book

Mastering Azure Virtual Desktop - Second Edition

by Ryan Mangan, Neil McLoughlin, Marcel Meurer

July 2024

Intermediate to advanced

718 pages

14h 54m

English

Packt Publishing

Read now

Unlock full access

ForewordContributorsAbout the authorsGuest authorAbout the reviewers
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesConventions usedGet in touchShare Your ThoughtsDownload a free PDF copy of this book
Desktop virtualizationAzure Virtual Desktop – What is it?Providing the best user experienceEnhanced securitySimplifying managementManaging AVD performanceWhat licenses do I need?Comparing Windows 365 and Azure Virtual DesktopHow does Azure Virtual Desktop work?What’s managed by Microsoft and what you manageWhat Microsoft managesWhat does the customer manage?Azure Virtual Desktop Stack HCISummary
Assessing existing physical and virtual desktop environmentsAssessing AVD deploymentsUser personasApplication groupsAssessing the network capacity and speed requirements for AVDApplicationsDisplay resolutionsAVD experience estimatorRDP bandwidth requirementsEstimating bandwidth utilizationEstimating the bandwidth that’s used by remote graphicsDynamic bandwidth allocationLimit network bandwidth use with throttle rate limitingReverse connect transportSession host communication channelClient connection sequenceConnection securityIdentifying an OS for an AVD implementationSupported Azure OS imagesWhat is Windows 11 multi-session?Customizing the Windows 11 multi-session image for your organizationPlanning and configuring name resolution for AD and Microsoft Entra Domain ServicesPlanning a host pool architectureApp groupsEnd usersRegistering the DesktopVirtualization resource providerRegistering the provider using Azure PowerShell (optional)Resource groups, subscriptions, and management group limitsConfiguring the location for the AVD metadataCalculating and recommending a configuration for capacity and performance requirementsMulti-session recommendationsRecommendations on sizing VMsGeneral recommendations for VMsTesting workloadsSummaryQuestionsFurther reading
Selecting a licensing model for your Azure Virtual Desktop deploymentApplying Azure Virtual Desktop licensing to virtual machinesAzure Files tiersPlanning for user profilesUser profilesChallenges with previous user profile technologiesAn introduction to FSLogix profile containersAzure Files integration with Entra ID DSMicrosoft Entra Kerberos for hybrid identitiesPlanning for user identitiesPlanning for Windows Remote Desktop client deploymentInstalling the Windows Remote Desktop clientWindows App for the Windows Store (currently in public preview)Subscribing to a workspaceAccessing client logsConnecting to Azure Virtual Desktop using the web clientSetting up email discovery to subscribe to the Azure Virtual Desktop feedSummarizing the prerequisites for Azure Virtual DesktopSummaryQuestions
Implementing Azure VNet connectivityAzure VNetWhat is an Azure VNet?Communication between Azure resourcesCommunication with on-premises networksFiltering and routing Azure network trafficUnderstanding what VNet integration is for Azure servicesManaging connectivity to the internet and on-premises networksTypes of VPNs available to youInternet access and outbound connectionsImplementing and managing network securityAzure network security overviewUnderstanding AVD network connectivityManaging AVD session hosts using Azure BastionWhat is Azure Bastion?Setting up Azure BastionConnecting to a VM using Azure BastionMonitoring and troubleshooting network connectivitySummaryQuestions
Configuring storage for FSLogix componentsFSLogix profile container storage optionsThe different Azure Files tiersBest practices for Azure Files with AVDConfiguring storage accountsStep 1 – Creating a new storage accountStep 2 – Configuring the basicsStep 3 – Configuring advanced settingsStep 4 – Configuring networkingStep 5 – Configuring data protectionStep 6 – Configuring encryptionConfiguring file sharesConfiguring disksEphemeral OS disksCreating a VHD imageCreating a VMCreating a local imageDynamic disks versus fixed disksSummaryQuestionsFurther reading

Creating a host pool by using the Azure portalHost pool creationWorkspace informationAutomating the creation of AVD hosts and host poolsSetting up PowerShell for AVDCreating an AVD host pool with PowerShellSummaryQuestions
Windows Server session host licensingConfiguring host pool settingsCustomizing RDP propertiesUsing PowerShell to customize RDP propertiesUsing PowerShell to configure load-balancing methodsAssigning users to host pools via PowerShellConfiguring automatic assignmentRe-assigning a personal desktopConfiguring direct assignment using PowerShellApplying OS and application updates on an Azure Virtual Desktop hostConfiguring a validation poolApplying security and compliance settings to session hostsSummaryQuestions
PrerequisitesDeploying an Entra ID-joined host poolEnabling user accessConnecting to Entra ID-joined session hosts using the Remote Desktop clientEnabling Microsoft Entra authentication for RDPConfiguring local admin accessSummaryQuestions
Creating a golden imageCreating a VMConnecting to the VMCustom image templatesCreating your first custom imageModifying a session host imageDisabling automatic updatesInstalling language packs in AVDOptimizing an imageCapturing an image templateCreating and using an ACGCreating your first ACGCapturing an image in an ACGCreating an image definition from the ACGCreating an image versionTroubleshooting OS issues related to AVDVMs are not joined to the domainAVD Agent and AVD bootloader are not installedAVD Agent is not registering with the AVD serviceBasic performance troubleshooting in AVDNetworking troubleshootingSummaryQuestions
Introduction to Azure RBACPlanning and implementing Azure roles and RBAC for AVDThe delegated access modelAssigning RBAC roles to IT adminsThe PowerShell way to assign role assignmentsCreating a custom role using the Azure portalManaging local roles, groups, and rights assignments on AVD session hostsConfiguring user restrictions by using Entra ID Domain Services group policiesSummaryQuestions
Introduction to MFAHow does Entra MFA Work?Security defaultsConditional AccessPlanning and implementing MFACreating a Conditional Access policy for MFAManaging security by using Microsoft Defender for CloudSecuring AVD using Microsoft Defender for CloudUsing Microsoft Defender for Cloud and AVDEnabling enhanced security for AVDConfiguring Microsoft Defender Antivirus for session hostsWhat’s the difference between Microsoft Defender Antivirus and Microsoft Defender for Endpoint?Getting the latest updatesSetting the scheduled task to run the PowerShell scriptManually downloading and unpackingConfiguring quick scansSuppressing notificationsEnabling headless UI modeSummaryQuestions
Installing and configuring FSLogixLicense requirements for FSLogix profile containersFSLogix key capabilitiesFSLogix installation and configurationConfiguring antivirus exclusionsConfiguring exclusions using PowerShellConfiguring profile containersCloud CacheConfiguring Cloud CacheMicrosoft Teams integrationTeams exclusionsFSLogix profile container best practicesSummaryQuestions
Configuring Universal PrintPrerequisites for Universal PrintUniversal Print administrator rolesSetting up Universal PrintRegistering printers using the Universal Print connectorAssigning permissions and sharing printersAdding a Universal Print printer to a Windows deviceConfiguring user settings using Microsoft IntuneStart VM on ConnectConfiguring with the Azure portalSupported VM sizesPrerequisites for enabling hibernation modeIntegrating hibernation into AVDEnabling screen capture protection for AVDEnabling screen capture protection via IntuneEnabling watermarkingPrerequisites for watermarkingEnabling watermarking using Group PolicyEnabling watermarking via IntuneTroubleshooting FSLogix profile issuesTroubleshooting AVD client issuesTesting connectivityResetting the Remote Desktop clientThe Remote Desktop client is showing no resourcesSummaryFurther readingQuestions
Configuring dynamic application delivery by using MSIX app attachWhat is MSIX?What does it look like inside MSIX?What is MSIX app attach?MSIX app attach terminologyAn overview on how MSIX app attach worksPrerequisitesCreating an MSIX packagePackaging a simple application in an MSIX containerCreating an MSIX imageConfiguring Azure Files for MSIX app attachImporting the code-signed certificateUploading MSIX images to Azure FilesConfiguring MSIX app attachPublishing an MSIX app to a RemoteApp application groupTroubleshooting MSIX app attachPublished MSIX app attach applications not showing in the Start menuApp attach (public preview)How app attach worksKey differences between MSIX app attach and app attachCreating an app attach packageSummaryFurther readingQuestions
Application maskingRule types availableDeploying an application as a RemoteApp applicationImplementing and managing OneDrive for Business for a multi-session environmentImplementing and managing Microsoft Teams AV redirectionImplementing and managing multimedia redirectionManaging internet access for Azure Virtual Desktop sessionsWhat are VM applications?SummaryQuestions
Designing a backup strategy for Azure Virtual DesktopPlanning and implementing a disaster recovery plan for Azure Virtual DesktopVirtual networkVirtual machinesManaging user identitiesConfiguring user and app dataDisaster recovery considerations for MSIX app attachApplication dependenciesConfiguring backup and restore for FSLogix user profiles, personal virtual desktop infrastructures (VDIs), and golden imagesVirtual machine backup and restoreZone-redundant storageAzure file backup and restoreReplicating virtual machine images between regionsSummaryQuestions
Creating an Automation account for Azure Virtual DesktopGiving the Automation account permissionsAutomating the management of host pools, session hosts, and user sessions using PowerShellConfiguring an Azure automation runbookTesting a PowerShell runbook in AzureCreating a scheduleAutoscale – scaling plansGiving Microsoft access to start and stop VMsCreating a pooled scaling plan (multiuser)Creating a personal scaling plan (assigned user)SummaryQuestions
Configuring Azure Monitor for AVDCreating a Log Analytics workspaceConfiguring the monitoring of AVDConfiguring performance counters and event logsUsing InsightsDifferences between AVD Insights and host pool insightsUsing the host pool insightsSetting up alerts using alert rulesIntroduction to KustoConnecting Log Analytics to Kusto.ExplorerCreating queries for AVD using Kusto.ExplorerSome additional Kusto queriesUsing Azure Advisor for AVDSummaryQuestions
How the Quickstart feature worksPrerequisitesUsing the Quickstart feature with Entra ID Domain Services (Entra ID DS)Using the Quickstart feature without an identity providerPost-deployment cleanupTroubleshooting the Quickstart featureSummaryQuestions
QuestionsAnswers
Microsoft Resources and Microsoft LearnAzure Virtual Desktop community shout-outs!Cool vendorsIntroducing EtherAssist – the premier AI technical assistantSpecialized support for Azure Virtual DesktopLevel up at AVD TechFestWhy attend AVD TechFest?Summary
Other Books You May EnjoyPackt is searching for authors like youShare Your ThoughtsDownload a free PDF copy of this book

Overview

Mastering Azure Virtual Desktop provides a comprehensive guide to designing, implementing, and managing Azure Virtual Desktop environments. This book is designed for IT professionals aiming to enhance their expertise in Azure Virtual Desktop configurations, aligning its content with the Microsoft AZ-140 exam objectives.

What this Book will help me do

Design and architect a robust Azure Virtual Desktop environment tailored to various organizational needs.
Implement and manage networking and storage resources to support Azure Virtual Desktop infrastructure.
Deploy applications using MSIX App Attach and optimize user experiences.
Establish strong security measures for your Azure Virtual Desktop infrastructure, ensuring compliance and reliability.
Effectively monitor and troubleshoot performance to maintain a seamless virtual desktop environment.

Author(s)

Ryan Mangan, Neil McLoughlin, and Marcel Meurer each bring extensive experience in cloud technologies and IT infrastructure. With a combined wealth of technical knowledge and practical industry insights, their expertise has helped countless professionals excel in their IT careers. Their shared goal is to provide readers with clear, practical knowledge enabling them to master complex topics.

Who is it for?

This book is ideal for IT professionals, including system architects and workspace administrators, who manage or plan to adopt Azure Virtual Desktop solutions. It's also suited for those preparing for the Microsoft AZ-140 exam. A basic understanding of IT networking and the Microsoft Azure platform is recommended.