News

Microsoft Outlines How To Set Up Windows Virtual Desktop

• By Kurt Mackie
• 06/07/2019

Microsoft experts on Thursday showed how to set up the Windows Virtual Desktop (WVD) service, which is currently available at the preview stage.

The setup details were part of an "All You Need To Know About Windows Virtual Desktop" Web presentation for IT pros hosted by Pieter Wigleven and Christian Montoya, who are program managers at Microsoft. The presentation is currently available on demand here (with sign-up). Microsoft also published a resource guide page with links pertaining to the talk.

WVD is a new virtual desktop infrastructure service from Microsoft that lets organizations access Windows 7 or Windows 10 desktops hosted on remote servers, namely via Microsoft's Azure datacenters. The WVD service is expected to get commercially released ("general availability") sometime in the second half of this year.

WVD is different from Microsoft's current Remote Desktop Services (RDS) virtual desktop offering because the underlying operating system is the true desktop OS (Windows 7 or Windows 10). In contrast, with RDS, users remotely access the Windows Server OS, which delivers a somewhat different end user software experience.

Prerequisites
The talk described some of the prerequisites needed before using the WVD service.

Organizations will need an Azure subscription and they'll need to use the Azure Active Directory identity and access management service. Essentially, an organization's local Active Directory used for its on-premises computing environment will need to be tied to Azure AD to use the WVD service. It can be done using Active Directory Domain Services (ADDS), which is accessible via Windows Server. Alternatively, Azure AD has its own ADDS that can be turned on using the Azure Portal. The talk explained that ADDS permits the virtual machines (VMs) used with the WVD service to be joined to an organization's domain.

More about these ADDS options can be found in the article, "5 Windows Virtual Desktop Prerequisites," authored by Nerdio CEO Vadim Vladimirskiy. Nerdio is an independent software vendor and Microsoft partner focused on WVD and RDS desktop virtualization solutions. A Q&A with Vladimirskiy on WVD can be found in this Redmondmag.com article.

The talk stressed that all Azure resources used with the WVD service should be located in the same region. It's not exactly a requirement, but it will make life easier, the talk suggested. Last year, Microsoft had indicated that the management component of WVD preview was just located in its US East 2 Azure region. Apparently, based on the talk, WVD support has expanded to the US West region, as well.

The talk indicated that after the WVD prerequisites are met, three steps are needed before deployment. IT pros will need to grant Azure AD consent. They'll need to assign a "TenantCreator." Lastly, they'll need to create their own WVD tenant. After those steps are done, IT pros can open the Azure Portal and assign a host pool for the WVD users.

WVD supports either "pooled desktops" or "personal desktops," according to Nerdio's CEO in the Q&A article. The former scenario might be used with Windows 10, permitting multiple users to be hosted from the same VM. The latter scenario might be seen with Windows 7 on the WVD service, as Windows 7 just supports connecting a single user to a single VM.

More about the OS requirements associated with the WVD service can be found in this Microsoft "Overview" document.

Host Pool Configuration
With the prerequisites met, IT pros can open the Azure Portal and assign a host pool to use the WVD service. The Azure Portal has a six-step wizard for the purpose.

IT pros enter details such as the name of the pool and whether it's "personal" (one user to one VM) or "pooled" (one VM that multiple people can remotely access). Default desktop gets specified. IT pros also indicate the location where the host pool will get deployed (choose US East or West, the talk suggested), among other details.

IT pros can change the number of VMs used for the WVD service in the usage profile. Any VM that Azure offers can be used with the WVD service, but Microsoft recommends using the "D8s v3" VM option.

The operating system image to use with the WVD service gets selected from the Azure Gallery. Microsoft recommends using the Windows 10 Enterprise Multisession image, which integrates with the Office 365 ProPlus productivity suite. Microsoft explained during the Q&A portion of the talk that the OS image isn't available from the Volume Licensing Servicing Center as the OS strictly runs on Azure datacenter infrastructure:

Windows 10 Enterprise multi-session is only supported in Azure and currently available in the Azure gallery. If you go to the Azure Portal and search for "Windows 10" you can select and choose the multi-session edition, both 1809 and 1903 are there currently. You can download the VHD and customize on-prem. It won't be made available as part of the ISO available on VLSC.

WVD supports the Windows Server 2019 OS, too, but there's a catch for Office application users in that "only Office 2019 perpetual is supported on Windows Server 2019," Microsoft's Q&A indicated.

The lack of support for Office 365 ProPlus, Microsoft's Office-as-a-service product, on Windows Server 2019 in virtual desktop scenarios is an obscure detail that's described in this Microsoft forum post from late last year. A good discussion of the options available can be found in this post by Grey Matter, a software consultancy.

IT pros specify the applications to be hosted by creating "a gold image/template image with all the applications installed," Microsoft explained in the Q&A portion of the talk. "Then you can create any number of VMs from that image." IT pros using the WVD service are still responsible for "VM lifecycle management, including creation of template images and keeping them up to date," according to Microsoft's Q&A.

Currently, with the WVD preview, images can be created using the U.S. English language option only. However, the language can be changed later, according to the Q&A:

You can customize the image with different languages and use that to deploy further hostpools. The other options is to change it after deployment (e.g. using ConfigMgr).

IT pros also have to configure FSLogix, a profile-management solution that's used as an alternative to profile disks and roaming profiles. Essentially, FSLogix keeps user profiles together for the WVD service. It also allows OneDrive synchronization with the WVD service, as well as search indexing with Outlook, as explained in the Nerdio Q&A article.

After the configurations are made, organizations will have their first WVD environment "within an hour," the talk promised.

Q&A Details
The Q&A portion of the talk provided some new information about the WVD service and Microsoft's plans.

When asked if the Microsoft Intune mobile device management and Windows Defender Advanced Threat Protection services could be used with WVD, Microsoft indicated that "we are working on Intune support for Windows 10 multi-session -- it's coming later this year," and added that "Microsoft Defender ATP is supported."

Microsoft also indicated that "we plan to support thin clients" with the WVD service. "We will share more information over the next few months as we make progress," it added.

Microsoft is also considering enabling the WVD service for users of Azure Stack, its "Azure in a box" software-plus-hardware product for use in organizations' datacenters. The prospect of adding the Azure Stack support for WVD is "in very early phases" and there's "no promises yet!"

Microsoft was asked about Microsoft Teams and Skype support with WVD. Teams support is being worked on, per the Q&A:

We are working on Teams support where you can run Teams in a VM on Azure with audio/video support. We won't declare support unless the experience is great :) More info on timeliness coming soon.

The Q&A affirmed that Microsoft 365 Business per-user subscriptions can use WVD as a benefit. This benefit was described in April in a likely overlooked Microsoft announcement. The new use rights were noted by Nerdio via an e-mail this week.

"Prior to the [April] announcement, it was not possible to use this specific package [Microsoft 365 Business] to fully license a virtual desktop deployment because Office 365 ProPlus was still needed for its SCA [shared computer activation] capabilities," Nerdio explained.

The new WVD use rights with the Microsoft 365 Business plan represents a "25 percent reduction in the per-user-per-month cost" compared with what was previously available, Nerdio contended.