virtual desktop service

hello everyone this is Ciraltos and I'm Travis this

week Microsoft announced Windows virtual desktop is now in public preview I've

been waiting for over two years for this to become available so super excited to

dig in and try it out in this video I'm gonna walk through setting up a Windows

virtual desktop tenant before that let me take a minute ask everyone watching

to subscribe go ahead hit that button down there or maybe it's over here

I'll wait okay now that that's over let's move on first why is this

important ever since Server 2000 Microsoft has offered some version of

terminal services these are servers that provide a multi-user environment for

users to log in remotely and access desktops and applications terminal

servers or the latest version called Remote Desktop Services worked but there

were some issues not every application worked on the server OS the same as it

did in desktop OS more significantly setting up a fully redundant RDS

environment required multiple servers for remote gateway services redundant

connection brokers a SQL database load balancers and multiple session

hosts these could all be deployed in Azure but they weren't intended for

cloud services and required a large and probably costly number of servers I had

an opportunity to do an RDS deployment in Azure a couple years ago and came up

with this chart of services used for the deployment looking at this you may

understand why I've been looking forward to a simpler solution how does Windows

virtual desktop differ from a traditional RDS environment first the

entire remote access gateway a remote web the connection broker are all part

as the platform as a service offering no need to deploy and configure servers for

supporting that infrastructure it's so new I couldn't even find an image for

the PowerPoint also Windows 10 1809 now supports multiple users that means you

no longer need to set up a remote Desktop session host on a server you can

simply deploy Windows 10 image you may already have and allow users to connect

to that even if you don't have an image you can use an image from Azure

gallery and then use the same management tools you already have in place for your

Windows 10 workstations in the virtual desktop environment no more setting up

GPOs for a remote desktop session hosts that try to mimic existing workstation

GPOs and astute remote desktop professional may have noticed I haven't

mentioned anything about Remote Desktop licensing servers that's because there

aren't any the RDS license was used to cover users connecting to a server OS

with Windows virtual desktop and Windows 10 multi-user no RDS license is required

desktops can be deployed for persistent named users or for a more traditional

shared VDI experience and Windows 7 deployments in WVD get three years of

security updates at no additional charge so this is a great option if you're

holding out for Windows 7 because you may have an application that can't be

migrated to Windows 10 now that that's out of the way let's start the

walkthrough and please note that WVD has been in preview for just a couple days

at the time of recording things may and probably will change by the time you see

this ok everyone let's get started with demos in this section we're going to

grant Azure active directory permissions to the Windows virtual

desktop service assign the tenant crater application role to user in Active

Directory and then we're going to create a Windows virtual desktop tenant so

we're going to start at the documentation which is always a good

spot to start and from there we're going to go over to the Windows virtual

desktop consent page and here we are going to give consent to virtual Windows

virtual desktop now I need my tenant ID for this I'm going to go over to

properties of my default directory and I'll get that tenant ID

and then I'll add that in and once I submit I'll get a prompt for

authentication and I'm just gonna read through it real quick and hit accept and

it's very courteous it's gonna thank me I'm gonna go back and we have to do this

again for the client so we just did server now we're gonna do client our

server app so when you change that drop-down it does take a couple seconds

to populate so give it some time if it's not behaving the way you expect it to

I'll hit submit it's gonna ask me for my account again I'll read and accept so

now we have consented to Windows virtual desktop services in this section we're

going to assign the tenant crater role to a user and as your Active Directory

I'm going to go into all my applications and look for Windows virtual desktop

there it is

I'll select that and I'm going to go into users and groups and from here I'm

going to add a user

and I'll add the admin, global admin account for this directory and the

assignment has done now we're gonna go over to powershell where i'm going to

create a virtual desktop tenant before that i do that i have to add the new RDS

module into powershell so that's going to be a simple install module and you do

have to run this as administrator so i'll install the module

and now I'm gonna import the module that's Microsoft dot Rd infra dot Rd

PowerShell is the module name now that that's done I'm going to create the

Windows virtual desktop tenant there's a couple commands I need to run first is

the add RDS account and the next one is the new RDS tenant so for tenant name

I'm just going to give this a name Ciraltos and I need the Active Directory ID

so I'll go over to properties of my default directory and I can get that

information from there and I'll get the subscription ID from my subscription

page there's other ways to get this but this is the most handy right now

now that I have that entered we'll just run the command so first I'm going to

run that ad RDS account and I'll need to sign in this is the same account I gave

permissions to in the previous step and here it looks like and it looks like

I've put in the wrong password so let me try that again there we go so now I have

a deployment URL and I'll be able to go to that later once we set up the pool so

now I'm going to run the new RDS tenant and that's going to create the tenant of

Sur altos tenant named Ciraltos and the tenant group name is default tenant

group so now I have that tenant setup and let's move on to setting up the pool

now it's time to set up the host pool so we're gonna do this by going to create a

resource and the host pool is the actual pool of computers that users will be

connecting to and unlike a traditional RDS environment this will use Windows 10

multi-user OS instead of a server OS we'll start by going and searching for

Windows virtual desktop and here you can see the option to provision a host pool

I'm gonna go to crate and let's start filling out some information so the host

pool name will be let's just call this ciraltos one and here are the options

to do pooled or personal pool is more of a traditional VDI environment where

users will connect to any available machine in the pool personal is more of

a one-to-one relationship where somebody has dedicated workstation and you can

always hover over this little eye to get more information on each here I'm going

to add the default desktop users now you have to do this in a comma separated

value here it gives you an example so you would have to enter every user who's

going to connect manually or you could pull it from

Active Directory with PowerShell and create a CSV file this is something I

hope Microsoft intends to change it would be better to use group membership

for this for sure but as it's in preview I suspect this is going to change pretty

quickly or at least before it becomes GA so I'm just gonna add one user into this

now I select my subscription I'm gonna create a new resource group and I'll

leave it in central us now you can create these pools in any location you

want but the data that's stored any user settings profile data is going to be in

East US 2 us too that's something that's specified in the preview that will

change but just so you know that data is gonna be stored in east US 2 so I'll

click OK and here's where we can provision the

actual VMs so it does a calculation for you based on the type of use and the

number of users you can see it's changing the virtual machine count as I

move through I actually don't want to do a d8 sv3

and I only have one user so what's interesting is if I click five it's

gonna change to one let's change it to 50 and we'll see that it goes up to two

VM's so I'm gonna change size again because I don't want that and I'll just

go into something a little bit more cost efficient which is a b-1 ms now you can

see a change from two to nine so it's doing some calculations on the number it

thinks you're gonna need based on the users you add I'm going to go back to

three and it'll change it to one and just to point out that I'm doing this as

a demo to show how to deploy a pool this isn't what I'd use in production

but I'd also don't want to spend a lot of money on my demos so here we go into

the virtual machine prefix I'll going to add the prefix of CIRWVD couple

things to note it will add the - after this you cannot use underscores in the

prefix so just be aware of that the first time I did this I added a dash and

then it also added a dash so I had two dashes it look kind of silly so we'll

just leave it at that and we're going on to the next one so here's where we can

select the image if you have your own image you can upload it to blob storage

or create a managed disk I'm gonna use the gallery and I'm gonna use this

Windows 10 enterprise and multi-session will go a standard hard drives next I'm

going to need an account used to join these virtual machines to the domain I

have one set up called domain add and now we have to add in the password and

something interesting about the password the password you enter although it's a

domain password that meets my domain policies it has to meet their policies

which is 12 characters and the use of special characters and stuff so most of

my passwords are 8 characters long and that didn't work we can go see it says

it has to be 12 I just thought that was kind of interesting that they're

enforcing their passwords on my domain accounts but anyway that's fine

okay so I am gonna specify an OU so if I click yes something else to

point out here and I miss this and it kind of causes an error the first time

it auto populates the domain with contoso and that is not the domain so

that will not work so I need to put in my domain and then

I'm gonna put in a path as well and here I'm gonna select the virtual network I

have in place and I'll use my default subnet that's good for now so now it's

asking me for my virtual desktop tenant group and name you can get that from the

powershell command we ran before but I know that is Ciraltos here you can have

a Windows virtual desktop tenant RDS user you can either use a UPN or service

principle I'm gonna use the UPN for now

okay now I have that it's gonna ask for a summary and it's gonna run the

validation I'll click OK and now it's gonna ask me to buy read the Terms of

Use and I'm gonna click create and let's hope that this works as intended

all right the deployment is finished that took about 25 minutes so you can

plan anywhere from 20 to 30 minutes for that deployment to run I was able to

shorten it through the miracle of editing couple things I want to point

out first the virtual machine that was created is using managed disks keep in

mind that managed discs are charged a set rate per month no matter how much

data is on them that's unlike blob storage where you're charged per amount

of data used and data transfer so basically managed disks have their

advantages but they're a little bit more expensive so if you're running this on a

pay-as-you-go subscription like I am and you're trying to keep those costs down

you may want to only deploy this when needed so here we can go in and we can

see that the virtual machine is running there it is and this virtual machine is

on my domain that's why I had to add the domain add password I should point out

because I didn't when we're making this deployment the v-net that I connected

this to has a domain controller on it so there was no issue with communication

for this VM during the deployment to be added to the domain ok let's see if this

works so I'm going to go to the URL that's in the document Microsoft has

published and I did this once already so I'm gonna click on the second session

desktop have you noticed that it named them the same name which is a little

confusing so I'll have to go back and figure out why that is it seems like

they should have different names but anyway let's continue on

turns out I entered the wrong password and here we go so this is the

web client there's also a desktop client that you can use but I don't have that

installed yet so this really shows though that it is working I'm logging in

to the domain with a domain account as a comparison when I did the RDS deployment

in Azure that took me days to get everything figured out from setting up

all the servers the load balancers the SQL connection broke sequel database

where the connection brokers all that took a long time this took literally

like what half an hour and I could set up hundreds of these with thousands of