Microsoft first published the Windows Virtual Desktop Management UX files in March 2019. This is a management tool for WVD which provides a User interface for managing WVD resources rather than using PowerShell for the day to day running. This tool does provide IT admins and 1st line support engineers a GUI interface to carryout common management tasks. This tool could also be considered as a benefit for organisations with Large WVD deployments as its suggested that the UX does remove the need to use PowerShell and also removes some elements of risk/ human error.
Considerations and important points:
- For each Azure Active Directory AAD tenant subscription, you will need a separate deployment of the Management web application.
- This is sample code, so you can customise and build/enhance if required. This is great for MSP’s who want to create a custom solution or integrate into an existing platform.
- Use an up to date browser as there are compatibility limitations to be aware of. (don’t use old browser versions).
Deployment points to note:
- Do not attempt to deploy with Azure Multi-factor authentication enabled on the assigned user account for deployment.
- You need to ensure that you have the correct permissions set within Azure.
Deploying the Web Application:
The first step is to deploy the template to Azure and you can do this by clicking the following link: Deploy WVD Management Application in Azure.
The link provided should load a Custom deployment within Azure similar to the screenshot below:
- Select the subscription
- select the resource group ensuring the user has permissions.
- Enter the AAD user principle name & password. Ensure the correct level of access is applied.
- Give the application a name
- Agree to the terms and conditions.
Changing the Web App Service Plan Size:
Once the App Service has been deployed, you may want to change your App Service Plan size as show below in the menu under App Services, <Name of App Service you created> For this example I have selected the F1 Tier.
WVD Management UI Test Drive:
When you first load the web address, (This can be found in the overview of your web application), you will be asked to consent on behalf of your organisation. You will need to accept this to progress.
MS Example of Permissions requested (Consent on behalf of your organisation).
Once loaded you will have access to the WVD Management Interface.
The following Slides show provides you an insight into the interface WVD Management App.
Summary Feature list:
- Edit and delete tenants
- Create, edit and delete Host pools
- Generate registration Key’s to add hosts to Host Pools.
- Send Users Messages & Log off Users
- Restrict new sessions to a host (Drain Mode).
- Restart Session Hosts / Multi Session.
- Add and remove users from the Application Group “Desktop application group”
- View session status, last time active and last used host.
- View session details for Session ID.
- Create an app group for Desktop or RemoteApps and add applications under App Groups.
- Notification – Actions and notifications are listed in the console.
As you can see from the list of features, there is a wide set of functions available in the management console to improve the day to day management of WVD.
The WVD management web application has a number of solid benefits for those looking to deploy large WVD environments or for those with split region deployments. The ability to deploy multiple tenants, host-pools, and centrally manage, provides the ability to segment larger deployments in to manageable chunks making management painless and decouples the pain points of complexity. One other major benefit out of the box, is Azure’s RBAC model providing “Delegated access” enabling the administrator to control admin access to WVD Environments. (WVD) Security Roles including RDS Owner (full control) offering different levels of admin access across your WVD Estate. One final point on security for IT admins using the WVD Management application, is that if multi factor authentication is enabled on your azure tenant, IT admins will have 2FA out of the box when accessing the WVD Management App.
In summary, this management UI provides great benefits for WVD admins and can only get better. I really do like the fact that the App can be customised and further developed for third party purposes and MSP’s. I believe there are also plans to incorporate management within the Azure portal, so stay tuned….
Any questions, feel free to comment… Thanks for reading.