20. Prerequisites for Azure Virtual Desktop

In this blog let us discuss about Prerequisites for Azure Virtual Desktop

Prerequisites for Azure Virtual Desktop

There are a few things you need to start using Azure Virtual Desktop. Here you can find what prerequisites you need to complete to successfully provide your users with virtual desktops and remote apps.

At a high level, you'll need:

1. An Azure account with an active subscription
2. An identity provider
3. A supported operating system
4. Appropriate licenses
5. Network connectivity
6. A Remote Desktop client

1. Azure account with an active subscription

You'll need an Azure account with an active subscription to deploy Azure Virtual Desktop. If you don't have one already, you can create an account for free.

You also need to make sure you've registered the Microsoft.DesktopVirtualization resource provider for your subscription.

To check the status of the resource provider and register if needed:

1. Sign in to the Azure portal.
2. Select Subscriptions.
3. Select the name of your subscription.
4. Select Resource providers.
5. Search for Microsoft.DesktopVirtualization.
6. If the status is NotRegistered, select Microsoft.DesktopVirtualization, and then select Register.
7. Verify that the status of Microsoft.DesktopVirtualization is Registered

2.An identity provider

To access virtual desktops and remote apps from your session hosts, your users need to be able to authenticate. Azure Active Directory (Azure AD) is Microsoft's centralized cloud identity service that enables this capability. Azure AD is always used to authenticate users for Azure Virtual Desktop. Session hosts can be joined to the same Azure AD tenant, or to an Active Directory domain using Active Directory Domain Services (AD DS) or Azure Active Directory Domain Services (Azure AD DS), providing you with a choice of flexible configuration options.

Users

Your users need accounts that are in Azure AD. If you're also using AD DS or Azure AD DS in your deployment of Azure Virtual Desktop, these accounts will need to be hybrid identities, which means the user account is synchronized. You'll need to keep the following things in mind based on which account you use:

·       If you're using Azure AD with AD DS, you'll need to configure Azure AD Connect to synchronize user identity data between AD DS and Azure AD.

·       If you're using Azure AD with Azure AD DS, user accounts are synchronized one way from Azure AD to Azure AD DS. This synchronization process is automatic.

Identity scenario	Session hosts	User accounts
Azure AD + AD DS	Joined to AD DS	In AD DS and Azure AD, synchronized
Azure AD + Azure AD DS	Joined to Azure ADDS	In Azure AD and Azure AD DS, synchronized
Azure AD+Azure AD DS+ADDS	Joined to Azure ADDS	In Azure AD and AD DS, synchronized
Azure AD only	Joined to Azure AD	In Azure AD

3&4. Operating systems and licenses

You have a choice of operating systems that you can use for session hosts to provide virtual desktops and remote apps. You can use different operating systems with different host pools to provide flexibility to your users. Supported dates are inline with the Microsoft Lifecycle Policy. We support the following 64-bit versions of these operating systems:

Operating system	Applicable license
·       Windows 11 Enterprise multi-session ·       Windows 11 Enterprise ·       Windows 10 Enterprise multi-session, version 1909 and later ·       Windows 10 Enterprise, version 1909 and later ·       Windows 7 Enterprise	·       Microsoft 365 E3, E5, A3, A5, F3, Business Premium, Student Use Benefit ·       Windows Enterprise E3, E5 ·       Windows VDA E3, E5 ·       Windows Education A3, A5
·       Windows Server 2022 ·       Windows Server 2019 ·       Windows Server 2016 ·       Windows Server 2012 R2	·       Remote Desktop Services (RDS) Client Access License (CAL) with Software Assurance (per-user or per-device), or RDS User Subscription Licenses

You can deploy virtual machines (VMs) to be used as session hosts from these images with any of the following methods:

• Automatically, as part of the host pool setup process.
• Manually, in the Azure portal and adding to a host pool after you've created it.
• Programmatically, with Azure CLI, PowerShell, or REST API.

5. Network There are several network requirements you'll need to meet to successfully deploy Azure Virtual Desktop. This lets users connect to their virtual desktops and remote apps while also giving them the best possible user experience. Users connecting to Azure Virtual Desktop use Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) on port 443, which securely establishes a reverse connection to the service. This means you don't need to open any inbound ports. To successfully deploy Azure Virtual Desktop, you'll need to meet the following network requirements: You'll need a virtual network for your session hosts. If you create your session hosts at the same time as a host pool, you must create this virtual network in advance for it to appear in the drop-down list. Your virtual network must be in the same Azure region as the session host. Make sure this virtual network can connect to your domain controllers and relevant DNS servers if you're using AD DS or Azure AD DS, since you'll need to join session hosts to the domain. Your session hosts and users need to be able to connect to the Azure Virtual Desktop service. This connection also uses TCP on port 443 to a specific list of URLs. For more information, see Required URL list. You must make sure these URLs aren't blocked by network filtering or a firewall in order for your deployment to work properly and be supported. If your users need to access Microsoft 365, make sure your session hosts can connect to Microsoft 365 endpoints. Also consider the following: Your users may need access to applications and data that is hosted on different networks, so make sure your session hosts can connect to them. Round-trip time (RTT) latency from the client's network to the Azure region that contains the host pools should be less than 150 ms. Use the Experience Estimator to view your connection health and recommended Azure region. To optimize for network performance, we recommend you create session hosts in the Azure region closest to your users. Use Azure Firewall for Azure Virtual Desktop deployments to help you lock down your environment and filter outbound traffic

6. Remote Desktop clients

Your users will need a Remote Desktop client to connect to virtual desktops and remote apps. The following clients support Azure Virtual Desktop:

• Windows Desktop client
• Web client
• macOS client
• iOS client
• Android client
• Microsoft Store client