Deploy an Azure Virtual Desktop pool

1. Log in to the Microsoft Azure portal and in the search box type ‘Azure Virtual Desktop’.
2. Click Create a host pool.
3. Choose your Subscription and Resource group. Create a new Resource group if required. Enter a pool name, select a location, and select ‘No’ for the Validation environment. For the Host pool type select Pooled, select the Breadth-first Load balancing algorithm, and set the required Max session limit for session Host VMs. Then click Next: Virtual Machines.

   

4. Select ‘No’ to Add Azure virtual machines. Click Next: Workspace.
5. Select ‘Yes’ to Register a desktop app group to a Workspace. If using an existing Workspace, select the Workspace. If creating a new Workspace, click Create new and assign it a name. Click Next: Advanced.
6. On the Advanced page, click Next: Tags.
7. On the Tags page, enter any required tags and click Next: Review + create.
8. Click Create to create the Azure Virtual Desktop pool.

   

9. After the pool is created, click Go to resource to view the pool.

   

10. In addition to the host pool, a Workspace and a desktop application group with the desktop application default name ‘SessionDesktop’ are also automatically created.

    

For more information about the PowerShell process, see Create an Azure Virtual Desktop host pool with PowerShell or the Azure CLI.

Download and process the VHD file

An Azure Windows 10 VHD (virtual hard drive) image file may be obtained directly from Azure Marketplace by downloading it using PowerShell or by creating a VM from the Azure Marketplace and downloading its virtual hard drive. The following steps show how to create a VM in Azure Marketplace and download its hard drive image file:

1. Log in to Microsoft Azure and in the search box type ‘Marketplace’.
2. Search the Marketplace for ‘Microsoft Windows 10’ and select the Microsoft Windows 10 search result (or ‘Microsoft Windows 11’ if using Windows 11).
3. From the dropdown menu, select the Windows 10 version you require and click Create.
4. Create the VM. Enter all the required details in the form, including the Resource group, the VM Name, the VM Size, and the Administrator account details. Confirm the licensing and click Next: Disks.

   

5. Select disks options. Click Next: Networking.
6. Enter the Networking details, selecting defaults where possible. Click Next: Management.
7. Enter the Management details, selecting defaults where possible. Click Next: Advanced.
8. Enter the Advanced details, selecting defaults where possible. Click Next: Tags.
9. Enter the Tags details, selecting defaults where possible. Click Next: Review + create.
10. After the VM creation is validated, click Create. The VM is created, but do not power it on.
11. When the VM is created, click on its name in Azure and click Disks.

    

12. Click on the Disk name link and click Disk Export in the left column. Increase the URL expiry time limit as required and click Generate URL. If the Generate URL box is grayed out, ensure that the VM is powered off.

    

13. Click Download the VHD file.
    Note: There is a financial cost associated with downloading VHD files from Azure.
    
    

    

14. Alternately the VHD file may be downloaded using the Microsoft Azure Storage Explorer application once the VM has been created and powered off. Microsoft Azure Storage Explorer must be installed locally and then logged in to with your Azure credentials. Browse to the disk that you want to download and click Download.

    

15. Delete the VM in Azure.

Process and upload the VHD file

Follow these steps to process and upload the VHD file to the Azure Stack HCI cluster:

1. The downloaded VHD file can be changed to a VHDx virtual hard disk file format and compressed. Run the following PowerShell command, changing the path to the VHD file and VHDx file name:

         Convert-VHD -Path "PathToVHDFile\Windows10-Multisession_OsDisk.vhd" -DestinationPath " PathToVHDFile x\Windows10-Multisession_OsDisk.vhdx" -VHDType Dynamic -DeleteSource     

         Optimize-VHD -Path "PathToVHDFile\Windows10-Multisession_OsDisk.vhdx" -Mode Full     

2. Copy the VHDx file to the Azure stack storage. If a volume on the cluster has been created specifically for storing VHDx files copy it to this location. The VHDx file may be uploaded to the Azure stack storage using Windows Admin Center or by mapping to the cluster volume from File Explorer and copying the file.

   

3. If you must make any changes to the Windows 10 image, use Windows Admin Center or Hyper-V Manager to create a VM and attach the VHDx file to the VM. Adjust any of the VM settings as required (for example, the number of vCPUs, memory VLAN, and so on).
4. Power on the VM and configure any OS settings, domain-join the VM or install software as required. Any optimizations can also be carried out at this point.
5. Sysprep the image, selecting OOBE, Generalize and Shutdown.
6. The VM may be cloned at this point, using Windows Admin Center or PowerShell to create multiple copies of the VM if required.

For more information, see Manage VMs with Windows Admin Center and Manage VMs on Azure Stack HCI using Windows PowerShell.

Install Arc agent and register with Azure Arc

An Azure Arc service principal with the Azure Connected Machine Onboarding role is required for registering Azure Virtual Desktop VMs with Azure Arc. An Azure service principal is a security identity used by Azure Virtual Desktop to access required Azure resources.

For the instructions to create a service principal using Azure or PowerShell, see Connect hybrid machines to Azure at scale.

1. Generate an Azure Arc installation script in Azure. On the Azure home page search for Azure Arc, click Servers and click Add.
2. Under Add Multiple servers, click Generate script.
3. Read the Prerequisites page—this page also includes a link with instructions to create a service principal if required. Click Next.
4. Enter the Resource details page and click Next.
5. On the Authentication page, select the Service principal. You can create a Service principal if one does not already exist. Click Next.
6. Assign any required tags and click Next.
7. The Azure Arc registration script is generated. Copy or download the script to save it (the script is saved as OnboardingScript.ps1 by default). This script must have the service principal secret pasted into the script before running it on an Azure Virtual Desktop VM.

   

8. To obtain the service principal secret, click the link at the top of the script page ‘Create a service principal or copy an existing client ID’ and click the service principal name.
9. Click Certificates & secrets in the left-hand column and select Client secrets (1), click the clipboard icon and copy the Value item (not the Secret ID).
10. If a new Client secret is required click + New client secret, enter a description and click Add.

    

11. On the line in the PowerShell script $servicePrincipalSecret”<ENTER SECRET HERE>” replace the <ENTER SECRET HERE> text with the secret value copied in the previous step. Save the PowerShell script.
12. Run the PowerShell script on all VMs being onboarded to Azure Arc. Run the script while logged on as a local administrator from an elevated PowerShell window. Note that the PowerShell script also downloads and installs the Azure Arc agent.
13. A link and a code displays in the PowerShell window. Copy and open the link in a web browser on a separate computer, enter your Azure credentials if prompted, then enter the code and click Next.

    

14. In Azure, browse to Azure Arc and under Infrastructure click Servers and verify that the VMs are now appearing as Azure Arc managed resources.

For more information, see Connect hybrid machines to Azure using a deployment script.

Install Azure Virtual Desktop agent and connect to the host pool

The VMs must now be connected to the Azure Virtual Desktop pool. This involves downloading and installing two agents and using a registration token to connect the VMs to the desktop pool. The agent acts as the intermediate communicator between the service and the VMs, enabling connectivity. The agent bootloader is the executable that loads the agent.

1. Download the Azure Virtual Desktop Agent and the Azure Virtual Desktop Agent Bootloader. The files can be downloaded directly to the VM they are being installed on or saved locally for multiple installations. The files can be downloaded from here:
   • https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv
   • https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH
2. Open the Azure Virtual Desktop Agent MSI installer, click Next, accept the license terms, and click Next. A registration token for the pool you are connecting the VM to must be entered in the next window.
3. Log in to Azure, select the Host pool and in the Overview area, click on the Registration key and download or copy the key.

   

4. Paste the registration key into the Azure Virtual Desktop agent installer window, click Next, and then Install and Finish when complete.

   

5. Open the Azure Virtual Desktop Agent Bootloader MSI installer, click Next, accept the license terms and then click Next and Finish.
6. Reboot the virtual machine and in Azure check the virtual desktop pool to see that the VM appears as available.

The agent install may be scripted using the Get-AzWvdHostPoolRegistrationToken PowerShell cmdlet and msiexec.exe to install the agents:

    Start-Process -FilePath "msiexec.exe" -ArgumentList "/i AZURE VIRTUAL DESKTOPAgent.msi /l*v AZURE VIRTUAL DESKTOPAgentInstallationLog.txt /qn /norestart REGISTRATIONTOKEN=$using:token RDInfraAgent=BYODesktop" -Wait -PassThru
   

    Start-Process -FilePath "msiexec.exe" -ArgumentList "/i AZURE VIRTUAL DESKTOPAgentBootloader.msi /l*v AZURE VIRTUAL DESKTOPAgentBootloaderInstallationLog.txt /qn /norestart" -Wait -PassThru   

For more information, see Get-AzWvdHostPoolRegistrationToken.

Configure an application group

To publish desktop resources to users, you must assign them to an application group. The default application group that is created for a new Azure Virtual Desktop host pool also publishes the full desktop. Follow these steps:

1. In Azure, click on the desktop host pool, click on Application groups, and then click on the application group name.
2. Verify that a default desktop-type application already exists in the app group.
3. Click on Assignments and then click Add. Select the users or groups to be granted access to the desktops and click Select. The users or groups added are on-premises users and groups that are synched from the on-premises active directory to Azure AD using Azure AD Connect.

Configure RDP properties

Follow these steps to configure the RDP properties:

1. In Azure, click on the desktop host pool and under Settings click RDP Properties.
2. Under each heading, set the RDP properties to configure the end-user’s desktop experience.