- Coming up, I'll walk you
through all the steps to get Azure Virtual Desktop
up and running quickly. This is part two in our
series on the service. And by the way, if you're
new to Azure Virtual Desktop and all of its capabilities,
I'd encourage you to check out our recent show covering the service at a higher level at aka.ms/AVDMechanics. Now let me show you what
you need to get started and the fastest way to get
Azure Virtual Desktop deployed with identity integration,
multi-session host pools, container profiles, Remote Apps, and more. And along the way, I'll
point out what's unique to the service and the
things you should know about. And if you've tried this before or currently have VDI running, you'll see it's a streamlined
provisioning experience with automation built in
based on your parameters. And you'll also save time with directory service
setup and integration. First, for prerequisites, you'll need to have a few things in place before you set up your Azure
Virtual Desktop instance, including an active Azure
account and subscription. You'll also need to have access to a global administrator Azure AD role in the Azure tenant that you intend to use and for your Azure subscription, a contributor, as well as a
user access administrator. And because we'll be setting
up a new Azure Active Directory Domain Services instance, in this case, you shouldn't have an
existing instance running. Next, we'll move on to the deployment steps
for Azure Virtual Desktop. So, logged in with your administrator
account in the Azure portal, search for Azure Virtual
Desktop and select it. And this is where you'll set up host pools containing virtual
machines, application groups to assign Remote Apps to users, workspaces as logical groupings of application groups,
scaling plan and users to scope access to running
Azure Virtual Desktop resources. You'll start the provisioning process by selecting "Getting
Started" on the top left. Here, you'll make sure the
correct subscription's selected. For identity provider, you'll see that if you do want to use an existing on-premises active directory or an existing Azure AD
Domain Services instance, that's another option. But in this case, we'll
use no identity provider, assuming you are starting from scratch. Next, for identity service type, we'll select Azure AD domain services. Then we'll create a resource
group with a unique name. So I'll type AVD mechanics. In location, you'll
want to select a region typically closest to your
users, so I'll choose West US. And for Azure admin
username, I'll use my account with the sufficient permissions
required to deploy resources and grant access to them. Then you'll enter a
password for that account and the next account will be
used to join virtual machines to the domain. I'll use my account again
in this case for simplicity and input my password again. Next, we'll move on to
the virtual machines tab where you'll be creating
your first session hosts. So here, the users per virtual machine will determine if you
want more than one user simultaneously logged into a single vm. Now this uses a capability unique to Azure Virtual Desktop
to help save costs and improve utilization called Windows multi-session, which used to be a server only capability. And now here you can also use it with Windows 11 or Windows
10 client operating systems. The other option is one user at a time which would be a single
dedicated virtual machine to one user. Now in our case, we'll
select multiple users and next, in image,
you'll see we can choose from a number of supported Windows client and server virtual machine
images for Azure Virtual Desktop. And these include recent updates at the specified feature update level and some have Microsoft
365 apps pre-installed. So I'll choose Windows 11
enterprise multi-session plus Microsoft 365 apps, version 22H2. Now optionally in Azure
Virtual Desktop, you can create and manage your own virtual
machine images and choose those in addition to the standard
gallery images that we just saw. Next, in virtual machine
size, you can select from hundreds of supported
VM sizes in Azure including general purpose
VMs like you see in here. And there are also specialized VMs, for example, with GPU support that you can use for demanding workloads. Now in my case, since we're just testing I'll choose a B series general Purpose VM. Then you'll define a unique prefix to identify your VMs later. So I'll use avdb in this example. Then you'll select the number
of VMs in the host pool. So I'll choose two. Now with your host pool VMs configured, you'll create an initial user
assignment for this host pool in the assignments tab. For test username, I'll add the user principle
name for avd test user, then a password and a password
one more time to confirm. Now with the core steps complete, the wizard's going to validate everything and from there, I can create
all the resources necessary for Azure Virtual Desktop. And that's it. This process will now deploy
several resources and services on your behalf, including four
new Azure resource groups, the Azure AD domain
service that'll be used for authentication, a storage account to store data FSLogix profile containers to support your multi-session environment, your host pool and virtual machines, an application group and a workspace, a virtual network or VNet and a few network interfaces
to connect everything up. A network security group, a
pair of new Azure AD groups and the VM joiner and test user accounts we configured in the previous step. So we now have the service up and running with the desktop host group. Now, one of the advantages of using Azure Virtual Desktop compared to our hosted VM is that you can use Remote Apps. So let's take a look at
the application group we deployed and configure a Remote App. Now this is where you
define the Remote Apps and full desktops that you want
to make available to users. And these can be
pre-installed Windows apps or other apps within the
Windows image that you deployed. Now in our case, we
install Microsoft 365 apps with familiar office applications. So let's define a new app. We'll configure Microsoft
Teams in our case. In basics, you define your
normal Azure parameters along with your corresponding host pool. Here, I'm using a different
one than we've just created. I'll choose a remote app in this case and I'll give it a name; Microsoft365apps, without any spaces. Next, in the applications tab,
we'll define the specifics of the app and what the users will see. So I'll add my app, I'll keep the application
sourced as the start menu. Now I'll choose Microsoft
Teams work or school and the display name is
generated automatically but you can edit it if you want. I'm going to keep the icon path and index. We can skip the command
line in this case and save. Next, in assignments, I've
already created a group of licensed Azure Virtual
Desktop users called AVD users and I'll add them. Next, in the workspace tab, you can register your
app group to a workspace. The workspace can have multiple
app groups assigned to it. Here I'll choose yes and select EB-AVD-WS. For the rest, I'll leave the defaults and hit review and create. And from there, I'll confirm
to kick off the process. And if I go back to the
workspace I showed before with just a desktop app
group type, you can see that we have a Remote App
group type as well now. So now with everything running and our application group's configured, let's test it out. So first, I'll start in the browser. I've already navigated to aka.ms/AVDweb. I'll log in with my
username, then my password. And since I've set up my
account for multifactor auth, I'll approve on my phone along
with a required biometric. So here you can see that
I've got the desktop and the Microsoft Teams app from both of my app groups. I'll open the session desktop
and it requests access to the local clipboard,
microphone and printer. Now, as an admin, you can control whether users can enable
these integrations but in my case, I'll hit allow to connect to my desktop. Now based on my configuration, I need to enter my password once more for the VM to authenticate
against the domain service. I'll open the desktop and you'll see it's the
full Windows 11 desktop ready to go. And while a browser's a
really flexible way to access your desktops and Remote Apps, the remote desktop client
has deeper integration with Windows, like access to webcams and better integration
with the Windows shell. So it's the recommended way
to connect to your hosts. And just so you know,
there are clients available for Windows, Mac, iOS, and Android. I've got the Windows
Remote Desktop app open and it's already signed into my account. You can see the same app and desktop that we saw
in the browser client. And if I open the Teams app, it will connect to the session host and you'll see it looks like
a native local app window that I can move like any other app
window, where I want it. And I can also resize it,
even though it's a Remote App. I'll show you that in the
Teams device settings. And if I scroll down, you can see that I've got
my local webcam available just like it would be on my local PC. And one last thing to point
out while I have Teams open, since we use the gallery image with the Microsoft 365 apps pre-installed when we created the host pool, it's got the built-in optimizations pre-configured for AudioVideo-redirect. Now without it for users
to share and receive video from their virtual machines
to the local devices, multiple encoding and
decoding hops need to happen, which causes lag and stutter
during online meetings whereas AudioVideo-redirect
creates a more direct connection between local device cameras and microphones via the Teams service. So now we have a fully
operational Azure Virtual Desktop environment with desktops and Remote Apps available to a few users. There's more to come in our series on Mechanics
for Azure Virtual Desktops. So please check out the complete playlist at aka.ms/AVDMechanicsSeries. Be sure to subscribe
and thanks for watching.
