Complete Guide to Setup Azure Virtual Desktop

Setting up Azure Virtual Desktop is a straightforward process that requires a few key steps. First, you'll need to create a virtual network in your Azure account.

To do this, navigate to the Azure portal and click on "Virtual networks" in the sidebar. Then, click on "Create virtual network" and follow the prompts to set up your virtual network.

The next step is to create a virtual machine that will serve as the host for your Azure Virtual Desktop. This can be done by clicking on "Virtual machines" in the Azure portal and then clicking on "Create virtual machine".

For the virtual machine, you'll need to select the correct image from the Azure Marketplace, which includes Windows 10 Enterprise and Windows 11 Enterprise.

To set up Azure Virtual Desktop, you'll need to ensure you have a few things in place.

You'll need an Azure account with an active subscription, and the free tier account is sufficient for this tutorial.

You'll also need a local environment to access the virtual desktops, such as a laptop or desktop computer running Windows 10, macOS, or Linux.

For remote access, you'll need to install the Remote Desktop Client on your local machine, as the default Remote Desktop Connection application won't work for this tutorial.

Here's a summary of the prerequisites:

To set up Azure Virtual Desktop, you'll need to create a new Azure Virtual Desktop host pool. This involves selecting a subscription and a resource group, then choosing a virtual network and subnet.

You can deploy Azure Virtual Desktop using the Azure portal, Azure CLI, or PowerShell. This allows you to automate the deployment process and integrate it with your existing infrastructure.

First, create a new Azure Virtual Desktop host pool, then configure the settings for the pool, such as the image and session host configuration. This will determine how users connect to and interact with the virtual desktops.

Setting up Azure Virtual Desktop requires careful consideration of its cloud-based nature. Azure Virtual Desktop will let people use their Azure Active Directory credentials to sign in to any device.

Organizations must look at their needs for a virtual desktop environment compared to the capabilities of AVD. This includes factoring in all the components that affect pricing, such as VM type and virtual resources.

Azure Virtual Desktop now supports VM automation for tasks such as scaling up and ramping down. These features can lead to a more efficient and cost-effective VDI environment.

To get the most out of Azure Virtual Desktop, it's essential to understand its integration with Azure Active Directory. Microsoft plans more integration between the two products later.

Here are some key things to consider when setting up Azure Virtual Desktop:

Azure Virtual Desktop offers multiple availability options, allowing IT admins to keep working even during data center outages.

The No infrastructure redundancy required option is one of the availability options available, which can be used in the demo.

This option allows IT admins to still work even if the data center goes down, which is a big plus for business continuity.

With Azure Virtual Desktop, IT admins can choose the availability option that best fits their needs, ensuring their work is always accessible and secure.

Setting the foundation for a successful Azure Virtual Desktop deployment is crucial. It starts with creating a new Azure Virtual Desktop workspace, which is a container that holds all the resources needed for your virtual desktop infrastructure.

You can create a new workspace using the Azure portal or Azure CLI. This will give you a unique identifier for your workspace, which you'll use to access and manage it.

To ensure proper configuration, it's essential to set the correct region for your workspace. This will determine the location of your virtual machines and other resources.

The region you choose will also impact the availability and performance of your virtual desktops. Be sure to select a region that meets your business needs.

In the Azure Virtual Desktop portal, you can configure the workspace settings, including the region, to ensure everything is set up correctly.

You'll need to configure your virtual desktop infrastructure if you added session hosts to your host pool. This involves extra setup that's covered in the following sections.

To deploy Azure Virtual Desktop, you'll need to master the implementation of virtual desktops. This includes setting up and configuring virtual desktop infrastructure on Microsoft Azure, ensuring smooth deployment processes and optimal performance.

The AZ-140 course empowers you to plan, deliver, and manage virtual desktop experiences and remote apps on Azure for various devices. Through a combination of demonstrations and hands-on labs, you'll learn to master Azure Virtual Desktop Deployment.

Here's a quick rundown of what you'll need to do:

To deploy an Azure Virtual Desktop, start by verifying your session host VM deployment from the Azure Portal. Navigate to the Azure Virtual Desktop page, then click on your host pool's name to access its overview page.

You should confirm the Can connect status is set to 1 and the Healthstate is Available, and the Powerstate is Running. These indicators confirm that the session host VM is operational and ready for user connections.

After deploying your AVD, you might need to add session hosts to your host pool, which requires some extra configuration. This includes implementing and managing FSLogix, configuring user experience settings, and installing and configuring apps on a session host.

To create a host pool, choose "Host pools" in the navigation menu and click the blue "Create host pool" button. Enter a name, select a resource group, and update the region to match your others. For the preferred app group type, select "Desktop" to provide users with a full desktop within Azure.

You can choose between a personal or pooled host pool type. Pooled is the cheapest and most common option, allowing multiple users to log onto the same host and share resources. For the load balancing algorithm, select "Depth-first" to fill the hosts up one at a time, and set the max session limit to a suitable number, such as five users per host.

Here's a summary of the host pool configuration options:

Remember to select "Yes" to add virtual machines, and choose a resource group for the VMs or select "Defaulted to same as host pool". This will create the VMs in the same resource group as the host pool, which is good for most deployments.

Choosing the right machine for your deployment is a crucial step in the process. With virtual machine size, you can pick the size of the VM depending on your ideal specifications.

This option gives you control over the resources your VM will have, such as CPU, memory, and storage. IT admins can choose the size that best fits their needs.

The size of the machine will impact the performance and scalability of your deployment. A larger machine may be necessary for resource-intensive applications.

By choosing the right machine size, you can ensure that your deployment runs smoothly and efficiently. This will save you time and resources in the long run.

When choosing an image for your hosts, IT admins can select from a variety of options. IT admins can choose the images that the hosts will receive.

In a pooled environment, you'll only see Multi-User OSes in the dropdown. This is because pooled environments are designed for multiple users to share the same resources.

For this demo, we're using Windows 11 Enterprise Multi-session plus Microsoft 365 apps. This image is optimized and contains the Office 365 suite of software.

You'll need to fill out the networking and security section of the Virtual Machine form.

In this section, IT admins can register the default application group with a new or existing workspace.

Click on Yes at Register desktop app group to proceed.

This option allows IT admins to select an existing workspace or create a new one.

For a new demo environment, it's best to create a new workspace.

To create a new workspace, simply click on Create new.

The To this workspace option is set to create a new workspace by default.

You can configure diagnostic settings, which can be handy for environment metrics.

However, it's recommended to keep them disabled in a demo environment.

To set up access and security for Azure Virtual Desktop, you need to manage access and security, which includes configuring Conditional Access policies for connections to Azure Virtual Desktop (AD DS). This will help control who can access your virtual desktops and from where.

To block and permit access to ports on the VM, you can use a network security group (NSG). If you set it to Basic, Azure will automatically create an NSG for the VMs and configure the correct ports for AVD. IT admins can also choose not to have an NSG or select their own via the Advanced command.

To add an extra layer of security, you can set up multi-factor authentication. This requires configuring a Conditional Access policy in the Microsoft 365 admin centre to require multifactor authentication for Azure Virtual Desktop. To do this, you'll need to select the radio button for all users or choose "Select users and groups" and manually specify who you want to require two-actor authentication.

To access your AVD via the Remote Desktop Client, you'll need to have the user's email address ready. Ensure you have the Remote Desktop Client installed on your device.

You'll access the workspace via the Remote Desktop Client by first selecting Subscribe with URL at the main screen and entering https://rdweb.wvd.microsoft.com into the URL field. Click Next to start the connection process.

This URL connects users to the Remote Desktop Web (RDWeb) access portal, an integral part of AVD, facilitating access to virtual desktops and applications. You'll be prompted to enter the user's password again to authenticate the connection.

To connect to the session host VM designated for the logged-in user, double-click SessionDesktop. If all goes well, the user can access an AVD session and commence their tasks.

Alternatively, you can access your Azure virtual desktop by opening a new browser window and pointing it to https://rdweb.wvd.microsoft.com/arm/webclient. You'll be automatically prompted to sign in.

You can also install the remote desktop app from the Windows store and click "Subscribe" to log in with your username and password. After entering your credentials, you should see the workspace that you created, and double-clicking on it will connect and load your Azure virtual desktop.

Access and Security is a crucial aspect of setting up Azure Virtual Desktop. You can manage access by configuring Conditional Access policies for connections to Azure Virtual Desktop (AD DS). This ensures that only authorized users can access your virtual desktop.

A network security group (NSG) is also essential for blocking and permitting access to ports on the VM. If you set it to Basic, Azure will automatically create an NSG for the VMs and configure the correct ports for AVD.

To further enhance security, you can set up Multi-Factor Authentication (MFA) for better protection. This requires creating a new policy in the Microsoft 365 admin centre, selecting users and groups, and requiring multifactor authentication for Azure Virtual Desktop.

Here's a summary of the steps to create a host pool with a session host configuration and a session host management policy using Azure PowerShell:

If you created a host pool and workspace in the same process, you'll need to register the default desktop application group from this host pool. If you didn't, you'll need to create an application group separately.

To manage and maintain your Azure Virtual Desktop infrastructure, you'll need to implement and manage FSLogix, which allows you to manage user environments and apps. This includes configuring user experience settings and installing and configuring apps on a session host.

You can also implement and manage Azure Virtual Desktop profiles, which involves packaging Windows Azure Desktop applications and using Azure AD DS. This helps ensure that your users have a seamless experience.

Key management and maintenance tasks include planning and implementing business continuity and disaster recovery, automating Azure Virtual Desktop management tasks, and monitoring and managing performance and health. You can also implement autoscaling in host pools to ensure your infrastructure scales with your needs.

Standard Pool Management is a crucial aspect of Azure Virtual Desktop. You'll want to choose a pooled host pool type, which is the cheapest and most common option, unless you have a specific reason to go with personal.

To manage a pooled host pool, you'll need to decide on a load balancing algorithm. You can choose between breadth-first and depth-first, with breadth-first spreading users across all hosts and depth-first filling hosts up one at a time.

For example, if you have four users logging onto four hosts, breadth-first will put one user on each host, while depth-first will put all four users on the same host and keep doing so until that host is full.

Here are the load balancing options in more detail:

You'll also need to set a max session limit, which determines how many users can be on a host at the same time. For example, setting the max session limit to five means each host will be limited to five users.

After you've deployed your virtual desktop infrastructure, you've got some post-deployment tasks to take care of. If you added session hosts to your host pool, you'll need to do some extra configuration.

If you created a host pool and a workspace in the same process, and you registered the default desktop application group from this host pool, you can skip to the section on assigning users to an application group. A desktop application group is created automatically when you use the Azure portal.

If you created a host pool and a workspace in the same process, but you didn't register the default desktop application group from this host pool, you'll need to create an application group. This is a straightforward process that involves using the Azure portal.

If you didn't create a workspace, you can continue to the next section and complete the rest of the article. This will guide you through the process of creating a workspace and configuring your virtual desktop infrastructure.

To create a host pool, you can use the Az.DesktopVirtualization Azure PowerShell module. This module provides a cmdlet called New-AzWvdHostPool that allows you to create a pooled host pool or a personal host pool. You'll need to replace the placeholder values with your own.

Here are the steps to create a host pool using the Az.DesktopVirtualization Azure PowerShell module:

Alternatively, you can use the desktopvirtualization extension for the Azure CLI to create a host pool. This extension provides a command called az desktopvirtualization hostpool create that allows you to create a pooled host pool or a personal host pool. You'll need to replace the placeholder values with your own.

Here are the steps to create a host pool using the desktopvirtualization extension for the Azure CLI:

Infrastructure Maintenance is a crucial aspect of managing your Azure Virtual Desktop infrastructure.

To ensure business continuity and disaster recovery, it's essential to plan and implement a strategy that meets your organization's needs. This includes automating Azure Virtual Desktop management tasks, which can help streamline processes and reduce downtime.

You can automate Azure Virtual Desktop management tasks to save time and effort.

Monitoring and managing performance and health is also vital to maintaining a healthy infrastructure. This includes keeping an eye on factors such as resource utilization, user experience, and system errors.

Implementing autoscaling in host pools (AD DS) can help optimize resource usage and improve user experience.

To ensure that your session hosts have licenses applied correctly, you need to do the following tasks: If you have the correct licenses to run Azure Virtual Desktop workloads, you can apply a Windows or Windows Server license to your session hosts as part of Azure Virtual Desktop and run them without paying for a separate license.

For session hosts running a Windows Server OS, you also need to issue them a Remote Desktop Services (RDS) client access license (CAL) from an RDS license server. You can do this by using Azure Cloud Shell in the Azure portal with the PowerShell terminal type, or run PowerShell on your local device.

To license and activate virtual machines on Azure Local, you must license and activate the virtual machines before you use them with Azure Virtual Desktop. For activating VMs that use Windows 10 Enterprise multi-session, Windows 11 Enterprise multi-session, and Windows Server 2022 Datacenter: Azure Edition, use Azure verification for VMs.

Here's a quick rundown of the licensing tasks:

Licensing is a crucial step in setting up Azure Virtual Desktop, and it's essential to understand the different requirements for licensing your session hosts.

If you have the correct licenses to run Azure Virtual Desktop workloads, you can apply a Windows or Windows Server license to your session hosts as part of Azure Virtual Desktop, and run them without paying for a separate license.

To apply a Windows or Windows Server license to your session hosts, you can create session hosts by using the Azure Virtual Desktop service, and the license will be automatically applied. However, if you create session hosts outside Azure Virtual Desktop, you might have to apply the license separately.

You need to issue a Remote Desktop Services (RDS) client access license (CAL) from an RDS license server to your session hosts if they're running a Windows Server OS.

To license and activate virtual machines on Azure Local, you must follow specific steps depending on the OS image used.

Here are the key steps to follow:

To assign users to your Azure Virtual Desktop, you'll need to go back to the Azure Portal homepage and choose "Azure Virtual Desktop", then select "Application groups" from the navigation pane.

From there, select "Assignments" from the second navigation pane, where you can add the groups you created earlier. Click "Add", select the two groups you created, and then click "Select".

You'll also want to add some other permissions at the resource group level. Go back to the Azure Portal homepage and then to the resource groups menu, where you can select "Access control (IAM)" from the navigation menu.

Click "Add" to get started, and then search for "virtual machine" to select "Virtual Machine User Login" from the results. Highlight that and click next, then the blue "Select members" link, and select the AVD users group.

Click "Review + assign" a couple of times until they've been added. You'll need to repeat this process for the admin side of things, but this time search for "Virtual Machine Administrator Login" and select your AVD administrators group.

Finish up by assigning their roles and you'll be all set.

To plan an Azure Virtual Desktop implementation, you'll want to start with the architecture. This involves designing the Azure Virtual Desktop architecture, which is a crucial step to ensure a smooth setup.

Designing the architecture will help you understand the components and how they interact with each other. You'll need to consider the user identities and profiles, which is a key aspect of Azure Virtual Desktop.

Designing for user identities and profiles will help you set up the necessary infrastructure to manage user access and data. This includes setting up Azure Active Directory (Azure AD) and configuring user profiles.

Here are the key steps to consider when planning an Azure Virtual Desktop implementation:

By following these steps, you'll be well on your way to planning a successful Azure Virtual Desktop implementation.