Easily Set Up Host Pools for Windows Virtual Desktop on Azure

By | June 9, 2020

You might be investigating how to have a host pool in the cloud and wanted to move out of that Citrix, VMWare and Hyper-V Environments that’s why you where here, well its your lucky day because our article for today is how to Easily Set Up Host Pools for Windows Virtual Desktop on Azure and its really that simple, all you need is an Azure Subscription then your’e off.  At the moment of this writing Windows Virtual Desktop is only available as a tech preview and this was the case since late last year, we don’t know what that entails but that preview is fully working, whether or not you want to use it on a Production Environment, its all up to you.

So what is Microsoft Windows Virtual Desktop? In simple words, it is an out of the box and automated Desktop as a Service (DaaS) hosted in Azure.  Like your current non-cloud pools the infrastructure on the cloud comprises of these important elements: Web interface, Gateway, Broker, Diagnostics and Licensing all of which are hosted in Azure which is good since you can leverage things like security, automation, load balancing, geolocation, and many more.  In addition to that, goodbye hardware maintenance, no more on-premises or Data Centre infrastructure to think of, best of all the infrastructure is all free and managed by Microsoft, all you need to pay for are the virtual machines, storage, network and traffic.  While all of this are not new, what is exciting here is the use of Windows 10 on a multi session environment and that is only available through Azure, that means goodbye Windows Server with Remote Desktop Session Host.  Having said that WVD can also use different flavours of Windows OS like Windows Server (2012 R2, 2016, 2019), Windows (10 VDI, 10 EVD) and Windows 7.


While Windows Virtual Desktop is a great option for businesses out there, let me tell you now that with regards to User Interface and Product features you might find the non cloud hosts that you are using right now will have more features and functionalities than this cloud offering but Azure is catching up, really fast.

Now enough with that lengthy introduction and lets start building, so this post will walk you through the the simple processes for creating a host pool for a Windows Virtual Desktop environment, of course using the Azure portal.  All of the UI is delivered through the browser so all you need is Chrome to manage it.  If your are an MSDN or Visual Studio subscriber then you will have credits for it so do your self a favour, play around, learn new things and try this amazing piece of technology.  You can also sign up for a 12 month of free service.


So what would you expect in this article.

At the end of this process you will be able to create a resource group with VMs in an Azure subscription, join those VMs to the Azure Active Directory (AD) domain, and register the VMs with Windows Virtual Desktop.   Before starting we will run under the premise that you have an Azure Subscription with access to to it, working Azure Active Directory connected to your on Premise AD, you will also have set up a Express Routes and all things underlying it so that it can connect to your local network.

Lets start.


First, search for Windows Virtual Desktop on your tenant, then click Create a Host Pool.

Fill  up the following:


Subscription: The subscription you want to use
Resource Group: The resource group you want to allocate the Pool under the subscription
Host Pool Name: The name for your Host Pool
Location: Select region where the windows virtual desktop object will be created. The metadata for the object will be stored in the geography associated with the region.
Host Pool Type: Pooled or Personal.  Pooled desktops is when you have multiple users on the same virtual machine. Personal desktops is when users connect one-to-one (one user per desktop VM).
Max session Limit: The maximum number of users that have concurrent sessions on a session host.
Load Balancing Algorithm: Breadth-first load balancing distributes new user sessions across all available session hosts in the host pool. Depth-first load balancing distributes new user sessions to an available session host with the highest number of connections but has not reached its maximum session limit threshold.

Now once you had decided whats right for you click Next: Virtual Machines


Take note here are the locations where you can host it as of this writing.  Don’t worry if your region is not near any of this, this is just the location of the host.

Next lets add some virtual machines into the pool, so choose Yes then fill up the following information

Resource Group: The resource group you want to allocate the Pool under the subscription
Virtual Machine Location: You can choose a different region for virtual machines than the host pool, especially if you want metadata to be stored in a particular geography but you want the virtual machines closer to the user.
Virtual Machine Size: Select a virtual machine size to support the workload that you want to run. The size that you choose then determines factors such as processing power, memory, and storage capacity. Azure offers a wide variety of sizes to support many types of uses. Azure charges an hourly price based on the virtual machine’s size and operating system.  The lowest configuration is DS1_v2, with 1 vCPU, 3.5 GB RAM, 4 Data Disks, 3200 Max IOPS, and 7 GB of Temporary Storage.
Number of VMs: Amount of VMs you want to provision
Name prefix: A name for your session host
Image type: Where you want to get your image for your VM, Gallery is from predefined Images from Azure, or if  you have one you can choose to upload it to your storage blob and use that instead.  In this example we use gallery since we don’t have a base image yet.
Image: Choose the base image to create virtual machines.
OS disk type: Standard SSD Disks are a cost effective storage option optimized for workloads that need consistent performance at lower IOPS levels. Premium SSD disks offer high-performance, low-latency disk support for I/O-intensive applications and production workloads. Use Standard HDD disks for Dev/Test scenarios and less critical workloads at lowest cost.
Use managed disks: For best performance, reliability, scalability and access control we recommend Azure Managed Disks for most virtual machine configurations. Use unmanaged disks if you need to support certain classic scenarios or want to manage disk VHDs in your own storage account.
Virtual Network: Now remember I told you you need to have Express Routes and all network thingamagic under it, you need it here

Public IP: Use a public IP address if you want to communicate with the virtual machine from outside the virtual network.  I choose no, since this example is connected via my own network for enhanced security.
Network Security Group: A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, the virtual machine. To simplify management of security rules, it’s recommended that you associate a network security group to individual subnets, rather than individual network interfaces within the subnet, whenever possible.
Public Inbound Ports: By default, access to the virtual machine is restricted to sources in the same virtual network, and traffic from Azure load balancing solutions. Select None to confirm, or choose to allow traffic from the public internet to one of these common ports.
Inbound Ports to Allow: We are not doing this and just use the standard ports, again for security reasons.
Specify domain or unit: Select yes to join virtual machines to a specific domain or organization unit (OU). Select no to not join the virtual machines to an OU. If you select no, the domain name will use the suffix of the Active Directory domain join UPN by default. For example, the user “[email protected]” would get the default domain name “yourdomain.com”.  This is one of the reasons why I said you need a working Azure Active Directory connected to your on Premise AD, or just a working Azure Active Directory will do.
Domain to join: Full domain name of the Active Directory Domain to which session host VMs are going to be joined. For example, “yourdomain.com” or “site1.yourdomain.com”.
Organizational Unit path: Enter the name of the organizational unit (OU) you would like the virtual machines to join. If you do not have a specific OU, leave this parameter empty. The OU should look like ‘OU=unit1,DC=yourdomain,DC=com’
AD domain join UPN: UPN of an Active Directory user that has permissions and will be used to join the virtual machines to your domain. For example, [email protected] A local user account with this name will be created on each virtual machine. You can delete the user or reset the password after initial VM provisioning.
Password: The domain administrator password for the host pool.
Confirm password: Confirm your administrator password.

Now once you have all of the information right, click Next: Workspace

Now lets register and app group.
To the workspace name you will indicate.
The host pool setup process creates a desktop application group by default. For the host pool to work as intended, you’ll need to publish this app group to users or user groups, and you must register the app group to a workspace.

Now click Next: Tags

Add a tag if you want to, this will come in handy if you have a big Azure landscape, easier for searching things.

Click Next: Review + create

It will start to do its validation

And once valid, it will show you a summary of what you want to provision.

Click Create when you are happy with your configuration

After clicking that create, there are no more confirmation and Deployment will be in progress.

You can also see a summary of what’s happening.

Once done you will be presented with a “Your deployment is complete” screen.  And that’s it, now lets test that baby out.

Now search for Host pools in that Azure search box, the one you created should be visible there.

If you had connected to your on Premise AD, go to your Active Directory Users and Computers then you will see the Virtual Machine you created will be there too.

Now the ultimate test, lets RDP into that.

And booyah! its online

You can assign that desktop to people now by going to the Application Groups and to the Application group you created.   Go to assignments and assign a group or a person to have access to it.

Now lets connect using the web client.  This web client lets you access your Windows Virtual Desktop resources from a web browser without the lengthy installation process plus you can have many desktop session in the comfort of your browsers tabbed environment.  Go to https://rdweb.wvd.microsoft.com/arm/webclient/

Select consent option
Select “Server App” to give the consent to the back-end web app to specific tenant
Select “Client App” to give the consent to the front end client app to specific tenant
Please note that if you choose to consent to “Client App” only, then user will need to consent at every sign-in.
Also allow 30 seconds delay between consenting “Server” and “Client” apps so that the changes are propagated in Azure.

Place your AAD Tenant GUID or Name, click submit.

Enter your credentials.

Accept Permissions requested for your organization for Windows Virtual Desktop Client

Then Booyah, you are in using a web browser.  How easy is that?

Recommended

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.