Creating a VDI infrastructure using traditional methods is a thing of the past! VDI the very word is all about Efficiency, Speed, Productivity. Hence we have put together list of all powershell commands that should help you deploy a WVD infrastructure framework in just under 30 minutes! For this to work as claimed.. first! ensure that you have all of the pre-requisites setup and ready to go!
- If you are unsure of what WVD is to a Citrix Guy? take a look at this article: A Citrix Admin’s guide to WVD
- If you are unsure of the pre-requisites required take a look at this article WVD Pre-Requisites
- Also you might want to prepare your powershell with the modules requiring to manage the WVD, To do so follow this article: Configure Powershell
So as part of this Blog we will be building a WVD Framework which would look something like this:
Method / Steps Applied:
We will be doing the deployment in the following order:
- Preparing the Azure Subscription
- The Framework Deployment – Powershell
- Deploy 2 Machines to the HostPool using a WVD deployment template (this step adds up a few additional minutes to the deployment!)
- Publishing the Resources
- Access the Published Apps and Desktops
- Powershell Script
Adding the WVD Enterprise App to Azure AD
- Access the web page https://rdweb.wvd.microsoft.com
- You will see the below webpage, with an option to enter your Azure AD Tenant GUID.
- Copy the Azure AD Tenant GUID from your Azure Portal, and provide it here!
- Click Submit
- You will be prompted to logon and a Page will be displayed with all the permissions that you would be providing this enterprise app with, go ahead and click accept!
- The above step would only add the Server App. You would need to repeat the step for the Client app as well! All you need to do for this is go to the same web page, and select the Client App from the drop down and provide your Azure AD GUID and submit.
- Once again you might be prompted to logon, and provide the relevant access to your Azure AD, go ahead and accept the prompts.
- This is now complete! However to verify if the apps have been added properly, go to the Azure Active Directory control panel. Navigate to “Enterprise Applications”. You should see these 2 apps appear there.
Assign Users to WVD Enterprise App
In this step you would assign your Domain User that is synced to your Azure AD as a Tenant Owner on the Server app and also provide him access to the Client App. Ensure that the Tenant Owner does not have an MFA setup!
Follow the below to do this.
- Navigate to the enterprise app “Windows Virtual Desktop” from Azure AD and Access it!
- Select the option Owners from the dashboard on left!
- Click on Add, and select the user you would like to add as the owner:
- I will also be adding the same user as the Tenant Creator for my infrastructure! To do this, go to “Users and Groups” and select Add
- Click on the “Users” and Select the user that you would like to add.
- Once done, Click “Assign” and we are good to go!
So from here on it will all be powershell!! (Don’t worry about the commands, we have added the link to download the script at the end of the post)
Before you begin ensure that you have the following data captured and updated in the script’s variables.
- Azure Subscription ID
- Azure AD Tenant ID
- Name of your WVD Tenant
- The Owner ID you want to set for the WVD tenant being created
- HostPool Name
- Desktop AppGroup Name
- Application AppGroup Name
Update these variables in the powershell script and run the “Set Parameters” section of the script!
Create a WVD Tenant
- Once you have setup your powershell! the first thing you want to do is connect to your WVD Account! using the Azure AD Synced – Active Directory Domain User ID and password you have setup! Use the below command to do so:
- This will bring up a browser prompt! go ahead and logon with the user id and password as mentioned above.
- The below indicates that you have logged in!!
- Run the below command to create a WVD tenant.
- The WVD Tenant is Ready! Now proceed with Hostpool creation!
- Once the tenant is created, Go ahead and add an RDS Owner role to the domain user ID you would want to use, in my example i am using the same user id that i have assigned on the Azure enterprise apps:
Create a Hostpool
The hostpool is where all your Virtual Machines are joined and the RDBroker uses these hostpools to load balance the applications and desktops that would be created on WVD platform!
- To create hostpool we run the below command:
- You may make some additional customizations here, like if you would like to set persistence, or change the load balancer type.
- I will be removing the default appgroup created when i created the hostpool, to use my own naming convention.
- Note: when you create a hostpool by default a Desktop appgroup is created! You can only have one Destkop appgroup in a hostpool!
- To remove the default appgroup i use the below command:
AppGroups are required for mapping the desktops and applications. An AppGroup can bundle together a bunch of applications together and be assigned to specific set of users depending on the user’s roles! Only one Desktop AppGroup maybe created!
- use the following command to create the appgroups!
In my case, i am assigning the WVD’s OwnerID to be able to connect to the shared desktop appgroup and all other users i have to the application appgroup! In realtime scenario, you might have multiple appgroups that you might create for different departments. But nevertheless, the method remains same.
- the following commands will help you assign the users. In the attached script, i have also provided the way to find the assignments!
- To find out who has been assigned to which appgroup, you may use the below command:
Deploy the session hosts
Now that we are done with this! it is time to deploy the machines (session hosts) that will be joined to the WVD hostpool!
- To deploy the Session Hosts machines, i am utilizing the template provided through GitHub Here
- Click the “Deploy To Azure” button to deploy machines using the template!
- In my case i have a specific OU that i want to deploy my machines, So i have provided the distinguished name of the OU.
- Also note that in my case the Tenant Admin and the Domain ID to join the machines to domain are one and the same. In your deployment they may be different depending on your setup!
- Simply fill in the details about your deployment like below and click purchase!
- Once the deployment is complete you will see this:
- Once this is done, you may want to verify if the machine has joined to the hostpool. To do that use the following command on powershell:
- If you do not see the session hosts in the hostpool when you run the above command, you might need to logon to the respective machine, and troubleshoot by reloading the WVD agent. For indepth diagnosis of the issue, Microsoft has some great troubleshooting tips Here . However for the most part as long as all the inputs have been accurately provided to the template and the connectivity to the domain controllers to join to domain is working! the deployment should not fail!
In my case i am publishing 2 applications as a sample for reference, Paint and Internet Explorer! You may customize the path as required to publish your custom applications.
- To get the list of all applications installed on the machine you may use the below command, and append the values obtained from this command when you create apps.
- To publish applications you may use the below command:
And We are done! Successfully deployed WVD!!
Accessing the Deployment!
- All WVD tenants are accessed through the same URL: https://rdweb.wvd.microsoft.com/webclient
- The Above prompt is basically validating your user id against Azure AD!
- once authorized you will be presented with the applications that you are entitled to!
- Click on the app you would like to launch! Select the parameters of connection!
- Further to that you will be pointed to authenticate against your Active Directory. (To avoid this and to enable SSO, you would need ADFS configured)
- And you are in!
Here’s the link to download the powershell script: Download
- Feel free to modify and utilize the script as you wish in your infrastructure!
- We recommend that you run the required sections of the powershell at a time! instead of the entire script.. DO not run the script all at once.. as there is a bunch of code that even deletes the tenant.
You may reach out to us at email@example.com should you have any questions! or comment below to get a response!