Book Image

Mastering Azure Virtual Desktop

By : Ryan Mangan

Book Image

Mastering Azure Virtual Desktop

By: Ryan Mangan

Overview of this book

Azure Virtual Desktop is a cloud desktop virtualization platform that securely delivers virtual desktops and remote apps. Mastering Azure Virtual Desktop will guide you through designing, implementing, configuring, and maintaining an Azure Virtual Desktop environment effectively. This book can also be used as an exam preparation guide to help you sit the Microsoft AZ-140 exam. You’ll start with an introduction to the essentials of Azure Virtual Desktop. Next, you’ll get to grips with planning an Azure Virtual Desktop architecture before learning how to implement an Azure Virtual Desktop environment. Moving ahead, you’ll learn how to manage and control access as well as configure security controls on your Azure Virtual Desktop environment. As you progress, you’ll understand how to manage user environments and configure MSIX app attach and other Azure Virtual Desktop features to enhance the user experience. You’ll also learn about the Azure Active Directory (AD) join and getting started feature. Finally, you’ll discover how to monitor and maintain an Azure Virtual Desktop environment to help you support your users and diagnose issues when they occur. By the end of this Microsoft Azure book, you’ll have covered all the essential topics you need to know to design and manage Azure Virtual Desktop and prepare for the AZ-140 exam.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Introduction

Section 1: Introduction

Free Chapter

Chapter 1: Introduction to Azure Virtual Desktop

Chapter 1: Introduction to Azure Virtual Desktop

Desktop virtualization

Azure Virtual Desktop – what is it?

Providing the best user experience

Enhanced security

Simplify management

Managing Azure Virtual Desktop performance

How does Azure Virtual Desktop work?

What's managed by Microsoft and what you manage

Section 2: Planning an Azure Virtual Desktop Architecture

Section 2: Planning an Azure Virtual Desktop Architecture

Chapter 2: Designing the Azure Virtual Desktop Architecture

Chapter 2: Designing the Azure Virtual Desktop Architecture

Assessing existing physical and Virtual Desktop environments

Assessing the network capacity and speed requirements for Azure Virtual Desktop

Identifying an operating system for an Azure Virtual Desktop implementation

Planning and configuring name resolution for Active Directory and Azure Active Directory Domain Services

Planning a host pools architecture

Resource groups, subscriptions, and management groups limits

Configuring the location for the Azure Virtual Desktop metadata

Calculating and recommending a configuration for capacity and performance requirements

Further reading

Chapter 3: Designing for User Identities and Profiles

Chapter 3: Designing for User Identities and Profiles

Selecting a licensing model for your Azure Virtual Desktop deployment

Planning for user profiles

Planning for Azure Virtual Desktop client deployment

Summarizing the prerequisites for Azure Virtual Desktop

Chapter 4: Implementing and Managing Networking for Azure Virtual Desktop

Chapter 4: Implementing and Managing Networking for Azure Virtual Desktop

Implementing Azure Virtual Network connectivity

Managing connectivity to the internet and on-premises networks

Implementing and managing network security

Managing AVD session hosts by using Azure Bastion

Monitoring and troubleshooting network connectivity

Chapter 5: Implementing and Managing Storage for Azure Virtual Desktop

Chapter 5: Implementing and Managing Storage for Azure Virtual Desktop

Configuring storage for FSLogix components

Configure storage accounts

Configuring file shares

Configuring disks

Further reading

Section 3: Implementing an Azure Virtual Desktop Infrastructure

Section 3: Implementing an Azure Virtual Desktop Infrastructure

Chapter 6: Creating Host Pools and Session Hosts

Chapter 6: Creating Host Pools and Session Hosts

Creating a host pool by using the Azure portal

Automating the creation of AVD hosts and host pools

Chapter 7: Configure Azure Virtual Desktop Host Pools

Chapter 7: Configure Azure Virtual Desktop Host Pools

Windows Server session host licensing

Configuring host pool settings

Chapter 8: Azure AD Join for Azure Virtual Desktop

Chapter 8: Azure AD Join for Azure Virtual Desktop

Deploying an Azure AD-joined host pool

Enabling user access

Configuring local admin access

Chapter 9: Creating and Managing Session Host Images

Chapter 9: Creating and Managing Session Host Images

Creating a gold image

Modifying a Session Host image

Creating and using an Azure Compute Gallery (ACG)

Troubleshooting OS issues related to Azure Virtual Desktop

Section 4: Managing Access and Security

Section 4: Managing Access and Security

Chapter 10: Managing Access

Chapter 10: Managing Access

Introduction to Azure RBAC

Planning and implementing Azure roles and RBAC for AVD

Managing local roles, groups, and rights assignments on AVD session hosts

Chapter 11: Managing Security

Chapter 11: Managing Security

Introduction to MFA

How does Azure MFA work?

Planning and implementing MFA

Managing security by using Microsoft Defender for Cloud

Using Microsoft Defender for Cloud and AVD

Enabling enhanced security for AVD

Configuring Microsoft Defender Antivirus for session hosts

Section 5: Managing User Environments and Apps

Section 5: Managing User Environments and Apps

Chapter 12: Implementing and Managing FSLogix

Chapter 12: Implementing and Managing FSLogix

Installing and configuring FSLogix

Configuring antivirus exclusions

Configuring Cloud Cache

Microsoft Teams exclusions

FSLogix profile container best practices

Chapter 13: Configuring User Experience Settings

Chapter 13: Configuring User Experience Settings

Configuring Universal Print

Configuring user settings using Microsoft Endpoint Manager

Start Virtual Machine on Connect

Troubleshooting FSLogix profiles

Troubleshooting Azure Virtual Desktop clients

Further reading

Chapter 14: MSIX App Attach

Chapter 14: MSIX App Attach

Configuring dynamic application delivery by using MSIX app attach

What does it look like inside MSIX?

What is MSIX app attach?

MSIX app attach terminology

An overview on how MSIX app attach works

Creating an MSIX package

Creating an MSIX image

Configuring Azure Files for MSIX app attach

Importing the code-signed certificate

Uploading MSIX images to Azure Files

Configuring MSIX app attach

Publishing an MSIX app to a RemoteApp

Troubleshooting

Further reading

Chapter 15: Configuring Apps on a Session Host

Chapter 15: Configuring Apps on a Session Host

Application Masking

Section 6: Monitoring and Maintaining an Azure Virtual Desktop Infrastructure

Section 6: Monitoring and Maintaining an Azure Virtual Desktop Infrastructure

Chapter 16: Planning and Implementing Business Continuity and Disaster Recovery

Chapter 16: Planning and Implementing Business Continuity and Disaster Recovery

Designing a backup strategy for Azure Virtual Desktop

Planning and implementing a disaster recovery plan for Azure Virtual Desktop

Configuring backup and restore for FSLogix user profiles, personal virtual desktop infrastructures (VDIs), and golden images

Chapter 17: Automate Azure Virtual Desktop Management Tasks

Chapter 17: Automate Azure Virtual Desktop Management Tasks

Creating an automation account for Azure Virtual Desktop

Chapter 18: Monitoring and Managing Performance and Health

Chapter 18: Monitoring and Managing Performance and Health

Configuring Azure Monitor for AVD

Using AVD Insights

Setting up alerts using alert rules

Introduction to Kusto

Using Azure Advisor for AVD

Chapter 19: Azure Virtual Desktop's Getting Started Feature

Chapter 19: Azure Virtual Desktop's Getting Started Feature

How the Getting started feature works

Using the Getting started feature with Azure AD DS and AD DS

Using the Getting started feature without an identity provider

Post-deployment cleanup

Troubleshooting the Getting started feature

Final Assessment

Final Assessment

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Appendix: Microsoft Resources and Microsoft Learn

Appendix: Microsoft Resources and Microsoft Learn

Azure Virtual Desktop Community shout-outs!

Other resources written by Ryan Mangan

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Managing AVD session hosts by using Azure Bastion

In this section, we look at Azure Bastion as an additional layer of security for accessing VMs securely through an HTML5 browser within the Azure portal.

What is Azure Bastion?

Azure Bastion is a platform-managed service that enables admins to connect to VMs in Azure using your web browser. The service makes it easy to connect securely to your VMs directly from the Azure portal over a Transport Layer Security (TLS) connection. Azure Bastion also removes the need for public IPs or Remote Desktop Services ports to open on your NSGs for the internet.

When using Azure Bastion, you use the Azure portal to connect the VM, which is essentially an HTML5 TLS connection. The Bastion deployment then connects to the resources securely inside the virtual network using RDP or Secure Shell (SSH) protocol, depending on the VM remote protocol requirement.

Important Note

Azure Bastion uses port 443; ensure that you configure the NSG for...