Azure, Windows Virtual Desktop
How to configure windows virtual desktop in an azure subscription
Microsoft Azure Windows Virtual Desktop is a desktop and
application virtualization service that runs on the cloud.
More information is available here:
Microsoft provides a seven-step guide on getting started
with Windows Virtual Desktop (WVD), but we must adjust a couple of the steps to
work in our distributed IT environment.
Microsoft’s general tutorial on setting up Windows Virtual
Desktop in your subscription:
The Technology Services Cloud Team will create the Windows
Virtual Desktop tenant for your subscription (Step 1). We will also assign the
role of “RDS Owner” to the requestor so that you can use a resource account for
running the WVD host pool instead of using a “Service Principal” (Step 2).
Then you should be able to follow steps 2 through 6 to
complete the configuration and manage your WVD environment.
To get started send an email to email@example.com
indicating you would like WVD added to your subscription with the following
- Name of the subscription
- NETID of the person to get the “RDS Owner” role
Once you have the WVD tenant created and “RDS Owner”
permission you can grant your resource account “RDS Owner” or “RDS Contributor”
Start with the “Create a role assignment in Windows
Virtual Desktop” section on step 2:
Once you have the PowerShell module for WVD you will grant
your resource account the permissions with the following PowerShell command:
New-RdsRoleAssignment -RoleDefinitionName "RDS
Owner" -TenantName “WVDtenantname” -SignInName firstname.lastname@example.org
If you grant this resource account permissions to create
computer objects in your Active Directory Organizational Unit (AD OU) then you
will not need to pre-stage the computer objects.
You can then go to step 3 in Microsoft’s tutorial since we
are not using service principals, “Create a host pool by using the Azure
On the last step of the wizard “Windows Virtual Desktop
information” you will want to use the resource account UPN for the “Windows
Virtual Desktop tenant RDS Owner” that we granted in step 2 (see image below).