Azure Virtual Desktop setup
This guide provides a full overview of setting up AVD–the prerequisites, step-by-step instructions, customization options, and troubleshooting tips.
Blog
Microsoft Windows 365
What are the different methods for setting up Azure Virtual Desktop?
This article walks you through deploying Azure Virtual Desktop (AVD) on Azure, Azure Local, or Azure Extended Zones using the Azure portal, Azure CLI, or Azure PowerShell. You'll create a host pool, workspace, application group, and session host VMs, optionally enabling diagnostic settings and assigning user access.
The Azure portal streamlines these tasks, while other methods offer flexibility. When creating a host pool, choose between session host configuration (preview) for a managed approach or standard management for custom control.
We also discuss how third-party tools provide automation, optimization, and streamlined management capabilities to accelerate AVD deployment, minimize costs, and reduce complexity.
What are the prerequisites for setting up AVD?
Before you begin setting up Azure Virtual Desktop, make sure you can check all these boxes:
- Azure subscription: An active Azure subscription is required to deploy and manage azure virtual desktop resources.
- Active Directory Domain: An Azure Active Directory domain (either Azure AD or a hybrid AD environment) is necessary for user authentication and management.
- Network connectivity: Ensure proper network connectivity between your on-premises network and Azure, including appropriate VPN or ExpressRoute configurations if needed.
- Appropriate licenses: Ensure you have the necessary licenses for eligible Windows client operating systems (such as Windows 11 Enterprise or Windows 10 multi-session) or Windows Server as well as any required Microsoft 365 or Remote Desktop Services (RDS) licenses.
- Azure AD permissions: The user setting up AVD needs appropriate permissions in Azure AD to create and manage resources. Typically, the "Contributor" role or a custom role with specific permissions is sufficient.
- FSLogix: If you plan to use FSLogix for profile management, ensure you have the necessary licenses and infrastructure in place.
Here are additional prerequisites for Azure Local:
- Registered Azure Local Instance: An Azure Local instance (Azure Stack HCI or Azure Arc-enabled server) registered with Azure and running a minimum version of 23H2.
- Stable Azure connection: A stable connection from your on-premises network to Azure.
- Windows OS image: At least one Windows OS image available on the Azure Local instance.
- Logical network: A logical network configured on your Azure Local instance (DHCP or static with automatic IP allocation).
And here are additional prerequisites for Azure Extended Zones:
- Registered Azure subscription: Your Microsoft Azure subscription must be registered with the respective Azure Extended Zone.
- Azure load balancer: An Azure load balancer with an outbound rule on the virtual network where you'll deploy session hosts.
How do I deploy AVD, step by step?
Using the Azure portal
The Azure portal offers a user-friendly interface for setting up Azure Virtual Desktop. Log in to your Azure subscription with your global administrator account and follow these steps:
1) Create a host pool
- In the Azure portal, search for and select "Azure Virtual Desktop."
- Click "Create a host pool."
- Provide a name for your host pool, select a resource group, and choose your preferred configuration options (e.g., VM size, image, location).
2) Create a workspace
- In the Azure Virtual Desktop menu, select "Workspaces."
- Click "Create."
- Provide a name for your workspace and select the host pool you created in the previous step.
3) Create an application group
- In the Azure Virtual Desktop menu, select "Application groups." When using the Azure portal, a desktop application group is created automatically.
- Click "Create."
- Provide a name for your application group, select the workspace you created, and choose the type of application group (desktop or remote app).
4) Create session host VMs
- In the host pool you created, select "Session hosts."
- Click "Add."
- Specify the number of VMs you need, their size, and other configuration options.
5) (Optional) Enable diagnostic settings
- In the host pool, select "Diagnostic settings."
- Configure diagnostic settings to collect logs and metrics for monitoring and troubleshooting.
6) Assign users
- In the application group you created, select "Assignments."
- Assign the user accounts or groups to the application group to grant them access to the desktops and applications.
Using the Azure CLI
The Azure CLI provides a command-line interface for managing Azure resources, including AVD. When using the Azure CLI or Azure PowerShell for Azure Virtual Desktop setup, parameters related to the host pool's load balancer type can be configured. Below is a basic example of how to create a host pool using the Azure CLI.
Code snippet:
az desktopvirtualization hostpool create \
--resource-group <resource_group_name> \
--name <host_pool_name> \
--location <location> \
--type <host_pool_type> \
--load-balancer-type <load_balancer_type>
Using Azure PowerShell
Azure PowerShell offers a scripting environment for automating Azure tasks, including Azure Virtual Desktop setup. Here's an example of how to create a host pool using Azure PowerShell:
New-AzWvdHostPool -ResourceGroupName <resource_group_name> `
-Name <host_pool_name> `
-Location <location> `
-HostPoolType <host_pool_type> `
-LoadBalancerType <load_balancer_type>
NOTE: Remember to replace the placeholders (e.g., <resource_group_name>) with your actual values.
Know the TCO
This step-by-step wizard tool gives you the total cost of ownership for AVD in your organization.
How can I customize my AVD environment?
Once you've set up the basic Azure Virtual Desktop infrastructure, you can customize your environment to meet your specific needs and requirements. Here are some key areas you can customize:
Desktop images
Azure Virtual Desktop allows you to create custom desktop images that include the specific applications, settings, and configurations required by your users. You can create images from scratch or use existing images as a starting point.
- Golden image: Create a "golden image" that serves as a template for all your AVD desktops. To be clear, it’s not an image (like a JPEG or PNG), it’s a complete and ready-to-use template of a virtual machine, including the operating system, applications, configurations, and settings. This ensures consistency and simplifies management.
- Application pre-installation: Pre-install frequently used applications to save time and reduce user setup.
- Customization tools: Utilize tools like Microsoft Endpoint Manager or third-party solutions to further customize your images.
User profiles
You can manage user profiles in AVD to provide a personalized experience for each user. This includes:
- FSLogix: Implement FSLogix to store user profiles and settings in a centralized location, allowing users to access their personalized environment from any device.
- Profile redirection: Configure profile redirection to store user data on a network share, ensuring data persistence and easy backup.
- Profile containers: Use profile containers to isolate user profiles and settings, improving security and simplifying management.
Security policies
Azure Virtual Desktop offers a range of security policies that you can configure to protect your environment and data. These include:
- Multi-factor authentication (MFA): Enforce MFA to add an extra layer of security for user authentication.
- Endpoint Security: Deploy Microsoft Defender for Endpoint to provide advanced threat protection for your virtual desktop session hosts.
- Conditional access: Implement conditional access policies to control access to AVD resources based on user identity, device, and location.
- Role-based access control (RBAC): Use RBAC to grant users specific permissions based on their roles and responsibilities.
- Network security: Configure network security groups (NSGs) and firewalls to restrict access to your Azure Virtual Desktop environment.
- Endpoint Management and Compliance: Leverage Intune to extend unified policies to your virtual desktops.
What are some common issues encountered during AVD setup?
While setting up Azure Virtual Desktop is generally straightforward, you might encounter some common issues along the way. This section provides troubleshooting tips and guidance to help you resolve these issues and ensure a smooth deployment.
Network connectivity issues
- Problem: Users are unable to connect to their AVD desktops or applications due to network connectivity problems. When users encounter network connectivity issues, they may struggle to successfully connect to Azure Virtual Desktop using the AVD remote desktop client. This connection process relies on protocols like RDP, and verifying network paths and port availability for these is a key troubleshooting step.
- Troubleshooting steps:
- Verify that the user's device has an active internet connection.
- Check that the necessary ports are open in your firewall (e.g., 3389 for RDP).
- Ensure that DNS resolution is working correctly and that users can resolve the AVD host pool's FQDN.
- If using a VPN or ExpressRoute, verify the connection and configuration.
- Use network monitoring tools to identify any network latency or connectivity issues.
Authentication errors
- Problem: Users are unable to authenticate to Azure Virtual Desktop due to incorrect credentials or permission issues.
- Troubleshooting steps:
- Verify that the user is using the correct username and password.
- Ensure that the user has been assigned to the appropriate application group and workspace.
- Check that the user's account is active and has the necessary permissions in Azure AD.
- If using MFA, ensure that the user has configured MFA and can successfully authenticate.
Application compatibility issues
- Problem: Applications are not working correctly or are not compatible with the AVD environment.
- Troubleshooting steps:
- Check that the application is supported on the operating system used for the Azure Virtual Desktop session hosts.
- Ensure that the application has been properly installed and configured on the session hosts.
- Verify that the user has the necessary permissions to access and run the application.
- Test the application in a non-AVD environment to rule out any application-specific issues.
Performance issues
- Problem: Users are experiencing slow performance or lag when using AVD.
- Troubleshooting steps:
- Check the resource usage of the session hosts (CPU, memory, disk) to identify any bottlenecks.
- Optimize the AVD image and applications to reduce resource consumption.
- Consider increasing the size of the session host VMs if necessary.
- Monitor network performance for any latency or bandwidth issues.
FSLogix profile issues
- Problem: Users are experiencing issues with their FSLogix profiles, such as slow logins or profile corruption.
- Troubleshooting steps:
- Verify that FSLogix is properly configured and that the storage account is accessible.
- Check the FSLogix logs for any errors or warnings.
- Ensure that users have the necessary permissions to access their profiles.
- Consider optimizing the FSLogix configuration for performance.
How can I simplify the setup and management of an AVD environment?
While the DIY approach to Azure Virtual Desktop setup offers some flexibility and control, it can also be time-consuming and complex, especially for larger deployments. If you're looking for a more streamlined and efficient way to deploy and manage AVD, consider how Nerdio can help:
Automated deployment
- Accelerated setup: Nerdio's automated deployment tools can significantly reduce the time and effort required to set up Azure Virtual Desktop. With just a few clicks, you can deploy a fully configured AVD environment, including host pools, workspaces, and app groups.
- Simplified configuration: Nerdio simplifies the configuration process by providing pre-built templates and automated workflows, eliminating the need for manual configuration and scripting.
Centralized & automated management
- Unified dashboard: Manage all your Azure Virtual Desktop resources from a single, intuitive dashboard, providing greater visibility and control over your environment.
- Simplified administration: Nerdio simplifies administrative tasks, such as user management, application deployment, and performance monitoring, through automated tools and workflows.
- Automated tasks: Free up your IT team with automated routine tasks such as scaling resources, patching VMs, and managing user access.
Cost optimization
- Resource optimization: Nerdio's cost optimization tools can help you identify and eliminate unnecessary costs, such as over-provisioned VMs or unused resources.
- Auto-scaling: Nerdio's auto-scaling features automatically adjust your AVD resources based on user demand, ensuring that you only pay for what you need.
- Reserved instances: Nerdio can help you leverage Azure Reserved Instances to further reduce your Azure Virtual Desktop costs.
Enhanced security
- Multi-layered security: Nerdio provides a multi-layered security approach that includes multi-factor authentication, role-based access control, and proactive threat monitoring.
- Compliance: Nerdio's solutions help you meet compliance requirements by providing tools for data protection, access control, and audit logging.
By leveraging Nerdio's expertise and solutions, you can simplify Azure Virtual Desktop setup and management, reduce costs, enhance security, and ensure a successful and optimized deployment.
Know the TCO
This step-by-step wizard tool gives you the total cost of ownership for AVD in your organization.
Frequently Asked Questions
Learn more about Azure Virtual Desktop
Guides
Nerdio Manager for Enterprise
Your guide to deploying avd in minutes
Guides
Nerdio Manager for Enterprise
A guide to migrating from Citrix to Azure Virtual Desktop with Nerdio
About the author
