Episode 395 – Getting Started with VDI in Azure with Azure Virtual Desktop - podcast episode cover

Episode 395 – Getting Started with VDI in Azure with Azure Virtual Desktop

Microsoft Cloud IT Pro Podcast
Feb 13, 202544 min
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description

Welcome to Episode 395 of the Microsoft Cloud IT Pro Podcast. In this episode, we dive into Azure Virtual Desktop (AVD) and how it enables organizations to deliver secure, scalable Virtual Desktop Infrastructure (VDI) in the cloud. Whether you’re looking to modernize remote work, enhance security, or optimize IT costs, AVD provides a flexible solution for accessing virtualized Windows desktops and applications from anywhere.Topics covered include: What is Azure Virtual Desktop? A breakdown of AVD’s features, benefits, and common use cases. Deployment essentials – Setting up host pools, session hosts, and assigning users. Configuration best practices – Managing user profiles with FSLogix and securing AVD with Microsoft Intune. Cost estimation – Key factors affecting pricing and how to optimize expenses. Getting started – Steps to connect via the Remote Desktop client on multiple platforms. Whether you’re an IT admin or just exploring VDI in Azure, this episode is packed with insights to help you get started. Tune in and take your remote desktop strategy to the next level! Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Azure Virtual Desktop documentation Understand and estimate costs for Azure Virtual Desktop Azure Virtual Desktop Azure Virtual Desktop documentation for users Get started with the Remote Desktop client FSLogix for user profiles Managing with Intune Manage the operation system of sessions hosts (with Intune) About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

Transcript

Welcome to episode 395 of the Microsoft Cloud IT Pro podcast recorded live on 02/10/2025. This is a show about Microsoft three sixty five and Azure from the perspective of IT pros and end users, where we discuss a topic or recent news and how it relates to you. Today, we dive into Azure Virtual Desktop or AVD and how it enables organizations to deliver secure, scalable, virtual

desktop infrastructure, or VDI, in the cloud. We discussed the benefits of AVD for modern remote work, enhanced security, and optimizing costs for your organization. I'm back from Miami where I was Friday. You're off to your destination sitting in a dark room. So I'm in Seattle this week, yes, for, some work stuff and a conference that's that's here along the way. So we've

been kinda gallivanting all over the place. We should address, you know, speaking of recording and audio and things like that, we think we got the audio glitches worked out. And whatever happened in the last episode or two with weird skips and things should be turned off for subsequent ones going forward. Yes. I apologize, anybody. We did get some feedback of people

that noticed it as well. But, yes, there was some I think it was some AI, ironically enough, for was as we talked about Copilot, it was some AI processing to remove some silences, and we have since reuploaded a cleaned up version where that processing was not in place and future ones should not have that on there. Well, why don't we go ahead and get into our topic for today? Alright. So topic for today. We talked about a few topics. Like, we had talked about comparing

different VDI solutions on Azure. And for today, let's talk about instead of trying to compare them, that would be a long episode, VDI and Azure, otherwise known as ABD. Well, we're gonna do ABD and Azure. We could do VDI with Citrix. There's lots of options. We're gonna talk specifically Azure Virtual Desktop today in Azure, kinda getting started with it, things to think about. I've set this up for several clients now, actually. I have some other ones that are looking to go to it.

So we will kinda dive into this and maybe even some of the pros, cons as well with the whole VDI thing in Azure. I think of this as getting started with VDI in Azure and then kind of parenthesis at the end of that, just Azure Virtual Desktop. Because if you're going to do a virtual desktop solution in Azure, I think it makes sense to look at the first party ones. And then you have the third party ones

that exist out there. And sometimes there's that mix of also first party third party where you can buy things through the Azure Marketplace and say you're a customer that's out there on a a Mac agreement or like a more formal commitment to spend, then you can go ahead and also kind of do that consumption that way out of the Marketplace. So we'll start with Azure Virtual Desktop today, which, you know, I think it'd be fair to say is the solution

that Microsoft would lead with. So it's the leading VDI solution in in Azure today. But there's lots of other options there. So we'll kinda talk about the first one, Microsoft first party. What's there? What you get out of the box? And how all that comes together? And potentially, how that can enable you in the world of 100% remote, hybrid, all all that goodness. Where do we wanna start with Azure Virtual Desktop? Should we start with a little bit of

just, like, what it is? I mean, I think I sometimes you can assume everybody just knows what Azure Virtual Desktops are, what VDI is. But maybe just starting off with, like, a definition of what is Azure Virtual Desktop. You know me? I always like a good definition. You like a good definition? I do. So it is a virtualization service. Imagine that. Right? Virtual desktop is virtualization. Runs on Azure where you can essentially publish out different different virtualized experiences,

I would say, in end users. Whether you wanna push out a virtualized desktop and you can think of this as kinda like an RDP type of desktop where you're remoting into the machine, getting the full desktop experience where you can launch applications, you have your start menu. It's like a full RDP experience Similar to, like, the old terminal services sessions that used to do with on prem where you're not necessarily

the configuration is different. Like, typical RDP, you're going over port thirty three eighty nine most of the time. Usually, you're limited to, like, one or two sessions, and if somebody else tries to log in, you get booted out. Virtual desktops give you a host of resources that allow you to kinda configure how many people you wanna log in, get that desktop experience. But kind of along with that, if you don't wanna do a full desktop, this also

allows you to do individual apps. So, again, now you connect to this virtual desktop environment, and instead of launching that desktop experience where you're logging into a full machine, you're just launching an individual app. Maybe it's Office apps or a browser or a another third party application, one of your internal applications that you use for your company. There's lots of different ways you can kinda

configure these apps, publish these apps out. But now instead of having to provide that full desktop, people can just go in and launch an app in this virtualized environment that can give you lots of different benefits when you think of that type of scenario. For sure. And we've talked about other solutions here as well. So you recently had an interview on M365 link and some of the things that go on with Windows three sixty five desktops.

These concepts are similar. It's just less of a managed service and more of a service that you can come in and manage with that virtual desktop infrastructure. So you're gonna get kind of more knobs and more levers that you can, you know, tweak, twist, pull, push to configure your environment and get it to where it needs to be. Yeah. Definitely. And I think because you brought that up, that's always one

thing to compare. And I've had this discussion is when do you wanna do, like, a managed service, like a Windows three sixty five, the cloud PC versus your Azure realtor dot virtual desktop. And like you said, there's some pros and cons there in terms of how much do you wanna manage. I would say there can be some pricing that comes in there in terms of what users are doing in these environments, because the cloud PC is always gonna be the full desktop. That one's not published apps.

ABD, you do get some additional, configuration options there. And I think the other thing to think about when you start going down this route is it's like, this is what it is. Why would you go this route? And I've seen this take off a lot with work from home. I think there's a lot of security benefits here, or there can be a lot of security benefits here as well, especially with

external vendors. And I see this type of environment spun up a lot where you do have data in your environment or certain applications that you wanna protect because when you give users devices, typically, like, I have my laptop here, I have a desktop, whatever it is, if I'm going in and connecting to an application or I'm logging into Office three sixty five, to SharePoint, to OneDrive, I can take those files, I can copy them down to my machine potentially,

or even from a network perspective, there is information that's going out over the network. Maybe you set a VPN, but then you have the VPN to deal with. When you get into this Azure Virtual Desktop environment, you stand up these hosts and the machines that are running this environment, really within your network. And because we're talking Azure, is you're setting this up within your Azure network, and now all that traffic is staying within that network, within that VNET or that particular

subnet on Azure. You can control that those networking connections a little bit more from these machines, but these machines now aren't necessarily a machine someone can just walk away with or download data to. It's staying within, I would say, the the confines

of your organization. Where they're remoting into machines in your organization, you can do things like prevent what they're allowed to copy and paste out of that machine, whether they're allowed to map different drives from their local machine up over this remote connection. From an RDP perspective, you're not opening up a public port. All of this happens over port four forty three, HTTPS, so there's not additional ports or networking considerations to take into effect in terms of where

users can connect to these VMs from. You're not punching holes in your firewall to get to them. So I think some of those from that remote work perspective or if you have I've seen this too with contractors overseas. You have contractors in a different country than you are, and there are certain requirements there around maybe data being allowed to go over your network from one country to another with a VDI type environment because it's all

in the same network. All that data, all that traffic can stay within that your home country, I would say. So it's not you're not, again, opening up that data to be traveling across the network to a whole bunch of different countries. The other use case and and, you know, I think there's the kind of the thin client and let me come in and get my desktop. But the other one that I use all the time is when I'm on my personal device and I don't have my work device near

me. So if I'm just on my personal laptop and I don't have my work laptop near me, I still might need to get in and send an email or you know, check on something and go in and triage. And with my employer, all my devices need to be registered in MDM. So my personal laptop is not registered in MDM. Like, that's just not happening.

So in that world, I also have access just to those virtual desktops, and it it's actually AVD that my employer uses to go ahead and get us out there and and get us quick access to that. So if I'm traveling, like this week, I'm on the West Coast, I can just hop in, you know, if I'm here in my hotel room on my personal laptop and not over in the office where my work one is, then I can still hop onto that desktop. You know, I can just go to the the West US AVD pool and start

to hit that side. Or when I'm back home in Florida, I can hit the East US pool. If I travel to Europe, I can hit the European pool, Asia, things like that. So that's super helpful as well. And now that I think MMR is getting a little bit better and some of the camera pass through, mic pass through, things like that, it it smooths it out and

generally makes it a little bit better. So kinda now that we've got an idea of the use cases, things like that, why don't we talk through some of the setup, what's involved, what you need to have? So what you need, you need an Azure subscription. Step one, get an Azure subscription. Yes. Azure subscription. You need some place to go deploy these VMs. Step two, you need some type

of Active Directory environment. I would say one nice thing about AVD I don't know I haven't tried to do this with other VDI environments, but since we're talking AVD, you can use a traditional Active Directory where you're gonna have your domain controller up in the cloud, join them there. But you can also make

these just entry joined. So if you don't have a typical domain controller and you just have Entra ID or Microsoft Entra ID, you can also join these servers, these hosts that are using to power ABD straight to Entra. So you are going to need either Entra ID or a and to be honest, if you have an Azure subscription, you're gonna have Entra ID, so you better have one or the other of those or both of them. You also need a network.

So you are going to need that VNet set up in Azure that you can join these machines to. Obviously, if you're using AD, whatever network is gonna have to have line of sight to between your ABD environment, your, that ABD network and your the network that your domain is in. And really to get started, oh, you need a Microsoft three sixty five subscription or some way to license Windows. And I don't know if we wanna get into pricing or not yet, but you

do need to have Windows licenses. And if you are running, like, a Microsoft three sixty five e three or e five, those licenses include Windows, and they include the Windows license for your users for, ABD. So your cost is going to be the hardware for these hosts, but you're not gonna have to worry about, again, going back to on prem days where you're worried about, like, terminal server licensing or Windows licensing for the server. That's all gonna be included with that Microsoft

three sixty five license. Some of the licensing constructs are a little bit weird. So I think it's a good call out that, yes, you have to have Windows licensing, But let's hold off for a couple minutes and we can kind of talk AVD cost and estimation and things like that. Because Windows licensing is almost its own certification on the side to go out and figure out where you're going to pick that up from. But

it's definitely consideration for you. Yeah. You have to think about the operating system, the applications that are gonna be deployed there. And you would have done this in any other VDI environment as well. Do I even have the rights or the ability with the vendors that I contract with to be able to run that software on a remote desktop? How is it licensed? You know, does does that piece of software require a little USB key to be plugged in

the whole time? Well, like, that's maybe not gonna work for you in this scenario kind of thing. So you do have to walk through and and think through that as well. I would imagine most folks who are looking at a remote desktop solution or or a virtual desktop solution, they've kind of already worked through this in on prem land. Like, I see a lot

of folks who are going to cloud. And then, you know, the cloud first ones, you know, a lot of them, I think, for probably for the better or for them, just end up in the more out of the box, sassy kind of solutions, you know, like Windows desktop, like Windows three sixty five desktop. I would agree. So that's really I mean, once you have that, that's all you need to get started. And I would my opinion, to just stand up a

small ABD environment. Get a couple servers up there, get it running to the point where you can log in. Once you have those things in place, it's pretty straightforward. It can get complicated quickly depending as you scale it out and all of that. There's lots of different buttons. But once you have those, there's just a couple things to create, and you can be up and running with ABD. Do we wanna start diving through, like, now you have those in place, steps to go

stand up ABD? So we should probably start with host pools and session hosts. So I was on the fence. I'm like, do you start with host pools or do you start with workspaces? Because the I would say the first thing you go in and create because I think you can get all the way through a workspace without any yeah. The first thing you need is a workspace. We're gonna start with that. So a workspace is where these different and I'm gonna call them applications live.

But applications groups or applications that live within a workspace could be a desktop environment, that RDP type of session, or it could be those individual applications. So, really, what a workspace is is you're gonna go in and you're gonna pick a subscription and a resource group for this workspace, give it a workspace name, give it a friendly name. So this is what people are going to see when they go log in to

the ABD environment. So like you said, Scott, when you're in Europe, when you're out on the West Coast, the East Coast, you may have a workspace that is based on East Coast, West Coast, Europe, etcetera, because one thing you do in addition to the name and the subscription is give it the location where this particular workspace is gonna live. What region, East US, East US 2, West US,

etcetera. And once you have kind of this workspace defined, you can choose at that point in time to go create one of these application groups. Applications are gonna live there. If not, you can just go through, and that's really all you need is just that default workspace. After the workspace, it's kind of a toss-up here because then you need application groups and you need host pools. The next thing you're probably gonna wanna do is that host pool after workspace. So a host pool is going to be

exactly that. You're gonna say this is a pool of hosts, a pool of VMs that are gonna power the different applications, or the different RDP sessions within my environment. So once you have that workspace, you can go in and same type of thing, you pick your subscription, you pick your resource group, you give your host pool a name. The workspace can be different than the host

pool. So the host pool here, you also pick a location for, and then you're going to pick, is this going to be a host pool that hosts remote desktop sessions where people are logging in, or is this host pool going to host remote apps? So this is one scenario you can't, like, mix and match within a host pool.

You pick one or the other. And this is where workspaces can come into place is you could create a host pool for desktops and a host pool for those remote apps, launching your Office apps, Firefox, etcetera, and put them within the same workspace so that even though you have these different pools on the back end running your resources, for your end users, they show up in a single workspace and give it a cohesive look for your end users.

So you're gonna pick that type. Are these desktops or applications? And then do you want this host pool? You have two different types of host pools that you can set up. You can set up a pooled host pool where it's really just taking a bunch of resources, pooling all those resources together, and as users log in, they just draw from this pool of resources.

The other option is personal, and this gets into if you wanna kinda host more of like your own cloud PC type of environment where a host is tied to a specific individual. So if we were creating one for the podcast, Scott, and we did personal, I would have to go in and stand up a host for you and a host for me, and then I pick Scott gets this host, Ben gets this host. So instead of pulling from a conglomeration of resources in a pooled scenario, we get our own dedicated

resources. And then from there, you're gonna go pick how many virtual machines do you wanna add. And from this this point in time, it's a lot like just standing up a virtual machine in Azure. You're gonna go have a few unique things. You're gonna have the resource group. You're gonna have the prefix that you use for session hosts. So naming your servers. And this is a little bit unique is that

you don't pick the full name. You pick a prefix, and then it'll start appending 0123456 on up as you create additional hosts in your host pool. I so think through that prefix. Know that it's gonna start adding numbers to it, so you do have a limited number of characters. I believe it's 11 that you can use because it starts appending other things to it. I was just looking ten, eleven. That's 11. Length of 11 for your prefix.

Then you can go pick your virtual machine settings, regions, availability zones, secure boot, TPM, your disk images, your size of your VMs, how many you wanna create. So if you're creating a big host pool and you wanna create 10 or 15 at a time, you can do that. OS disks, networking, domain settings to join the domain, virtual machine admin account, get a lot of your normal, VM settings. With the images, I would say

look at what images are out there. You have your typical Windows seven, Windows 11 or Windows Server, Windows 11 images. But a lot of times in ABD, especially if you're doing these pooled resources and multiple people sharing a VM, there is a very specific image out there from Microsoft, the Windows multi session image. And there's also a multi session with your

Microsoft three sixty five apps. So if you're standing up that environment and you are gonna have pool resources, you're gonna be using Microsoft three sixty five, you wanna make sure you're grabbing this multi session image from the marketplace because Microsoft has done a lot of work in there to optimize that certain configurations around your desktop applications to ensure that those work well within multi session.

So if you go, like, just grab the default Windows 11 or Windows 10, and you're doing that multi session type scenario, you could run into several different issues. The other thing you can do is you can do custom images. You can go do your own shared images, your own golden images. There's guidance around how to do all that. If you're gonna go that route, same thing. Make sure that you're starting with that multi session image in Azure and creating your own

customized golden image from there. Just, again, to help with that. I wonder which path you go down given you've done this with, you know, a couple customers on your side. Do you kinda recommend the image path? Or do you recommend the let's go with an out of the box marketplace image? Like you said, it's gonna be kinda bootstrapped and configured and have that good known configuration for, say, multi session teams, right, and and everything tweaked and and

ready to go in that image. And then doing post deployment because I, you know, I could be jumping the gun a little bit, but one of the things that happens here as well is you can manage these environments and these units of compute. You know, you said resources a bunch of times. I'm just thinking in the back of my head. Units of compute. Units of compute. Units of compute. I'm spinning up VMs and disks and things like that behind it. But you

can also manage all that with Intune. Which means you also get the management kind of plane and tasks and the ability to push things out of Intune that come from that stack. So you can also do a lot of your post configuration as far as, like, boot of a host comes up and does this. Well, let me go ahead and pull these things down for this period of time. And that can get into the weirdness, like you said, of what type of host pool is it. Is it a user host pool?

Is it a big shared pool where we're doing multi session and and those kinds of things. But you can kinda have your cake and eat it too. It's just you have to think through everything end to end because there's a bunch of moving pieces in there between how the host pools compose, what the underlying units of compute are. There's a lot of granularity, like you said, even down to your deployment types because you're deploying VMs. Like, what zones do these go into?

What does that look like and how does it all spin up? But then, yeah, you know, if it's one less thing to worry about, I think, if you don't have to manage images, then you can just use the out of the box marketplace stuff and do post deployment, post boot, you know, think through your roaming profiles and and all those kinds of things as well and and get your environments up that way. Yes. Do you feel overwhelmed by trying to manage

your Office three sixty five environment? Are you facing unexpected issues that disrupt your company's productivity? Intelligink is here to help. Much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running, Intelligink helps you with your Microsoft cloud environment because that's their expertise. Intelligent keeps up with the latest updates in the Microsoft cloud to help keep your business

running smoothly and ahead of the curve. Whether you are a small organization with just a few users up to an organization of several thousand employees. They want to partner with you to implement and administer your Microsoft cloud technology. Visit them at inteliginc.com/podcast. That's intelligink.com/podcast for more information or to schedule a thirty minute call to get started with them today. Remember, Intelligink focuses on the Microsoft cloud so you can focus on your business.

So I do the marketplace image as much as I can. I do have one client where we created a golden image and did the custom image. Again, I started from that multi session image to build the custom one. And I would say, again, it depends. Like you said, multisession is great. Part of what I would say you run into with just doing Intune and just doing post deployment is, one, can you get Intune to do everything you need?

So certain applications can be very complex to get set up with Intune and deploy if there's more than just, like, run an MSI to get it there. The other thing Microsoft does still recommend, and if you think about it, it does kinda make sense, is not to turn on the auto updating in your Windows updates. You can do, like, the security updates, but you still wanna be careful with feature updates.

Even some of the other patching, think through the whole whole host pool scenario where if you have a pool of 50 different virtual machines, and because it's pooled, a user could log out and log in to log out, log in again the same day, and end up on a completely different host than they were on fifteen minutes before.

So if your machines aren't all identical, you could, in theory, end up with weird things, especially if you're doing the whole roaming profiles in FSLogix where, like I think of Teams for an example. Teams does not install in program files anymore. It does some weird stuff with what it puts in a user's

app data or app data. So if you're, like, have a roaming profile and you end up with two different versions of Teams on different machines, different things with browsers, like, all those different things you think about that if you go to a different machine and something's mismatched where problems could arise. So there is, I would say, an aspect that's nice to doing a custom image that certain things you control.

And when it's time to do certain updates, you just do a refresh of the image and start there. But like you said, there are certain things you can manage with Intune, certain applications you can install with Intune. So I end up with that weird mix of certain applications. Absolutely. I just push them down from Intune. I don't worry about putting them in the global image. Adobe Reader is a great one. Push Adobe Reader down from Intune. Your Office applications,

those are bundled in the image. What other ones? Firefox. I think they tend to push different browsers down through Intune. But, yeah, there's other things and other scenarios where you absolutely still end up doing custom images. That felt like a really long answer. Yeah. Well, I mean, you can also mix and match. So you can do both along the way. You know, I think image management used to be a lot easier when it was all local.

And you could kind of do everything in your local hypervisor and then just load it into your environment. And managing Azure images in general is a little bit different. Like, there's a different set of drivers and considerations and how you might wanna think about even, you know, just monitoring VM health and things like that that end up on those. So it's not something where you kinda walk in and you go, it's just the way I

did it on prem. It's it's different. And I think you're better served by kinda thinking about it as different. Like, if you're not in this world today or you're coming in and you're like, you know, I just just do golden images today and it's fine. You might wanna rethink that and take some time and plan through it because it might not be the fit for everything along the way. So before we leave the kind of compute side of it, I think the other thing that's important to mention is these are

units of compute that get spun up. These are virtual machines. So they consume CPU. They potentially consume GPU. They consume disks. So that means you need to have quota for all those things as well. Like, I can't stand up a 50, a 50 VM host pool if I don't have access to, you know, those hundred CPUs or those 200 CPUs and that actual quota in that region ready to go in there. And then the other thing to keep in mind is just because you have a quota doesn't always mean that

the compute is available as well. Like that's another weird one. You can't just go and always spin up 50 VMs depending on your environment, your quota, and what's going on, especially if it's not all reserved compute that's reserved and held out for you all the time. Yes. I have absolutely hit that before where we went to go stand up and I mean, a lot of default quotas are, like, 50 CPUs.

And one of these in particular, we needed to stand up, like, twenty sixteen core VMs or twenty four sixteen core VMs. That is a lot more than 50. So we had to go get quota right away. The other thing I would also say is a lot of these going back to even your custom images, if you wanna refresh these. Right? If you have a VM that has issues or when I go to stand up new images, let's say I go do an update, I wanna refresh with my golden image, Intune does not push stuff down instantaneously.

So if this is one of those environments where it has to run around the clock or you have to have a certain number around the clock, you may actually have to run double the amount of compute that you normally would for twelve hours or for twenty four hours so that your new images can come up, Intune can get deployed, they can get joined to AD, they can get all the applications pushed down

to them. All that stuff that maybe takes a few hours to do can get done on your new VMs while your old VMs are still running, which means you need twice the amount of quota. And then you can shut down your old images, get rid of them as people log out of them as you don't need them anymore. But sometimes you need a lot more quota than you initially think because of some of that overlap in how you do your deployments. We got compute. You mentioned kind of roaming profiles in FSLogix.

So once you've got your compute, I think there's a step kind of in the middle here where you've got to assign your users. So we talked about the need for Active Directory or Azure AD, Entra ID to be there. And push those things through. So you've got to assign those users to virtual desktops or to your groups of applications that you have out there. You gotta give those users access, potentially bootstrap them, get them going, get them set up on the Windows app. All that kind of stuff.

And once that's ready to go, then we're into actually configuring that. So you mentioned roaming profiles, FSLogix. Let's kinda take a step back there, maybe real high level. What's what the benefits are of FSLX, FSLogix profiles, profile containers, and how that impacts the user experience. So profiles, this is a big one. I would say this is almost a requirement if you are doing that pooled approach. Because

we we talked about it. Right? Like, this one environment or a larger environment, you may have 24 different VMs in a shared host pool. Let's say each one of those can support 10 people. You have, like, 240 users that are using ABD across those 24 VMs. If you don't do the whole roaming profiles, which is essentially my profile for my Windows environment, is stored off in another storage account. It could be NetApp storage. It could be Azure files. But that typical c users, b steging,

s h og is stored out there. When I log in to a virtual machine, it goes out to that file share, grabs my profile, loads it into that VM that I'm connected to so that as I'm doing my work, working in my documents or working within Outlook, all of that application data that's stored in my user profile, stored in there. When I log out of the VM, it gets written back to that network storage location,

and saved out there. The benefit is is because I'm in that pooled environment, and I mentioned this before, I may go log in ten minutes later and end up on a completely different virtual machine. If I have my profile on that network drive, now it can pull in my profile, pull it into that second VM I'm logged into, and I really am just picking up right where I left off. All my applications are configured the same. My documents are there. Everything I configured on my desk top is there.

Everything is configured as it should be or as I left it versus if I'm not doing that and I'm logging in from one machine to another machine to another machine, those profiles are local to that machine. So now I have a profile on every single VM I've logged into, and the information that's stored in my user profile on my machine is different because it's on all these other virtual machines. The other downside is guess what else profiles take up on all those different

virtual machines? Storage space on your c drive. Mhmm. If I have 240 users logging in to each one of those machines at any time, 240 profiles on each machine across however many machines. I said 24 machines. It takes up a lot of storage space as well, so you end up with a whole mess of profiles and storage bloat and expensive disks and all of

that. So, absolutely, if you're going down this pooled route, I and if you're doing more than if you're doing really more than one machine, you should think about doing these roaming profiles, doing FSLogix. I have done this before where it's a small company, five users. They want the benefits of ABD from the remote application logging in. They just stand up

one great big machine. There's some downsides to that, but one great big machine, you don't need to go through the extra effort of roaming profiles because you got a handful of people, their profiles are on the machine, you can get away with it and be

fine. I think beyond the consistency of the user experience, which is important, hey, let's make sure my app config carries over and those things are there, You'll also see vastly improved login times because all that information already exists and it's ready to go and it doesn't need to be bootstrapped. If you think about the out of the box bootstrapping experience for just logging in the first time as a user to a new desktop, you don't want your users to go through

that every time. So, yeah, if you do have that pool out there and then that's ready to go, I think that's a consideration for you. So we got roaming profiles. We talked a little bit about management with Intune. Management with Intune does extend beyond deploying applications. You can also monitor VM health and and some things in there. So I think it's a little bit of a mix between what you're gonna monitor potentially in Intune versus Azure Virtual Desktop as a service

and Yep. And the health of your pools, things like that. Yeah. We talked about FSLogix. Intune, you can also push out all your FSLogix settings. So, typically, a lot of people did that with GPOs. Those are all in Intune now. So you can say, here's all my FSLogix settings, all that. That's another big reason to put them in Intune. Alright. So we got that. Other considerations, cost. So you mentioned Windows licensing, things like that. I think that's definitely out there.

You know, you've got the cost of Azure Virtual Desktop itself. Like, here's the cost of the service. Which do you know what the cost of that is, Scott? Free? Nothing. Yeah. It's free. It's all management. It it's it's kinda like AKS It really is. And those things. But then you roll in your virtual machines on top of that, your storage is gonna have a cost to it. So if you deploy those FSLogix profiles into Azure Files or Azure NetApp Files, That's another thing that you potentially need to

consider that's out there. You also need to consider your network usage. Depending on how your egress goes from regions, things like that, there can be billable networking components in there for you. So it's worth it to spend a little bit of time in the Azure pricing calculator as well and add some of those services in and see where you're going to land. Like if you know you're going to have n hundred gigabytes or n terabytes of user profiles, Well, go figure that out and and start

to spec that cost. Start to spec some of your VM sizes. And, you know, you can play around with the sizes within the pools and things like that. There can be some meaningful differences between the cost of a VM size and series as you're stepping in. And that might even, you know, impact the regions that you go to. Maybe you require a certain VM size or VM series for your multi session pool compute and that forces you into, say, like, East US 2 in The US versus East US.

Or it forces you into West Europe versus North Europe. Things like that. So you you know, make sure that you're paying attention to all of those things as well when you're standing up your your environment and you're getting ready to go for it. You can also use reserved instances for your compute. So if you are a customer with reservations, that's potentially another consideration for you or an optimization that you can make along the way.

Is the same reservations that you're using for your other compute in Azure, if you happen to be using it there, can also be used for, your pooled compute over in your host pools in APD. Yep. Another cost I would 100% factor in is think about cost of log analytics.

There are a lot of insights for ABD around errors when users are connecting, around monitoring the performance of your ABD environment, monitoring host diagnostics, round trip times between your users and ABD, any errors that users may log into, utilization, all of that those insights in your monitoring of ABD, is tied to or is it's required to have that tied to a log analytics workbook. So if you do want to have any type of monitoring, logging insights into all of that, you're gonna have

that cost of log analytics. And you can also do scaling. So you mentioned reserved instances as a tweak and optimization. The other thing you can do is scaling. So if you in the evenings, everybody leaves, it's not being used at night. As people log out, you can also shut down and turn on VMs based on utilization and usage to help with some optimization there. So you're not leaving 24 VMs running twenty four seven. You'd scale down and you have four of them running

overnight. As people start logging in in the morning, you ramp up, turn them on as needed. Then again, as they leave, you start shutting them down as people are logging off, headed home for the evenings. Yeah. It's it's basically VM scale sets and some of the things that come in there. All available and ready to go. So you get that up, get your compute running, get your users on there while your users need to connect. That's just the Windows app these days, AKA the remote desktop client.

I always forget all the platforms it runs on. So you know the other one that I do as I mentioned about like I'm on my personal laptop and maybe I go into AVD through the Windows app. I also have you know my iPad. Sometimes I go in there through my iPad real quick too if I can just jam something out and get it done. So you've got remote desktop connectivity and clients across Windows, macOS, iOS, Android, you know all that stuff's out there

ready to go for you. You probably have to give your users some information like you know, make sure you log in with your organizational ID. So that way, the first time you log in, it ties into your workspace or workspaces and presents that back to you in that client. Like, if you're in the Windows app, you know, it'll just present you a bunch of, like, accordion, Hey. You've got access to this workspace, this

workspace, this workspace. And then within those, here's your your units of compute that are available to you. Yep. You can also do it, Scott, right in the browser. If you don't want to install an application, you just want to go to the browser, there is a URL you can visit, log in via the browser, and do your remote desktop right in your browser as well. Yeah. I always forget

that one. Like, it's just easier for me to have the app there and sign in, and then your workspace is automatically tied into it. I've I've gotten quite lazy in my old age. Yes. And, fortunately, to now the Windows app, if you have multiple tenants, because that's the world I live in, you can add multiple accounts and quickly flip between different accounts and different m three sixty five environments, different a d v AVD environments within the app too, which is also a handy aspect to it.

Cool. Well, that was a little bit of a whirlwind one and a long one for us. So thanks for those of you that are still listening and sticking with us. And so we've got AVD end to end. We'll have to see if we can talk about some more VDI stuff in the future here. But we'll have links in the show notes for everybody to go out and listen. As always, you can give us feedback and questions via the website. We're on threads at MSCloudITPro. We're on the Mastodon, LinkedIn,

Facebook. Hit us up. Let let us know what you want to do. Blue Sky. Come on, Scott. Blue Sky. Blue Sky. That's where I've seen I've had most of my interactions lately on Blue Sky. Blue Sky is out there as well. Yeah. All the socials. You can find us somewhere. All the all the socials. Alright. Well, thank you, Scott. Enjoy Seattle. Hopefully, you get some nice weather out there, and I will enjoy sunny, warm Florida. Well, it's cold here. It's currently 22 degrees Fahrenheit. So,

like, we're Go skiing. By minus 10. Celsius minus 10. It's it's cold. It's chilly. Alright. Well, thanks. Enjoy. Stay warm, and we'll talk to you again soon. Alright. Thanks, bud. If you enjoyed the podcast, go leave us a five star rating in iTunes. It helps to get the word out so more IT pros can learn about Office three sixty five and Azure. If you have any questions you want us to address on the show, or feedback about the show, feel free to reach out via our website, Twitter, or Facebook.

Thanks again for listening, and have a great day.

Transcript source: Provided by creator in RSS feed: download file