How to Deploy a Windows Virtual Desktop (WVD) Pilot in Under Two Hours with Nerdio for Azure Core

April 15th, 2019
Vadim Vladimirskiy
Vadim VladimirskiyFounder & CEO, Nerdio

Can’t wait to get your newly released Windows Virtual Desktop but are not sure where to start?  You’ve come to the right place!  This guide will walk you through the step by step process and show you how you go from zero to having functional Windows 10 desktops running in Microsoft Azure in under 2 hours.  You may think it is impossible to deploy Azure desktops in such a short time, but read on.

Assumptions about your deployment

  1. This will be a pilot deployment, meaning you are not expecting to use these desktops in production because WVD is still in preview and not generally available.  You will be able to convert this to a production environment later, but for the purpose of this document it is a non-disruptive pilot.
  2. WVD will be deployed into your existing Azure AD tenant but into a new Active Directory Domain Services (AD DS) deployment running in Azure. This will not cause any issues or conflict with your existing AD DS deployment.  Once the pilot is deployed it is possible to “plug it” into your existing AD DS and start using it, but because this is a pilot, we will not be touching your production AD DS.
  3. To meet our 2 hour deployment benchmark, we will be using Nerdio for Azure Core to automatically build out an Azure environment prior to deploying WVD desktops. The alternative is to read lots of documentation, learn a ton of PowerShell scripting, and spend days building everything by hand.

Prerequisites

You will need the following before you get started:

  1. Office 365 account with at least 1 unassigned E3 license
    • The E3 license is needed for deployment and testing. You can remove the license later and desktops will continue working.
  2. Azure subscription within the same Azure AD tenant as the Office 365 account (e.g. company.onmicrosoft.com)
    • Must have at least 2 BS-series core quota and 4 Dsv3-series core quota available. Most subscriptions meet this requirement out of the box, but you can verify this in the Azure Portal under Subscription->Usage and Quotas and Request Increase if needed.
  3. Admin user account with global administrator access to Office 365 and owner role on the Azure subscription
  4. Nerdio account – if you don’t have a Nerdio account you can sign up for a free 30-day trial (no credit card required)

The deployment process

  1. Deploy an NFA Core account into your Office 365 and Azure subscription
  2. Gather needed information
  3. Grant WVD Consent to AAD
  4. Deploy WVD
  5. Install Remote Desktop client and connect

The end-result will be a brand-new Azure environment with an Active Directory Domain Controller integrated with your Azure AD and a WVD Host Pool containing two D2sv3 VMs (2 CPUs / 8GB RAM each).  You will also have 4 demo user accounts that are going to be server “pooled” (non-persistent) desktops from this pool of 2 Windows 10 Enterprise Multi-session VMs.

 

Step 1: Deploy a Nerdio for Azure Core account

(Estimated time: 1 hour)

  1. Log into the Nerdio Admin Portal
  2. Click Add NFA account button on bottom right
  3. Section 1: Connect to Azure using a global administrator account
    • Select your Subscription and the Region you want to deploy into
    • Specify Resource Group name (optional)
    • Set AHU to Yes
  4. Section 2: Connect to Office 365 using a global administrator account
  5. Section 3: Specify Company name
    • Select Core from the Plan dropdown
  6. Click Save and OK to proceed
  7. Once the NFA Core account is provisioned, click Login to the right of the account name
  8. Click on Users on the left and Andy IT Admin
  9. Click Show extended attributes, check Grant domain admin rights and click Save

 

 

Step 2: Gather necessary information

(Estimated time: 10 minutes)

NOTE: You can proceed with this step while NFA Core (Step 2) is provisioning.

At this stage we need to collect some important information that will be used in subsequent steps.  The following information will be needed.

  1. Global administrator username
  2. NFA Account ID
  3. Resource Group Name
  4. Azure Region
  5. Azure Subscription ID
  6. AAD Tenant ID

Global administrator account – the user account you used in Step 1 when connecting to Azure and Office 365

NFA Account ID – account ID found in the Nerdio Admin Portal next to the newly provisioned NFA Core account

Resource Group Name – this is the name of the Resource Group you used to create NFA Core in Step 1.  In our example, it is WVDPilotRG

Azure Region – region that NFA Core was provisioned in.  In our example it is southcentralus (South Central US – with no spaces)

Azure Subscription ID – Azure subscription where NFA Core was deployed.  Find it in the Nerdio Admin Portal by clicking on the “more…” link next to the NFA Core account

AAD Tenant ID – Azure Active Directory tenant ID found in Azure portal under Azure Active Directory > Properties > Directory ID.

 

 

Step 3: Grant WVD Consent to AAD

(Estimated time: 10 minutes)

NOTE: You can proceed with this step while NFA Core (Step 2) is provisioning.

  1. Open a browser and connect to the Windows Virtual Desktop consent page
  2. For Consent OptionServer App, enter the AAD Tenant ID, then click Submit
  3. Sign in as the global administrator account and select Accept
  4. Wait for one minute
  5. Navigate back to the Windows Virtual Desktop consent page
  6. Go to Consent OptionClient App, enter the same AAD Tenant ID, then click Submit
  7. Sign in as the same global administrator account and select Accept

Assign the TenantCreator application role to your global administrator account:

  1. Open a browser and connect to the Azure Active Directory portal with your global administrator account
  2. Select Enterprise applications and search for Windows Virtual Desktop. You’ll see the two applications you provided consent for in the previous section. Of these two apps, select Windows Virtual Desktop
  3. Select Users and groups, then select Add user
  4. Select Users in the Add Assignment blade
  5. Search for the global administrator account
  6. Select the user account, click the Select button, and then select Assign

 

Step 4: Deploy WVD

(Estimated time: 30 minutes)

NOTE: You must wait for NFA Core (Step 2) to finish provisioning before proceeding with this step.

  1. If it’s not installed already, download .NET framework 4.7.2 or later
  2. Open Windows PowerShell ISE from Start Menu as Administrator
  3. Download DeployWVD.ps1 script and open it via PowerShell ISE
  4. Modify the variables section and set them to the values recorded in Step 2 above
  5. Save the script and run it by clicking the green “play button” or pressing F5
  6. NOTE: This script will upgrade the Azure and WVD PowerShell module to the latest available versions on the computer where you’re running it
  7. If prompted to install from unknown repository select Yes to All
  8. It will take the script some time to run. Be patient, you’re almost there.

 

Step 5: Install Remote Desktop client and connect

(Estimated time: 10 minutes)

  1. Download and install WVD Remote Desktop client for Windows 7 and 10
  2. Subscribe to your newly created desktop
  3. Use any of the 4 demo accounts pre-created for you. The default password is “AwesomeNerdioXXXX” (where XXXX is the NFA Core account ID from step 2)
    1. AITadmin@XXXX.nerdio.net
    2. CCeo@XXXX.nerdio.net
    3. AAccounting@XXXX.nerdio.net
    4. SSales@XXXX.nerdio.net
  4. You should see a published desktop called “Session Desktop.” Double click on it to launch it.
  5. You will likely be prompted for the username and password again. Go ahead and type in the same credentials you used in #3 above.  This is something that is going to be fixed when WVD goes into general availability and only one login will be required.
  6. You can also access your WVD desktop using a Web client. Browse to https://rdweb.wvd.microsoft.com/webclient and log in with the same credentials

 

Conclusion

Congratulations! You have just completed a full deployment of WVD in Azure.  Hopefully you found the experience to be straightforward, automated, and quick as opposed to spending countless hours studying documentation, learning PowerShell commands, and going through significant trial-and-error.

This pilot deployment should help you get a feel for the new WVD service and Windows 10 Enterprise multi-session operating system.  Once WVD enters General Availability, Nerdio’s Enterprise and Professional plans will automate the entire provisioning process from start to finish.  It will be just as easy as deploying NFA Core in Step 1 above.

At Nerdio we are all about agility and simplification.  Those are just some of the ways we empower MSPs to build successful cloud practices in Azure.