatize the installation.
You set up fslogix within the written record. This configuration tells fslogix wherever to avoid wasting the user profile and may be exported to the opposite VMs.
- Navigate to HKLM\Software\FSLogix.
- Create a key named Profiles.
- Create the subsequent values for the Profiles key:
Type: Multi-String worth
Working with Windows Virtual Desktop:
So currently that you’ve created the host pools, however will the users access the virtual desktops? You have got some options:
- There is a Windows Remote Desktop full client: There area unit x86 and x64 versions and it supports Windows seven and Windows ten. Once you launch the app, you choose Subscribe and after you sign on, you’ll be able to see the host pool. The Remote desktop app is additionally supported on W10 IoT devices.
- You can use associate degree hypertext markup language five browser.
There also are Remote Desktop apps for mechanical man, iOS, and macOS.
MSIX app attaches:
MSIX may be a Windows app package format. It provides a contemporary packaging expertise for every kind of Windows applications. Existing applications also can be reborn into MSIX packages victimization the MSIX packaging tool.
MSIX app attach (as the name suggests) is wherever the applying (stored in MSIX format on a central location) is connected to the package. once attaching, applications look and feel as regionally put in to the user additionally because the package. Once combining fslogix profile containers and MSIX app attach, the package stays fully clean. Data, profiles, and applications area unit absolutely separated.
The primary focus for this web log post has been on the desktop expertise however it’s price mentioning the RemoteApp
RemoteApp permits US to deliver a streaming
application expertise to a foreign shopper whereas providing
users the expertise of
a regionally put in application.
Some of the advantages include:
- RemoteApps area unit launched from a user’s begin menu sort of a traditional application.
- Updates to the RemoteApps will be revealed to a user with none impact on the end-user.
- RemoteApps hoping on backend knowledge will be co-hosted within the same Azure region leaving quick access even for users on slower web links.
- Users with restricted cypher performance or while not dedicated graphics cards will still run high-demand applications victimization the facility of the host.
I hope this walkthrough has been useful for you to find out regarding and find started with Windows Virtual Desktop.