Azure, Windows Virtual Desktop

How to configure windows virtual desktop in an azure subscription

Microsoft Azure Windows Virtual Desktop is a desktop and application virtualization service that runs on the cloud.

More information is available here:

https://docs.microsoft.com/en-us/azure/virtual-desktop/


Setup

Microsoft provides a seven-step guide on getting started with Windows Virtual Desktop (WVD), but we must adjust a couple of the steps to work in our distributed IT environment.

Microsoft’s general tutorial on setting up Windows Virtual Desktop in your subscription:

https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory

The Technology Services Cloud Team will create the Windows Virtual Desktop tenant for your subscription (Step 1). We will also assign the role of “RDS Owner” to the requestor so that you can use a resource account for running the WVD host pool instead of using a “Service Principal” (Step 2).

Then you should be able to follow steps 2 through 6 to complete the configuration and manage your WVD environment.

To get started send an email to azure-support@illinois.edu indicating you would like WVD added to your subscription with the following information:

  • Name of the subscription
  • NETID of the person to get the “RDS Owner” role
Once you have the WVD tenant created and “RDS Owner” permission you can grant your resource account “RDS Owner” or “RDS Contributor” permissions. 

You can read about RDS Roles and associated PowerShell cmdlets here: https://docs.microsoft.com/en-us/azure/virtual-desktop/delegated-access-virtual-desktop

Start with the “Create a role assignment in Windows Virtual Desktop” section on step 2:


Once you have the PowerShell module for WVD you will grant your resource account the permissions with the following PowerShell command:

New-RdsRoleAssignment -RoleDefinitionName "RDS Owner" -TenantName “WVDtenantname” -SignInName username@ad.uillinois.edu

If you grant this resource account permissions to create computer objects in your Active Directory Organizational Unit (AD OU) then you will not need to pre-stage the computer objects.

You can then go to step 3 in Microsoft’s tutorial since we are not using service principals, “Create a host pool by using the Azure Marketplace”.

On the last step of the wizard “Windows Virtual Desktop information” you will want to use the resource account UPN for the “Windows Virtual Desktop tenant RDS Owner” that we granted in step 2 (see image below).

wvd

See Also:




Keywords:Microsoft, Azure, Cloud, windows, desktop, remote   Doc ID:95343
Owner:Joshua M.Group:University of Illinois Technology Services
Created:2019-10-28 08:59 CSTUpdated:2019-10-28 10:07 CST
Sites:University of Illinois Technology Services
Feedback:  0   0