After you have deployed Azure Virtual Desktop (AVD) and migrated your users onto the platform, the next steps are to manage the AVD estate.
Managing AVD can be problematic due insufficient training or technical skills, especially if IT staff lack skills in Azure. Managing desktops, images and users in an AVD environment requires a different skillset that many end user computing (EUC) teams do not currently have because the service is still relatively new, with new features and functionality being added often.
AVD management is normally carried out via Business-as-Usual (BAU) teams. The purpose of these teams is to handle the day-to-day running of the Azure Virtual Desktop service and handle any changes or requests which come into the service. AVD management is just one component of the things that these teams manage. They also have many other additional responsibilities within the company like managing and maintaining physical desktops, endpoint devices, physical infrastructure like networking, as well as back-end infrastructure like proxy servers or Active Directory.
BAU teams are normally comprised of several teams. Those who handle configuration management, service management, and the first, second- and third-line teams. This is not an exhaustive list and there may potentially be others depending on the size of the environment.
Here are some of the daily responsibilities of BAU teams as they relate to AVD:
- Provisioning, assigning and deleting AVD desktops for new and existing staff
- Support for desktops, including the desktop OS (Operating Systems) and applications
- Desktop image management (Creating new images, monthly patching, application updates, etc.)
- Reporting and service management
- Security reporting and incident response
Let’s take a look at some of the features in Nerdio Manager that can help IT teams of any technical level tackle the above responsibilities and better manage AVD.
User Session Management
Using Nerdio it is easy to see all sessions which are currently active and inactive across your AVD environment. This is quite difficult to do natively in Azure. Using Nerdio Manager we can perform the following functions:
- View all sessions across your workspaces (across multiple host pools)
- Send messages to users
- Disconnect and log off users
- Shadow sessions for remote control
Role-Based Access Controls
Delegating permissions within Azure Virtual Desktop can be quite troublesome and you will not always get the result you want. Nerdio has its own Role-Based Access Controls (RBAC). We also give admins the ability to create custom RBAC roles so IT teams can really fine-tune permissions to give the least privilege access required and maintain a good security posture for the organization at large.
For each function within the Nerdio console, we can assign a specific permission. So, for example, we can assign permissions associated with the following roles:
- AVD Admin – Gives access to everything within the Nerdio console
- Help Desk – Full access to user session management only
- Reviewer – Read-only access to everything
- Desktop Image Management – Only able to manage desktop images within the Nerdio console
Image Management
Image management is a huge piece of day-to-day AVD management. Multiple teams are involved to ensure images are secure and have the appropriate applications and configuration settings required.
Images can be difficult to deploy, update and manage natively in Azure without the use of optimization or automation technologies. There will likely be multiple PowerShell scripts involved, routine testing to complete, and a consistent need to roll out the images to existing session hosts.
Nerdio can help make this process drastically easier as we have all the automation scripts in place to do it for you. We offer the following automation capabilities within Nerdio to help with image management:
- Creation and management of the Azure Compute Gallery for copying images to multiple regions
- Application installation and deployment using Nerdio Scripted Actions
- Backing up of images before update
- Automated & scheduled image update procedures
- Desktop image staging
- Scheduled image updates of existing Azure Virtual Desktop hosts
FSLogix Profile Management
Most AVD environments we come across use FSLogix as their choice of profile management tool. Mainly this is common because it works so well and it is fully supported to use alongside Azure Files.
Nerdio helps you to manage FSLogix profiles much more easily. Our features listed below allow IT to create, manage and optimize FSLogix profiles on a day-to-day basis.
- Create the Azure Files storage accounts and performs the domain join
- Automatically configure Azure Share & NTFS permissions
- Close file handles for locked FSLogix profiles
- Auto-scaling for FSLogix storage for performance and capacity
- Schedule automatic shrinking of the FSLogix profiles to reduce capacity and cost
Summary
As you can see from the above, Nerdio really does help with the day-to-day management of Azure Virtual Desktop environments. Everything we do at Nerdio is built with the IT admin (and your end-users) in mind to make your job easier. If you have any questions or queries about AVD management and how Nerdio can help streamline and simplify, contact us and we would love to chat with you about your environment or needs.
