Versions Compared

Old Version 3

changes.mady.by.user Rudie Ekkelenkamp

Saved on

compared with

New Version Current

changes.mady.by.user Rudie Ekkelenkamp

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

Azure Virtual Desktop is a managed desktop environment where an Operator Client can be deployed.(https://azure.microsoft.com/nlen-nlus/services/virtual-desktop/) is a managed desktop environment where an Operator Client can be deployed.



Using IAM Access Control, using role assignments, users or groups that are allowed to use a virtual desktop session, have to be assigned one of the following roles:

  • Virtual Machine User Login
  • Virtual Machine Administrator Login

See also: https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows


When you create a session host in your hostpool, make sure the name is unqiue in your tenant. If the same name is used in the same Azure tenant, azure ad joining may fail due to conflicting names.

In the virtual host pool, the RDP properties have to be costomized in case Azure AD is usted MS Entry ID is used to login:


The following property has to be added in the advanced section:

targetisaadjoined:i:1;


It is now possible to login using a desktop client or using a browser.

To connect using a desktop client, please see:

https://docs.microsoft.com/en-us/azure/virtual-desktop/user-documentation/connect-windows-7-10


To connect using a browser, Now it should be possible to login with the following URL;

https://rdweb.wvd.microsoft.com/arm/webclient/index.html

When entering your Azure AD MS Entry ID credentials, a virtual desktop will be available.

For more information, see: https://docs.microsoft.com/en-us/azure/virtual-desktop/user-documentation/connect-web

Virtual Desktop OC Shortcut

To make the Operator Client available to users, a shortcut can be created. You should log in can login using a Bastion Host to all VMs in the hostpool (or use an ARM template to automate the process). For this example, we assume a multisession Windows 10 is used.

...

The created shortcut should be copied to the C:\Users\Public/\Desktop folder (this folder is hidden by default). Make sure the shortcut is not hidden and has the correct permissions for other users to use. This will make sure the shortcut will be visible to all users who login.

...

Once the start on connect feature has been abled, to minimize the usage costs, a schedule should can be created to shutdown the host pool virtual machines. For example, the VMs can be shutdown after working hours or on the weekend.

The VM has an option to autoshutdown, which is the most conventiens way.

Alternatively automation can be usedFor more information, see:

https://docs.microsoft.com/en-us/azure/automation/automation-solution-vm-management

For this example to work the automation account needs to have a system assigned identity and it should have the "Virtual Machine Contributor" role assigned to the resource group the virtual machine is running in.

As an example see the following runbook that will stop a VM with the name OC-0:

Image Added


When the runbook is scheduled daily, a runbook job will be triggered that will shutdown the Virtual Dekstop OC:

Image Added