1
00:00:03,520 --> 00:00:05,919
Welcome to episode 395
2
00:00:05,919 --> 00:00:09,039
of the Microsoft Cloud IT Pro podcast recorded
3
00:00:09,039 --> 00:00:11,779
live on 02/10/2025.
4
00:00:12,080 --> 00:00:14,320
This is a show about Microsoft three sixty
5
00:00:14,320 --> 00:00:16,414
five and Azure from the perspective of IT
6
00:00:16,414 --> 00:00:18,495
pros and end users, where we discuss a
7
00:00:18,495 --> 00:00:20,574
topic or recent news and how it relates
8
00:00:20,574 --> 00:00:23,695
to you. Today, we dive into Azure Virtual
9
00:00:23,695 --> 00:00:26,595
Desktop or AVD and how it enables organizations
10
00:00:26,894 --> 00:00:29,059
to deliver secure, scalable, virtual
11
00:00:29,600 --> 00:00:33,039
desktop infrastructure, or VDI, in the cloud. We
12
00:00:33,039 --> 00:00:35,840
discussed the benefits of AVD for modern remote
13
00:00:35,840 --> 00:00:39,759
work, enhanced security, and optimizing costs for your
14
00:00:39,759 --> 00:00:40,259
organization.
15
00:00:42,640 --> 00:00:45,034
I'm back from Miami where I was Friday.
16
00:00:45,335 --> 00:00:45,835
You're
17
00:00:46,295 --> 00:00:49,015
off to your destination sitting in a dark
18
00:00:49,015 --> 00:00:51,255
room. So I'm in Seattle this week, yes,
19
00:00:51,255 --> 00:00:54,155
for, some work stuff and a conference
20
00:00:54,454 --> 00:00:56,614
that's that's here along the way. So we've
21
00:00:56,614 --> 00:00:59,174
been kinda gallivanting all over the place. We
22
00:00:59,174 --> 00:01:01,649
should address, you know, speaking of recording and
23
00:01:01,649 --> 00:01:03,490
audio and things like that, we think we
24
00:01:03,490 --> 00:01:05,349
got the audio glitches worked out.
25
00:01:05,730 --> 00:01:08,530
And whatever happened in the last episode or
26
00:01:08,530 --> 00:01:11,090
two with weird skips and things should be
27
00:01:11,090 --> 00:01:12,150
turned off for
28
00:01:12,614 --> 00:01:15,275
subsequent ones going forward. Yes. I apologize,
29
00:01:15,734 --> 00:01:18,055
anybody. We did get some feedback of people
30
00:01:18,055 --> 00:01:20,375
that noticed it as well. But, yes, there
31
00:01:20,375 --> 00:01:22,375
was some I think it was some AI,
32
00:01:22,375 --> 00:01:24,775
ironically enough, for was as we talked about
33
00:01:24,775 --> 00:01:27,015
Copilot, it was some AI processing to remove
34
00:01:27,015 --> 00:01:27,674
some silences,
35
00:01:28,569 --> 00:01:30,030
and we have since reuploaded
36
00:01:30,409 --> 00:01:30,909
a
37
00:01:31,209 --> 00:01:33,849
cleaned up version where that processing was not
38
00:01:33,849 --> 00:01:35,689
in place and future ones should not have
39
00:01:35,689 --> 00:01:37,129
that on there. Well, why don't we go
40
00:01:37,129 --> 00:01:39,129
ahead and get into our topic for today?
41
00:01:39,129 --> 00:01:42,375
Alright. So topic for today. We talked about
42
00:01:42,375 --> 00:01:43,974
a few topics. Like, we had talked about
43
00:01:43,974 --> 00:01:44,474
comparing
44
00:01:45,094 --> 00:01:47,435
different VDI solutions on Azure. And
45
00:01:47,734 --> 00:01:48,394
for today,
46
00:01:48,775 --> 00:01:51,334
let's talk about instead of trying to compare
47
00:01:51,334 --> 00:01:52,715
them, that would be a long episode,
48
00:01:53,015 --> 00:01:55,594
VDI and Azure, otherwise known as
49
00:01:55,930 --> 00:01:58,409
ABD. Well, we're gonna do ABD and Azure.
50
00:01:58,409 --> 00:02:00,969
We could do VDI with Citrix. There's lots
51
00:02:00,969 --> 00:02:02,989
of options. We're gonna talk specifically
52
00:02:03,530 --> 00:02:06,890
Azure Virtual Desktop today in Azure, kinda getting
53
00:02:06,890 --> 00:02:08,909
started with it, things to think about.
54
00:02:09,425 --> 00:02:11,205
I've set this up for
55
00:02:11,664 --> 00:02:13,905
several clients now, actually. I have some other
56
00:02:13,905 --> 00:02:15,764
ones that are looking to go to it.
57
00:02:15,985 --> 00:02:17,924
So we will kinda
58
00:02:18,224 --> 00:02:19,905
dive into this and maybe even some of
59
00:02:19,905 --> 00:02:21,205
the pros, cons
60
00:02:22,050 --> 00:02:23,669
as well with the whole
61
00:02:24,129 --> 00:02:24,629
VDI
62
00:02:25,169 --> 00:02:27,330
thing in Azure. I think of this as
63
00:02:27,330 --> 00:02:30,050
getting started with VDI in Azure and then
64
00:02:30,050 --> 00:02:31,889
kind of parenthesis at the end of that,
65
00:02:31,889 --> 00:02:33,830
just Azure Virtual Desktop.
66
00:02:34,449 --> 00:02:36,914
Because if you're going to do a virtual
67
00:02:36,914 --> 00:02:38,914
desktop solution in Azure, I think it makes
68
00:02:38,914 --> 00:02:40,694
sense to look at the first party ones.
69
00:02:40,914 --> 00:02:42,594
And then you have the third party ones
70
00:02:42,594 --> 00:02:45,074
that exist out there. And sometimes there's that
71
00:02:45,074 --> 00:02:46,055
mix of also
72
00:02:46,354 --> 00:02:49,289
first party third party where you can buy
73
00:02:49,289 --> 00:02:50,750
things through the Azure Marketplace
74
00:02:51,209 --> 00:02:53,709
and say you're a customer that's out there
75
00:02:53,849 --> 00:02:55,930
on a a Mac agreement or like a
76
00:02:55,930 --> 00:02:58,169
more formal commitment to spend, then you can
77
00:02:58,169 --> 00:03:00,729
go ahead and also kind of do that
78
00:03:00,729 --> 00:03:03,469
consumption that way out of the Marketplace. So
79
00:03:03,574 --> 00:03:06,875
we'll start with Azure Virtual Desktop today, which,
80
00:03:06,935 --> 00:03:08,055
you know, I think it'd be fair to
81
00:03:08,055 --> 00:03:09,034
say is the
82
00:03:09,334 --> 00:03:09,834
solution
83
00:03:10,854 --> 00:03:13,094
that Microsoft would lead with. So it's the
84
00:03:13,094 --> 00:03:14,474
leading VDI solution
85
00:03:14,854 --> 00:03:17,650
in in Azure today. But there's lots of
86
00:03:17,650 --> 00:03:19,569
other options there. So we'll kinda talk about
87
00:03:19,569 --> 00:03:22,370
the first one, Microsoft first party. What's there?
88
00:03:22,370 --> 00:03:23,810
What you get out of the box? And
89
00:03:23,810 --> 00:03:26,610
how all that comes together? And potentially, how
90
00:03:26,610 --> 00:03:29,775
that can enable you in the world of
91
00:03:29,775 --> 00:03:33,055
100% remote, hybrid, all all that goodness. Where
92
00:03:33,055 --> 00:03:35,074
do we wanna start with Azure Virtual Desktop?
93
00:03:35,215 --> 00:03:36,814
Should we start with a little bit of
94
00:03:36,814 --> 00:03:39,215
just, like, what it is? I mean, I
95
00:03:39,215 --> 00:03:41,854
think I sometimes you can assume everybody just
96
00:03:41,854 --> 00:03:44,415
knows what Azure Virtual Desktops are, what VDI
97
00:03:44,415 --> 00:03:44,789
is.
98
00:03:45,750 --> 00:03:47,909
But maybe just starting off with, like, a
99
00:03:47,909 --> 00:03:48,409
definition
100
00:03:48,709 --> 00:03:51,269
of what is Azure Virtual Desktop. You know
101
00:03:51,269 --> 00:03:52,949
me? I always like a good definition. You
102
00:03:52,949 --> 00:03:55,189
like a good definition? I do. So it
103
00:03:55,189 --> 00:03:56,729
is a virtualization
104
00:03:57,109 --> 00:03:59,925
service. Imagine that. Right? Virtual desktop is virtualization.
105
00:04:00,625 --> 00:04:02,805
Runs on Azure where you can essentially
106
00:04:03,264 --> 00:04:04,405
publish out
107
00:04:04,784 --> 00:04:05,284
different
108
00:04:06,224 --> 00:04:07,764
different virtualized experiences,
109
00:04:08,064 --> 00:04:09,905
I would say, in end users. Whether you
110
00:04:09,905 --> 00:04:12,405
wanna push out a virtualized
111
00:04:12,960 --> 00:04:13,460
desktop
112
00:04:13,840 --> 00:04:16,079
and you can think of this as kinda
113
00:04:16,079 --> 00:04:18,819
like an RDP type of desktop where you're
114
00:04:18,879 --> 00:04:20,339
remoting into the machine,
115
00:04:20,720 --> 00:04:23,040
getting the full desktop experience where you can
116
00:04:23,040 --> 00:04:23,939
launch applications,
117
00:04:24,399 --> 00:04:25,620
you have your start menu.
118
00:04:26,000 --> 00:04:27,939
It's like a full RDP experience
119
00:04:28,935 --> 00:04:31,254
Similar to, like, the old terminal services sessions
120
00:04:31,254 --> 00:04:32,875
that used to do with on prem
121
00:04:33,175 --> 00:04:33,675
where
122
00:04:34,295 --> 00:04:35,355
you're not necessarily
123
00:04:36,455 --> 00:04:39,574
the configuration is different. Like, typical RDP, you're
124
00:04:39,574 --> 00:04:42,214
going over port thirty three eighty nine most
125
00:04:42,214 --> 00:04:43,035
of the time.
126
00:04:43,360 --> 00:04:45,520
Usually, you're limited to, like, one or two
127
00:04:45,520 --> 00:04:47,279
sessions, and if somebody else tries to log
128
00:04:47,279 --> 00:04:49,779
in, you get booted out. Virtual desktops
129
00:04:50,319 --> 00:04:51,460
give you a
130
00:04:51,840 --> 00:04:54,160
host of resources that allow you to kinda
131
00:04:54,160 --> 00:04:56,000
configure how many people you wanna log in,
132
00:04:56,000 --> 00:04:57,300
get that desktop experience.
133
00:04:58,004 --> 00:04:59,365
But kind of along with that, if you
134
00:04:59,365 --> 00:05:01,604
don't wanna do a full desktop, this also
135
00:05:01,604 --> 00:05:05,285
allows you to do individual apps. So, again,
136
00:05:05,285 --> 00:05:07,764
now you connect to this virtual desktop environment,
137
00:05:07,764 --> 00:05:08,985
and instead of launching
138
00:05:09,604 --> 00:05:12,324
that desktop experience where you're logging into a
139
00:05:12,324 --> 00:05:14,939
full machine, you're just launching an individual app.
140
00:05:14,939 --> 00:05:17,439
Maybe it's Office apps or a browser
141
00:05:18,300 --> 00:05:18,800
or
142
00:05:19,259 --> 00:05:19,759
a
143
00:05:20,379 --> 00:05:21,839
another third party application,
144
00:05:22,220 --> 00:05:24,460
one of your internal applications that you use
145
00:05:24,460 --> 00:05:25,279
for your company.
146
00:05:25,735 --> 00:05:27,814
There's lots of different ways you can kinda
147
00:05:27,814 --> 00:05:30,295
configure these apps, publish these apps out. But
148
00:05:30,295 --> 00:05:32,375
now instead of having to provide that full
149
00:05:32,375 --> 00:05:34,535
desktop, people can just go in and launch
150
00:05:34,535 --> 00:05:36,715
an app in this virtualized environment
151
00:05:37,095 --> 00:05:39,110
that can give you lots of different benefits
152
00:05:39,110 --> 00:05:41,750
when you think of that type of scenario.
153
00:05:41,750 --> 00:05:44,250
For sure. And we've talked about other solutions
154
00:05:44,550 --> 00:05:46,790
here as well. So you recently had an
155
00:05:46,790 --> 00:05:47,290
interview
156
00:05:47,750 --> 00:05:48,569
on M365
157
00:05:48,949 --> 00:05:49,449
link
158
00:05:49,764 --> 00:05:51,444
and some of the things that go on
159
00:05:51,444 --> 00:05:53,625
with Windows three sixty five desktops.
160
00:05:54,085 --> 00:05:57,365
These concepts are similar. It's just less of
161
00:05:57,365 --> 00:05:59,444
a managed service and more of a service
162
00:05:59,444 --> 00:06:01,064
that you can come in and manage
163
00:06:01,444 --> 00:06:03,865
with that virtual desktop infrastructure.
164
00:06:04,490 --> 00:06:06,490
So you're gonna get kind of more knobs
165
00:06:06,490 --> 00:06:08,430
and more levers that you can,
166
00:06:08,970 --> 00:06:12,750
you know, tweak, twist, pull, push to configure
167
00:06:12,810 --> 00:06:14,730
your environment and get it to where it
168
00:06:14,730 --> 00:06:17,470
needs to be. Yeah. Definitely. And I think
169
00:06:17,745 --> 00:06:19,425
because you brought that up, that's always one
170
00:06:19,425 --> 00:06:21,584
thing to compare. And I've had this discussion
171
00:06:21,584 --> 00:06:23,185
is when do you wanna do, like, a
172
00:06:23,185 --> 00:06:25,584
managed service, like a Windows three sixty five,
173
00:06:25,584 --> 00:06:26,564
the cloud PC
174
00:06:27,024 --> 00:06:30,324
versus your Azure realtor dot virtual desktop. And
175
00:06:30,384 --> 00:06:32,439
like you said, there's some pros and cons
176
00:06:32,439 --> 00:06:33,639
there in terms of how much do you
177
00:06:33,639 --> 00:06:34,379
wanna manage.
178
00:06:35,000 --> 00:06:36,680
I would say there can be some pricing
179
00:06:36,680 --> 00:06:38,300
that comes in there in terms
180
00:06:38,759 --> 00:06:41,100
of what users are doing in these environments,
181
00:06:41,639 --> 00:06:43,399
because the cloud PC is always gonna be
182
00:06:43,399 --> 00:06:45,660
the full desktop. That one's not published apps.
183
00:06:45,814 --> 00:06:46,314
ABD,
184
00:06:46,774 --> 00:06:48,235
you do get some additional,
185
00:06:49,254 --> 00:06:50,794
configuration options there.
186
00:06:51,334 --> 00:06:52,154
And I think
187
00:06:52,774 --> 00:06:54,774
the other thing to think about when you
188
00:06:54,774 --> 00:06:56,854
start going down this route is it's like,
189
00:06:56,854 --> 00:06:58,074
this is what it is.
190
00:06:59,100 --> 00:07:01,120
Why would you go this route? And
191
00:07:01,580 --> 00:07:04,160
I've seen this take off a lot with
192
00:07:04,300 --> 00:07:05,980
work from home. I think there's a lot
193
00:07:05,980 --> 00:07:08,379
of security benefits here, or there can be
194
00:07:08,379 --> 00:07:10,425
a lot of security benefits here as well,
195
00:07:10,824 --> 00:07:11,964
especially with
196
00:07:12,504 --> 00:07:14,764
external vendors. And I see
197
00:07:15,224 --> 00:07:17,544
this type of environment spun up a lot
198
00:07:17,544 --> 00:07:18,044
where
199
00:07:18,504 --> 00:07:20,185
you do have data in your environment or
200
00:07:20,185 --> 00:07:21,004
certain applications
201
00:07:21,784 --> 00:07:23,724
that you wanna protect because
202
00:07:24,279 --> 00:07:27,160
when you give users devices, typically, like, I
203
00:07:27,160 --> 00:07:29,079
have my laptop here, I have a desktop,
204
00:07:29,079 --> 00:07:31,160
whatever it is, if I'm going in and
205
00:07:31,160 --> 00:07:32,300
connecting to
206
00:07:32,600 --> 00:07:33,339
an application
207
00:07:33,879 --> 00:07:35,660
or I'm logging into
208
00:07:36,295 --> 00:07:38,955
Office three sixty five, to SharePoint, to OneDrive,
209
00:07:40,214 --> 00:07:42,214
I can take those files, I can copy
210
00:07:42,214 --> 00:07:44,555
them down to my machine potentially,
211
00:07:45,175 --> 00:07:48,074
or even from a network perspective, there is
212
00:07:48,694 --> 00:07:50,395
information that's going out
213
00:07:50,779 --> 00:07:52,939
over the network. Maybe you set a VPN,
214
00:07:52,939 --> 00:07:54,300
but then you have the VPN to deal
215
00:07:54,300 --> 00:07:56,620
with. When you get into this Azure Virtual
216
00:07:56,620 --> 00:07:57,600
Desktop environment,
217
00:07:57,900 --> 00:08:01,020
you stand up these hosts and the machines
218
00:08:01,020 --> 00:08:02,319
that are running this environment,
219
00:08:02,779 --> 00:08:05,935
really within your network. And because we're talking
220
00:08:05,935 --> 00:08:08,654
Azure, is you're setting this up within your
221
00:08:08,654 --> 00:08:09,475
Azure network,
222
00:08:10,014 --> 00:08:13,134
and now all that traffic is staying within
223
00:08:13,134 --> 00:08:15,314
that network, within that VNET or that particular
224
00:08:15,375 --> 00:08:17,714
subnet on Azure. You can control
225
00:08:18,610 --> 00:08:21,009
that those networking connections a little bit more
226
00:08:21,009 --> 00:08:24,550
from these machines, but these machines now aren't
227
00:08:24,610 --> 00:08:27,089
necessarily a machine someone can just walk away
228
00:08:27,089 --> 00:08:30,069
with or download data to. It's staying within,
229
00:08:30,449 --> 00:08:32,069
I would say, the the confines
230
00:08:32,534 --> 00:08:35,815
of your organization. Where they're remoting into machines
231
00:08:35,815 --> 00:08:36,714
in your organization,
232
00:08:37,254 --> 00:08:40,375
you can do things like prevent what they're
233
00:08:40,375 --> 00:08:43,014
allowed to copy and paste out of that
234
00:08:43,014 --> 00:08:44,794
machine, whether they're allowed to
235
00:08:45,174 --> 00:08:46,075
map different
236
00:08:46,610 --> 00:08:49,669
drives from their local machine up over this
237
00:08:49,809 --> 00:08:52,769
remote connection. From an RDP perspective, you're not
238
00:08:52,769 --> 00:08:54,690
opening up a public port. All of this
239
00:08:54,690 --> 00:08:57,829
happens over port four forty three, HTTPS,
240
00:08:58,815 --> 00:09:00,355
so there's not additional
241
00:09:00,735 --> 00:09:02,674
ports or networking considerations
242
00:09:02,975 --> 00:09:05,235
to take into effect in terms of
243
00:09:05,774 --> 00:09:06,274
where
244
00:09:06,735 --> 00:09:10,095
users can connect to these VMs from. You're
245
00:09:10,095 --> 00:09:11,855
not punching holes in your firewall to get
246
00:09:11,855 --> 00:09:14,360
to them. So I think some of those
247
00:09:14,360 --> 00:09:15,899
from that remote work perspective
248
00:09:16,360 --> 00:09:18,679
or if you have I've seen this too
249
00:09:18,679 --> 00:09:19,500
with contractors
250
00:09:20,039 --> 00:09:20,539
overseas.
251
00:09:21,000 --> 00:09:23,240
You have contractors in a different country than
252
00:09:23,240 --> 00:09:25,480
you are, and there are certain requirements there
253
00:09:25,480 --> 00:09:27,980
around maybe data being allowed to
254
00:09:28,495 --> 00:09:30,815
go over your network from one country to
255
00:09:30,815 --> 00:09:31,315
another
256
00:09:31,855 --> 00:09:34,335
with a VDI type environment because it's all
257
00:09:34,335 --> 00:09:36,335
in the same network. All that data, all
258
00:09:36,335 --> 00:09:37,955
that traffic can stay within
259
00:09:38,495 --> 00:09:40,815
that your home country, I would say. So
260
00:09:40,815 --> 00:09:42,950
it's not you're not, again, opening up that
261
00:09:42,950 --> 00:09:44,169
data to be traveling
262
00:09:44,629 --> 00:09:46,149
across the network to a whole bunch of
263
00:09:46,149 --> 00:09:49,190
different countries. The other use case and and,
264
00:09:49,190 --> 00:09:50,789
you know, I think there's the kind of
265
00:09:50,789 --> 00:09:52,710
the thin client and let me come in
266
00:09:52,710 --> 00:09:54,205
and get my desktop. But the other one
267
00:09:54,205 --> 00:09:56,684
that I use all the time is when
268
00:09:56,684 --> 00:09:58,225
I'm on my personal device
269
00:09:58,524 --> 00:10:01,164
and I don't have my work device near
270
00:10:01,164 --> 00:10:03,245
me. So if I'm just on my personal
271
00:10:03,245 --> 00:10:05,245
laptop and I don't have my work laptop
272
00:10:05,245 --> 00:10:06,845
near me, I still might need to get
273
00:10:06,845 --> 00:10:09,840
in and send an email or you know,
274
00:10:09,840 --> 00:10:10,820
check on something
275
00:10:11,360 --> 00:10:12,580
and go in and triage.
276
00:10:13,679 --> 00:10:16,000
And with my employer, all my devices need
277
00:10:16,000 --> 00:10:18,799
to be registered in MDM. So my personal
278
00:10:18,799 --> 00:10:21,440
laptop is not registered in MDM. Like, that's
279
00:10:21,440 --> 00:10:22,820
just not happening.
280
00:10:23,184 --> 00:10:25,264
So in that world, I also have access
281
00:10:25,264 --> 00:10:27,825
just to those virtual desktops, and it it's
282
00:10:27,825 --> 00:10:29,684
actually AVD that my employer uses
283
00:10:29,985 --> 00:10:31,504
to go ahead and get us out there
284
00:10:31,504 --> 00:10:33,024
and and get us quick access to that.
285
00:10:33,024 --> 00:10:34,865
So if I'm traveling, like this week, I'm
286
00:10:34,865 --> 00:10:36,629
on the West Coast, I can just hop
287
00:10:36,629 --> 00:10:38,070
in, you know, if I'm here in my
288
00:10:38,070 --> 00:10:39,990
hotel room on my personal laptop and not
289
00:10:39,990 --> 00:10:41,829
over in the office where my work one
290
00:10:41,829 --> 00:10:44,149
is, then I can still hop onto that
291
00:10:44,149 --> 00:10:45,429
desktop. You know, I can just go to
292
00:10:45,429 --> 00:10:48,695
the the West US AVD pool and start
293
00:10:48,695 --> 00:10:50,134
to hit that side. Or when I'm back
294
00:10:50,134 --> 00:10:51,735
home in Florida, I can hit the East
295
00:10:51,735 --> 00:10:53,415
US pool. If I travel to Europe, I
296
00:10:53,415 --> 00:10:54,875
can hit the European pool,
297
00:10:55,254 --> 00:10:58,215
Asia, things like that. So that's super helpful
298
00:10:58,215 --> 00:11:00,889
as well. And now that I think MMR
299
00:11:01,110 --> 00:11:02,709
is getting a little bit better and some
300
00:11:02,709 --> 00:11:05,269
of the camera pass through, mic pass through,
301
00:11:05,269 --> 00:11:07,929
things like that, it it smooths it out
302
00:11:08,069 --> 00:11:08,569
and
303
00:11:09,110 --> 00:11:11,529
generally makes it a little bit better. So
304
00:11:11,750 --> 00:11:13,190
kinda now that we've got an idea of
305
00:11:13,190 --> 00:11:14,709
the use cases, things like that, why don't
306
00:11:14,709 --> 00:11:16,875
we talk through some of the setup, what's
307
00:11:16,875 --> 00:11:19,434
involved, what you need to have? So what
308
00:11:19,434 --> 00:11:21,534
you need, you need an Azure subscription.
309
00:11:22,154 --> 00:11:24,654
Step one, get an Azure subscription.
310
00:11:25,034 --> 00:11:28,075
Yes. Azure subscription. You need some place to
311
00:11:28,075 --> 00:11:30,014
go deploy these VMs.
312
00:11:30,360 --> 00:11:31,980
Step two, you need
313
00:11:32,679 --> 00:11:33,500
some type
314
00:11:34,440 --> 00:11:37,559
of Active Directory environment. I would say one
315
00:11:37,559 --> 00:11:39,100
nice thing about
316
00:11:39,879 --> 00:11:42,360
AVD I don't know I haven't tried to
317
00:11:42,360 --> 00:11:44,440
do this with other VDI environments, but since
318
00:11:44,440 --> 00:11:45,419
we're talking AVD,
319
00:11:45,794 --> 00:11:47,095
you can use
320
00:11:47,394 --> 00:11:50,115
a traditional Active Directory where you're gonna have
321
00:11:50,115 --> 00:11:51,975
your domain controller up in the cloud,
322
00:11:52,595 --> 00:11:55,475
join them there. But you can also make
323
00:11:55,475 --> 00:11:59,090
these just entry joined. So if you don't
324
00:11:59,090 --> 00:12:01,110
have a typical domain controller
325
00:12:01,410 --> 00:12:03,830
and you just have Entra ID or Microsoft
326
00:12:03,889 --> 00:12:04,870
Entra ID,
327
00:12:05,410 --> 00:12:06,470
you can also
328
00:12:06,850 --> 00:12:07,350
join
329
00:12:07,809 --> 00:12:08,309
these
330
00:12:08,769 --> 00:12:11,169
servers, these hosts that are using to power
331
00:12:11,169 --> 00:12:14,394
ABD straight to Entra. So you are going
332
00:12:14,394 --> 00:12:16,334
to need either Entra ID
333
00:12:16,794 --> 00:12:19,754
or a and to be honest, if you
334
00:12:19,754 --> 00:12:21,595
have an Azure subscription, you're gonna have Entra
335
00:12:21,595 --> 00:12:23,115
ID, so you better have one or the
336
00:12:23,115 --> 00:12:24,875
other of those or both of them. You
337
00:12:24,875 --> 00:12:26,014
also need a network.
338
00:12:26,319 --> 00:12:28,500
So you are going to need that VNet
339
00:12:28,639 --> 00:12:30,879
set up in Azure that you can join
340
00:12:30,879 --> 00:12:32,259
these machines to.
341
00:12:32,559 --> 00:12:33,059
Obviously,
342
00:12:33,440 --> 00:12:34,899
if you're using AD,
343
00:12:35,279 --> 00:12:37,360
whatever network is gonna have to have line
344
00:12:37,360 --> 00:12:38,659
of sight to
345
00:12:39,120 --> 00:12:40,659
between your ABD
346
00:12:41,235 --> 00:12:42,455
environment, your,
347
00:12:43,075 --> 00:12:45,235
that ABD network and your the network that
348
00:12:45,235 --> 00:12:47,554
your domain is in. And really to get
349
00:12:47,554 --> 00:12:48,054
started,
350
00:12:48,674 --> 00:12:51,154
oh, you need a Microsoft three sixty five
351
00:12:51,154 --> 00:12:51,654
subscription
352
00:12:52,115 --> 00:12:53,575
or some way to license
353
00:12:54,209 --> 00:12:55,809
Windows. And I don't know if we wanna
354
00:12:55,809 --> 00:12:59,009
get into pricing or not yet, but you
355
00:12:59,009 --> 00:13:00,929
do need to have Windows licenses. And if
356
00:13:00,929 --> 00:13:03,009
you are running, like, a Microsoft three sixty
357
00:13:03,009 --> 00:13:04,470
five e three or e five,
358
00:13:05,009 --> 00:13:06,149
those licenses
359
00:13:06,714 --> 00:13:09,674
include Windows, and they include the Windows license
360
00:13:09,674 --> 00:13:10,575
for your users
361
00:13:11,034 --> 00:13:11,534
for,
362
00:13:12,235 --> 00:13:15,115
ABD. So your cost is going to be
363
00:13:15,115 --> 00:13:17,195
the hardware for these hosts, but you're not
364
00:13:17,195 --> 00:13:19,570
gonna have to worry about, again, going back
365
00:13:19,570 --> 00:13:20,929
to on prem days where you're worried about,
366
00:13:20,929 --> 00:13:24,049
like, terminal server licensing or Windows licensing for
367
00:13:24,049 --> 00:13:24,710
the server.
368
00:13:25,250 --> 00:13:26,929
That's all gonna be included with that Microsoft
369
00:13:26,929 --> 00:13:28,950
three sixty five license. Some of the licensing
370
00:13:29,089 --> 00:13:31,250
constructs are a little bit weird. So I
371
00:13:31,250 --> 00:13:32,690
think it's a good call out that, yes,
372
00:13:32,690 --> 00:13:34,070
you have to have Windows licensing,
373
00:13:34,615 --> 00:13:36,295
But let's hold off for a couple minutes
374
00:13:36,295 --> 00:13:38,134
and we can kind of talk AVD cost
375
00:13:38,134 --> 00:13:40,695
and estimation and things like that. Because Windows
376
00:13:40,695 --> 00:13:43,254
licensing is almost its own certification on the
377
00:13:43,254 --> 00:13:44,774
side to go out and figure out where
378
00:13:44,774 --> 00:13:46,375
you're going to pick that up from. But
379
00:13:46,375 --> 00:13:48,529
it's definitely consideration for you. Yeah. You have
380
00:13:48,529 --> 00:13:51,590
to think about the operating system, the applications
381
00:13:51,889 --> 00:13:53,429
that are gonna be deployed there.
382
00:13:54,049 --> 00:13:55,330
And you would have done this in any
383
00:13:55,330 --> 00:13:57,190
other VDI environment as well.
384
00:13:58,210 --> 00:14:00,235
Do I even have the rights or the
385
00:14:00,235 --> 00:14:02,554
ability with the vendors that I contract with
386
00:14:02,554 --> 00:14:04,314
to be able to run that software on
387
00:14:04,314 --> 00:14:06,554
a remote desktop? How is it licensed? You
388
00:14:06,554 --> 00:14:09,034
know, does does that piece of software require
389
00:14:09,034 --> 00:14:10,794
a little USB key to be plugged in
390
00:14:10,794 --> 00:14:13,115
the whole time? Well, like, that's maybe not
391
00:14:13,115 --> 00:14:15,115
gonna work for you in this scenario kind
392
00:14:15,115 --> 00:14:17,649
of thing. So you do have to walk
393
00:14:17,649 --> 00:14:20,049
through and and think through that as well.
394
00:14:20,049 --> 00:14:21,889
I would imagine most folks who are looking
395
00:14:21,889 --> 00:14:22,870
at a
396
00:14:23,250 --> 00:14:26,549
remote desktop solution or or a virtual desktop
397
00:14:26,690 --> 00:14:27,190
solution,
398
00:14:27,570 --> 00:14:29,570
they've kind of already worked through this in
399
00:14:29,570 --> 00:14:31,169
on prem land. Like, I see a lot
400
00:14:31,169 --> 00:14:33,784
of folks who are going to cloud. And
401
00:14:33,784 --> 00:14:36,284
then, you know, the cloud first ones,
402
00:14:36,825 --> 00:14:38,424
you know, a lot of them, I think,
403
00:14:38,424 --> 00:14:40,184
for probably for the better or for them,
404
00:14:40,184 --> 00:14:42,184
just end up in the more out of
405
00:14:42,184 --> 00:14:44,284
the box, sassy kind of solutions,
406
00:14:44,949 --> 00:14:47,589
you know, like Windows desktop, like Windows three
407
00:14:47,589 --> 00:14:50,309
sixty five desktop. I would agree. So that's
408
00:14:50,309 --> 00:14:52,230
really I mean, once you have that, that's
409
00:14:52,230 --> 00:14:53,829
all you need to get started. And I
410
00:14:53,829 --> 00:14:57,049
would my opinion, to just stand up a
411
00:14:57,605 --> 00:15:00,324
small ABD environment. Get a couple servers up
412
00:15:00,324 --> 00:15:02,084
there, get it running to the point where
413
00:15:02,084 --> 00:15:03,924
you can log in. Once you have those
414
00:15:03,924 --> 00:15:04,824
things in place,
415
00:15:05,125 --> 00:15:06,345
it's pretty straightforward.
416
00:15:06,804 --> 00:15:09,764
It can get complicated quickly depending as you
417
00:15:09,764 --> 00:15:11,125
scale it out and all of that. There's
418
00:15:11,125 --> 00:15:13,259
lots of different buttons. But once you have
419
00:15:13,259 --> 00:15:13,759
those,
420
00:15:14,220 --> 00:15:16,379
there's just a couple things to create, and
421
00:15:16,379 --> 00:15:17,919
you can be up and running with ABD.
422
00:15:17,980 --> 00:15:20,220
Do we wanna start diving through, like, now
423
00:15:20,220 --> 00:15:22,220
you have those in place, steps to go
424
00:15:22,220 --> 00:15:24,220
stand up ABD? So we should probably start
425
00:15:24,220 --> 00:15:27,375
with host pools and session hosts. So I
426
00:15:27,375 --> 00:15:28,815
was on the fence. I'm like, do you
427
00:15:28,815 --> 00:15:30,894
start with host pools or do you start
428
00:15:30,894 --> 00:15:31,634
with workspaces?
429
00:15:32,254 --> 00:15:32,754
Because
430
00:15:33,455 --> 00:15:35,955
the I would say the first thing you
431
00:15:36,095 --> 00:15:37,774
go in and create because I think you
432
00:15:37,774 --> 00:15:39,315
can get all the way through a workspace
433
00:15:39,455 --> 00:15:40,335
without any
434
00:15:40,975 --> 00:15:42,389
yeah. The first thing you need is a
435
00:15:42,389 --> 00:15:44,570
workspace. We're gonna start with that. So
436
00:15:45,110 --> 00:15:47,509
a workspace is where these different and I'm
437
00:15:47,509 --> 00:15:48,970
gonna call them applications
438
00:15:49,350 --> 00:15:49,850
live.
439
00:15:50,549 --> 00:15:51,450
But applications
440
00:15:51,830 --> 00:15:54,570
groups or applications that live within a workspace
441
00:15:55,014 --> 00:15:58,375
could be a desktop environment, that RDP type
442
00:15:58,375 --> 00:16:00,615
of session, or it could be those individual
443
00:16:00,615 --> 00:16:01,115
applications.
444
00:16:01,815 --> 00:16:03,894
So, really, what a workspace is is you're
445
00:16:03,894 --> 00:16:05,414
gonna go in and you're gonna pick a
446
00:16:05,414 --> 00:16:07,995
subscription and a resource group for this workspace,
447
00:16:08,639 --> 00:16:11,040
give it a workspace name, give it a
448
00:16:11,040 --> 00:16:13,200
friendly name. So this is what people are
449
00:16:13,200 --> 00:16:15,840
going to see when they go log in
450
00:16:15,840 --> 00:16:16,340
to
451
00:16:16,800 --> 00:16:19,040
the ABD environment. So like you said, Scott,
452
00:16:19,040 --> 00:16:20,639
when you're in Europe, when you're out on
453
00:16:20,639 --> 00:16:22,875
the West Coast, the East Coast, you may
454
00:16:22,875 --> 00:16:25,375
have a workspace that is
455
00:16:26,075 --> 00:16:26,575
based
456
00:16:27,355 --> 00:16:31,054
on East Coast, West Coast, Europe, etcetera, because
457
00:16:31,595 --> 00:16:33,754
one thing you do in addition to the
458
00:16:33,754 --> 00:16:36,209
name and the subscription is give it the
459
00:16:36,209 --> 00:16:36,709
location
460
00:16:37,329 --> 00:16:40,070
where this particular workspace is gonna live. What
461
00:16:40,129 --> 00:16:42,370
region, East US, East US 2, West US,
462
00:16:42,370 --> 00:16:43,669
etcetera. And
463
00:16:44,049 --> 00:16:46,629
once you have kind of this workspace defined,
464
00:16:47,009 --> 00:16:49,009
you can choose at that point in time
465
00:16:49,009 --> 00:16:51,014
to go create one of these application groups.
466
00:16:52,615 --> 00:16:54,774
Applications are gonna live there. If not, you
467
00:16:54,774 --> 00:16:57,014
can just go through, and that's really all
468
00:16:57,014 --> 00:16:59,195
you need is just that default workspace.
469
00:16:59,654 --> 00:17:00,794
After the workspace,
470
00:17:01,654 --> 00:17:04,429
it's kind of a toss-up here because then
471
00:17:04,429 --> 00:17:07,150
you need application groups and you need host
472
00:17:07,150 --> 00:17:09,710
pools. The next thing you're probably gonna wanna
473
00:17:09,710 --> 00:17:11,730
do is that host pool after workspace.
474
00:17:12,269 --> 00:17:15,404
So a host pool is going to be
475
00:17:15,644 --> 00:17:17,565
exactly that. You're gonna say this is a
476
00:17:17,565 --> 00:17:20,224
pool of hosts, a pool of VMs
477
00:17:20,525 --> 00:17:22,545
that are gonna power the different applications,
478
00:17:23,404 --> 00:17:25,025
or the different RDP sessions
479
00:17:25,325 --> 00:17:26,465
within my environment.
480
00:17:27,005 --> 00:17:29,005
So once you have that workspace, you can
481
00:17:29,005 --> 00:17:31,200
go in and same type of thing, you
482
00:17:31,200 --> 00:17:33,859
pick your subscription, you pick your resource group,
483
00:17:33,920 --> 00:17:35,539
you give your host pool a name.
484
00:17:36,319 --> 00:17:38,319
The workspace can be different than the host
485
00:17:38,319 --> 00:17:40,240
pool. So the host pool here, you also
486
00:17:40,240 --> 00:17:42,799
pick a location for, and then you're going
487
00:17:42,799 --> 00:17:45,105
to pick, is this going to be a
488
00:17:45,105 --> 00:17:46,404
host pool that hosts
489
00:17:46,785 --> 00:17:47,285
remote
490
00:17:47,585 --> 00:17:50,545
desktop sessions where people are logging in, or
491
00:17:50,545 --> 00:17:52,625
is this host pool going to host remote
492
00:17:52,625 --> 00:17:55,184
apps? So this is one scenario you can't,
493
00:17:55,184 --> 00:17:57,505
like, mix and match within a host pool.
494
00:17:57,904 --> 00:17:59,799
You pick one or the other. And this
495
00:17:59,799 --> 00:18:00,619
is where workspaces
496
00:18:00,920 --> 00:18:02,059
can come into place
497
00:18:02,759 --> 00:18:05,019
is you could create a host pool for
498
00:18:05,240 --> 00:18:07,400
desktops and a host pool for those remote
499
00:18:07,400 --> 00:18:10,140
apps, launching your Office apps, Firefox, etcetera,
500
00:18:10,519 --> 00:18:12,599
and put them within the same workspace so
501
00:18:12,599 --> 00:18:15,285
that even though you have these different pools
502
00:18:15,285 --> 00:18:17,305
on the back end running your resources,
503
00:18:17,924 --> 00:18:20,644
for your end users, they show up in
504
00:18:20,644 --> 00:18:22,105
a single workspace
505
00:18:22,565 --> 00:18:24,805
and give it a cohesive look for your
506
00:18:24,805 --> 00:18:25,545
end users.
507
00:18:26,180 --> 00:18:28,420
So you're gonna pick that type. Are these
508
00:18:28,420 --> 00:18:29,640
desktops or applications?
509
00:18:30,420 --> 00:18:31,079
And then
510
00:18:31,380 --> 00:18:32,980
do you want this host pool? You have
511
00:18:32,980 --> 00:18:34,740
two different types of host pools that you
512
00:18:34,740 --> 00:18:36,579
can set up. You can set up a
513
00:18:36,579 --> 00:18:39,619
pooled host pool where it's really just taking
514
00:18:39,619 --> 00:18:40,599
a bunch of resources,
515
00:18:41,125 --> 00:18:42,984
pooling all those resources together,
516
00:18:43,365 --> 00:18:45,525
and as users log in, they just draw
517
00:18:45,525 --> 00:18:47,224
from this pool of resources.
518
00:18:47,605 --> 00:18:49,765
The other option is personal, and this gets
519
00:18:49,765 --> 00:18:51,605
into if you wanna kinda host more of
520
00:18:51,605 --> 00:18:53,784
like your own cloud PC type of environment
521
00:18:54,244 --> 00:18:55,384
where a
522
00:18:55,799 --> 00:18:57,980
host is tied to a specific individual.
523
00:18:58,519 --> 00:19:00,279
So if we were creating one for the
524
00:19:00,279 --> 00:19:02,759
podcast, Scott, and we did personal, I would
525
00:19:02,759 --> 00:19:04,039
have to go in and stand up a
526
00:19:04,039 --> 00:19:05,799
host for you and a host for me,
527
00:19:05,799 --> 00:19:06,940
and then I pick
528
00:19:07,320 --> 00:19:09,634
Scott gets this host, Ben gets this host.
529
00:19:09,634 --> 00:19:11,255
So instead of pulling from
530
00:19:11,954 --> 00:19:14,775
a conglomeration of resources in a pooled scenario,
531
00:19:14,914 --> 00:19:16,454
we get our own dedicated
532
00:19:16,994 --> 00:19:19,315
resources. And then from there, you're gonna go
533
00:19:19,315 --> 00:19:21,394
pick how many virtual machines do you wanna
534
00:19:21,394 --> 00:19:24,059
add. And from this this point in time,
535
00:19:24,059 --> 00:19:25,740
it's a lot like just standing up a
536
00:19:25,740 --> 00:19:28,559
virtual machine in Azure. You're gonna go
537
00:19:28,940 --> 00:19:30,700
have a few unique things. You're gonna have
538
00:19:30,700 --> 00:19:33,359
the resource group. You're gonna have the prefix
539
00:19:33,579 --> 00:19:35,119
that you use for session hosts.
540
00:19:35,625 --> 00:19:38,204
So naming your servers. And
541
00:19:38,505 --> 00:19:40,105
this is a little bit unique is that
542
00:19:40,105 --> 00:19:42,184
you don't pick the full name. You pick
543
00:19:42,184 --> 00:19:46,424
a prefix, and then it'll start appending 0123456
544
00:19:46,424 --> 00:19:48,265
on up as you create additional hosts in
545
00:19:48,265 --> 00:19:50,500
your host pool. I so think through that
546
00:19:50,500 --> 00:19:52,900
prefix. Know that it's gonna start adding numbers
547
00:19:52,900 --> 00:19:55,000
to it, so you do have a limited
548
00:19:55,460 --> 00:19:58,500
number of characters. I believe it's 11 that
549
00:19:58,500 --> 00:19:59,640
you can use
550
00:20:00,259 --> 00:20:01,640
because it starts
551
00:20:02,005 --> 00:20:04,005
appending other things to it. I was just
552
00:20:04,005 --> 00:20:06,964
looking ten, eleven. That's 11. Length of 11
553
00:20:06,964 --> 00:20:07,865
for your prefix.
554
00:20:08,484 --> 00:20:11,204
Then you can go pick your virtual machine
555
00:20:11,204 --> 00:20:12,744
settings, regions, availability
556
00:20:13,125 --> 00:20:13,625
zones,
557
00:20:14,320 --> 00:20:15,619
secure boot, TPM,
558
00:20:16,080 --> 00:20:18,980
your disk images, your size of your VMs,
559
00:20:19,279 --> 00:20:21,039
how many you wanna create. So if you're
560
00:20:21,039 --> 00:20:22,559
creating a big host pool and you wanna
561
00:20:22,559 --> 00:20:24,640
create 10 or 15 at a time, you
562
00:20:24,640 --> 00:20:26,820
can do that. OS disks, networking,
563
00:20:27,519 --> 00:20:29,779
domain settings to join the domain,
564
00:20:30,375 --> 00:20:31,994
virtual machine admin account,
565
00:20:32,695 --> 00:20:34,394
get a lot of your normal,
566
00:20:35,654 --> 00:20:37,755
VM settings. With the images,
567
00:20:38,214 --> 00:20:39,115
I would say
568
00:20:39,654 --> 00:20:42,055
look at what images are out there. You
569
00:20:42,055 --> 00:20:43,195
have your
570
00:20:43,509 --> 00:20:46,390
typical Windows seven, Windows 11 or Windows Server,
571
00:20:46,390 --> 00:20:47,210
Windows 11
572
00:20:47,669 --> 00:20:49,450
images. But a lot of times in ABD,
573
00:20:49,750 --> 00:20:51,609
especially if you're doing these
574
00:20:52,150 --> 00:20:54,890
pooled resources and multiple people sharing a VM,
575
00:20:55,190 --> 00:20:57,509
there is a very specific image out there
576
00:20:57,509 --> 00:21:00,894
from Microsoft, the Windows multi session image.
577
00:21:01,195 --> 00:21:04,075
And there's also a multi session with your
578
00:21:04,075 --> 00:21:06,714
Microsoft three sixty five apps. So if you're
579
00:21:06,714 --> 00:21:08,494
standing up that environment
580
00:21:09,115 --> 00:21:11,994
and you are gonna have pool resources, you're
581
00:21:11,994 --> 00:21:14,279
gonna be using Microsoft three sixty five, you
582
00:21:14,279 --> 00:21:16,700
wanna make sure you're grabbing this multi session
583
00:21:17,080 --> 00:21:19,019
image from the marketplace
584
00:21:19,640 --> 00:21:21,720
because Microsoft has done a lot of work
585
00:21:21,720 --> 00:21:23,420
in there to optimize that
586
00:21:23,720 --> 00:21:24,539
certain configurations
587
00:21:25,000 --> 00:21:28,005
around your desktop applications to ensure that those
588
00:21:28,005 --> 00:21:29,944
work well within multi session.
589
00:21:30,404 --> 00:21:32,964
So if you go, like, just grab the
590
00:21:32,964 --> 00:21:34,984
default Windows 11 or Windows 10,
591
00:21:35,365 --> 00:21:38,164
and you're doing that multi session type scenario,
592
00:21:38,164 --> 00:21:39,144
you could run into
593
00:21:39,690 --> 00:21:40,990
several different issues.
594
00:21:41,929 --> 00:21:43,289
The other thing you can do is you
595
00:21:43,289 --> 00:21:45,369
can do custom images. You can go do
596
00:21:45,369 --> 00:21:47,549
your own shared images, your own
597
00:21:47,929 --> 00:21:48,829
golden images.
598
00:21:49,130 --> 00:21:51,369
There's guidance around how to do all that.
599
00:21:51,369 --> 00:21:53,369
If you're gonna go that route, same thing.
600
00:21:53,369 --> 00:21:56,214
Make sure that you're starting with that multi
601
00:21:56,214 --> 00:21:58,694
session image in Azure and creating your own
602
00:21:58,694 --> 00:22:01,575
customized golden image from there. Just, again, to
603
00:22:01,575 --> 00:22:04,214
help with that. I wonder which path you
604
00:22:04,214 --> 00:22:06,694
go down given you've done this with, you
605
00:22:06,694 --> 00:22:08,795
know, a couple customers on your side.
606
00:22:09,150 --> 00:22:10,769
Do you kinda recommend
607
00:22:11,150 --> 00:22:13,809
the image path? Or do you recommend
608
00:22:14,509 --> 00:22:15,009
the
609
00:22:15,549 --> 00:22:17,309
let's go with an out of the box
610
00:22:17,309 --> 00:22:19,809
marketplace image? Like you said, it's gonna be
611
00:22:19,869 --> 00:22:22,509
kinda bootstrapped and configured and have that good
612
00:22:22,509 --> 00:22:24,450
known configuration for, say,
613
00:22:24,964 --> 00:22:25,785
multi session
614
00:22:26,484 --> 00:22:29,525
teams, right, and and everything tweaked and and
615
00:22:29,525 --> 00:22:30,964
ready to go in that image. And then
616
00:22:30,964 --> 00:22:32,964
doing post deployment because I, you know, I
617
00:22:32,964 --> 00:22:34,484
could be jumping the gun a little bit,
618
00:22:34,484 --> 00:22:36,404
but one of the things that happens here
619
00:22:36,404 --> 00:22:40,619
as well is you can manage these environments
620
00:22:40,619 --> 00:22:42,220
and these units of compute. You know, you
621
00:22:42,220 --> 00:22:44,320
said resources a bunch of times. I'm just
622
00:22:44,460 --> 00:22:45,980
thinking in the back of my head. Units
623
00:22:45,980 --> 00:22:47,820
of compute. Units of compute. Units of compute.
624
00:22:47,820 --> 00:22:49,680
I'm spinning up VMs and disks
625
00:22:50,299 --> 00:22:51,974
and things like that behind it. But you
626
00:22:51,974 --> 00:22:54,295
can also manage all that with Intune. Which
627
00:22:54,295 --> 00:22:55,755
means you also get
628
00:22:56,134 --> 00:22:56,795
the management
629
00:22:57,494 --> 00:22:58,795
kind of plane and
630
00:22:59,255 --> 00:23:01,174
tasks and the ability to push things out
631
00:23:01,174 --> 00:23:03,654
of Intune that come from that stack. So
632
00:23:03,654 --> 00:23:05,460
you can also do a lot of your
633
00:23:05,700 --> 00:23:07,720
post configuration as far as, like,
634
00:23:08,019 --> 00:23:10,339
boot of a host comes up and does
635
00:23:10,339 --> 00:23:12,099
this. Well, let me go ahead and pull
636
00:23:12,099 --> 00:23:14,599
these things down for this period of time.
637
00:23:14,659 --> 00:23:16,980
And that can get into the weirdness, like
638
00:23:16,980 --> 00:23:18,579
you said, of what type of host pool
639
00:23:18,579 --> 00:23:20,765
is it. Is it a user host pool?
640
00:23:20,765 --> 00:23:21,585
Is it a big
641
00:23:22,044 --> 00:23:24,605
shared pool where we're doing multi session and
642
00:23:24,605 --> 00:23:26,684
and those kinds of things. But you can
643
00:23:26,684 --> 00:23:28,765
kinda have your cake and eat it too.
644
00:23:28,765 --> 00:23:31,105
It's just you have to think through everything
645
00:23:31,325 --> 00:23:33,140
end to end because there's a bunch of
646
00:23:33,140 --> 00:23:35,140
moving pieces in there between how the host
647
00:23:35,140 --> 00:23:37,380
pools compose, what the underlying units of compute
648
00:23:37,380 --> 00:23:39,539
are. There's a lot of granularity, like you
649
00:23:39,539 --> 00:23:41,539
said, even down to your deployment types because
650
00:23:41,539 --> 00:23:43,859
you're deploying VMs. Like, what zones do these
651
00:23:43,859 --> 00:23:44,519
go into?
652
00:23:45,005 --> 00:23:46,285
What does that look like and how does
653
00:23:46,285 --> 00:23:48,125
it all spin up? But then, yeah, you
654
00:23:48,125 --> 00:23:50,285
know, if it's one less thing to worry
655
00:23:50,285 --> 00:23:52,285
about, I think, if you don't have to
656
00:23:52,285 --> 00:23:54,125
manage images, then you can just use the
657
00:23:54,125 --> 00:23:56,365
out of the box marketplace stuff and do
658
00:23:56,365 --> 00:23:59,779
post deployment, post boot, you know, think through
659
00:23:59,779 --> 00:24:02,259
your roaming profiles and and all those kinds
660
00:24:02,259 --> 00:24:04,500
of things as well and and get your
661
00:24:04,500 --> 00:24:06,359
environments up that way. Yes.
662
00:24:10,420 --> 00:24:12,579
Do you feel overwhelmed by trying to manage
663
00:24:12,579 --> 00:24:14,875
your Office three sixty five environment? Are you
664
00:24:14,875 --> 00:24:18,174
facing unexpected issues that disrupt your company's productivity?
665
00:24:18,474 --> 00:24:20,394
Intelligink is here to help. Much like you
666
00:24:20,394 --> 00:24:22,234
take your car to the mechanic that has
667
00:24:22,234 --> 00:24:24,394
specialized knowledge on how to best keep your
668
00:24:24,394 --> 00:24:27,434
car running, Intelligink helps you with your Microsoft
669
00:24:27,434 --> 00:24:29,694
cloud environment because that's their expertise.
670
00:24:30,230 --> 00:24:32,390
Intelligent keeps up with the latest updates in
671
00:24:32,390 --> 00:24:34,549
the Microsoft cloud to help keep your business
672
00:24:34,549 --> 00:24:36,789
running smoothly and ahead of the curve. Whether
673
00:24:36,789 --> 00:24:38,869
you are a small organization with just a
674
00:24:38,869 --> 00:24:41,269
few users up to an organization of several
675
00:24:41,269 --> 00:24:41,769
thousand
676
00:24:42,325 --> 00:24:44,244
employees. They want to partner with you to
677
00:24:44,244 --> 00:24:45,384
implement and administer
678
00:24:45,684 --> 00:24:47,384
your Microsoft cloud technology.
679
00:24:48,085 --> 00:24:51,625
Visit them at inteliginc.com/podcast.
680
00:24:51,924 --> 00:24:58,640
That's intelligink.com/podcast
681
00:24:59,019 --> 00:25:01,180
for more information or to schedule a thirty
682
00:25:01,180 --> 00:25:03,279
minute call to get started with them today.
683
00:25:03,500 --> 00:25:06,859
Remember, Intelligink focuses on the Microsoft cloud so
684
00:25:06,859 --> 00:25:08,559
you can focus on your business.
685
00:25:10,859 --> 00:25:13,295
So I do the marketplace image as much
686
00:25:13,295 --> 00:25:15,795
as I can. I do have one client
687
00:25:16,335 --> 00:25:16,835
where
688
00:25:17,295 --> 00:25:19,695
we created a golden image and did the
689
00:25:19,695 --> 00:25:21,875
custom image. Again, I started
690
00:25:22,335 --> 00:25:25,390
from that multi session image to build the
691
00:25:25,390 --> 00:25:27,329
custom one. And I would say,
692
00:25:28,349 --> 00:25:29,329
again, it depends.
693
00:25:29,869 --> 00:25:32,349
Like you said, multisession is great. Part of
694
00:25:32,349 --> 00:25:34,269
what I would say you run into with
695
00:25:34,269 --> 00:25:36,769
just doing Intune and just doing post deployment
696
00:25:37,230 --> 00:25:37,730
is,
697
00:25:38,095 --> 00:25:40,674
one, can you get Intune to do
698
00:25:41,134 --> 00:25:41,634
everything
699
00:25:41,934 --> 00:25:42,674
you need?
700
00:25:42,975 --> 00:25:44,914
So certain applications can
701
00:25:45,215 --> 00:25:46,275
be very complex
702
00:25:46,654 --> 00:25:48,595
to get set up with Intune and deploy
703
00:25:48,894 --> 00:25:50,894
if there's more than just, like, run an
704
00:25:50,894 --> 00:25:52,140
MSI to get it there.
705
00:25:53,339 --> 00:25:54,799
The other thing Microsoft
706
00:25:55,180 --> 00:25:57,660
does still recommend, and if you think about
707
00:25:57,660 --> 00:26:00,299
it, it does kinda make sense, is not
708
00:26:00,299 --> 00:26:02,539
to turn on the auto updating in your
709
00:26:02,539 --> 00:26:03,440
Windows updates.
710
00:26:04,220 --> 00:26:06,059
You can do, like, the security updates, but
711
00:26:06,059 --> 00:26:08,404
you still wanna be careful with feature updates.
712
00:26:08,865 --> 00:26:10,644
Even some of the other patching,
713
00:26:11,505 --> 00:26:13,765
think through the whole whole host pool scenario
714
00:26:13,904 --> 00:26:14,404
where
715
00:26:14,784 --> 00:26:15,845
if you have
716
00:26:16,304 --> 00:26:18,884
a pool of 50 different virtual machines,
717
00:26:19,265 --> 00:26:19,765
and
718
00:26:20,144 --> 00:26:23,460
because it's pooled, a user could log out
719
00:26:23,460 --> 00:26:24,680
and log in to
720
00:26:24,980 --> 00:26:27,160
log out, log in again the same day,
721
00:26:27,220 --> 00:26:29,140
and end up on a completely different host
722
00:26:29,140 --> 00:26:31,000
than they were on fifteen minutes before.
723
00:26:31,539 --> 00:26:32,519
So if your
724
00:26:32,980 --> 00:26:33,480
machines
725
00:26:33,974 --> 00:26:34,474
aren't
726
00:26:35,335 --> 00:26:35,994
all identical,
727
00:26:36,615 --> 00:26:38,234
you could, in theory,
728
00:26:38,615 --> 00:26:41,494
end up with weird things, especially if you're
729
00:26:41,494 --> 00:26:43,515
doing the whole roaming profiles in FSLogix
730
00:26:44,535 --> 00:26:47,240
where, like I think of Teams for an
731
00:26:47,240 --> 00:26:49,399
example. Teams does not install in program files
732
00:26:49,399 --> 00:26:51,480
anymore. It does some weird stuff with what
733
00:26:51,480 --> 00:26:52,700
it puts in a user's
734
00:26:53,159 --> 00:26:55,720
app data or app data. So if you're,
735
00:26:55,720 --> 00:26:57,559
like, have a roaming profile and you end
736
00:26:57,559 --> 00:26:59,319
up with two different versions of Teams on
737
00:26:59,319 --> 00:27:00,220
different machines,
738
00:27:00,654 --> 00:27:03,474
different things with browsers, like, all those different
739
00:27:03,934 --> 00:27:06,174
things you think about that if you go
740
00:27:06,174 --> 00:27:09,134
to a different machine and something's mismatched where
741
00:27:09,134 --> 00:27:11,855
problems could arise. So there is, I would
742
00:27:11,855 --> 00:27:13,855
say, an aspect that's nice to doing a
743
00:27:13,855 --> 00:27:14,755
custom image
744
00:27:15,055 --> 00:27:15,555
that
745
00:27:16,220 --> 00:27:17,599
certain things you control.
746
00:27:17,900 --> 00:27:19,200
And when it's time
747
00:27:19,980 --> 00:27:22,059
to do certain updates, you just do a
748
00:27:22,059 --> 00:27:24,000
refresh of the image and
749
00:27:24,539 --> 00:27:25,359
start there.
750
00:27:25,660 --> 00:27:27,500
But like you said, there are certain things
751
00:27:27,500 --> 00:27:29,580
you can manage with Intune, certain applications you
752
00:27:29,580 --> 00:27:30,880
can install with Intune.
753
00:27:31,944 --> 00:27:33,384
So I end up with that weird mix
754
00:27:33,384 --> 00:27:34,444
of certain applications.
755
00:27:34,744 --> 00:27:36,825
Absolutely. I just push them down from Intune.
756
00:27:36,825 --> 00:27:37,944
I don't worry about putting them in the
757
00:27:37,944 --> 00:27:40,825
global image. Adobe Reader is a great one.
758
00:27:40,825 --> 00:27:43,304
Push Adobe Reader down from Intune. Your Office
759
00:27:43,304 --> 00:27:43,804
applications,
760
00:27:44,424 --> 00:27:46,679
those are bundled in the image. What other
761
00:27:46,679 --> 00:27:49,000
ones? Firefox. I think they tend to push
762
00:27:49,000 --> 00:27:51,179
different browsers down through Intune.
763
00:27:51,480 --> 00:27:53,559
But, yeah, there's other things and other scenarios
764
00:27:53,559 --> 00:27:55,399
where you absolutely still end up doing custom
765
00:27:55,399 --> 00:27:57,319
images. That felt like a really long answer.
766
00:27:57,319 --> 00:27:58,919
Yeah. Well, I mean, you can also mix
767
00:27:58,919 --> 00:27:59,884
and match. So
768
00:28:01,065 --> 00:28:03,305
you can do both along the way. You
769
00:28:03,305 --> 00:28:05,704
know, I think image management used to be
770
00:28:05,704 --> 00:28:07,644
a lot easier when it was all local.
771
00:28:07,945 --> 00:28:10,025
And you could kind of do everything in
772
00:28:10,025 --> 00:28:12,025
your local hypervisor and then just load it
773
00:28:12,025 --> 00:28:12,924
into your environment.
774
00:28:13,950 --> 00:28:16,509
And managing Azure images in general is a
775
00:28:16,509 --> 00:28:18,349
little bit different. Like, there's a different set
776
00:28:18,349 --> 00:28:20,369
of drivers and considerations
777
00:28:20,750 --> 00:28:22,589
and how you might wanna think about even,
778
00:28:22,589 --> 00:28:24,990
you know, just monitoring VM health and things
779
00:28:24,990 --> 00:28:27,115
like that that end up on those. So
780
00:28:27,115 --> 00:28:28,714
it's not something where you kinda walk in
781
00:28:28,714 --> 00:28:30,474
and you go, it's just the way I
782
00:28:30,474 --> 00:28:32,794
did it on prem. It's it's different. And
783
00:28:32,794 --> 00:28:35,194
I think you're better served by kinda thinking
784
00:28:35,194 --> 00:28:36,875
about it as different. Like, if you're not
785
00:28:36,875 --> 00:28:38,875
in this world today or you're coming in
786
00:28:38,875 --> 00:28:40,399
and you're like, you know, I just just
787
00:28:40,399 --> 00:28:42,099
do golden images today and it's fine.
788
00:28:42,720 --> 00:28:44,399
You might wanna rethink that and take some
789
00:28:44,399 --> 00:28:46,640
time and plan through it because it might
790
00:28:46,640 --> 00:28:48,559
not be the fit for everything along the
791
00:28:48,559 --> 00:28:50,640
way. So before we leave the kind of
792
00:28:50,640 --> 00:28:51,919
compute side of it, I think the other
793
00:28:51,919 --> 00:28:54,434
thing that's important to mention is these are
794
00:28:54,434 --> 00:28:56,275
units of compute that get spun up. These
795
00:28:56,275 --> 00:28:57,414
are virtual machines.
796
00:28:57,875 --> 00:28:59,174
So they consume
797
00:28:59,554 --> 00:29:03,414
CPU. They potentially consume GPU. They consume disks.
798
00:29:03,714 --> 00:29:05,154
So that means you need to have quota
799
00:29:05,154 --> 00:29:07,230
for all those things as well. Like, I
800
00:29:07,230 --> 00:29:08,450
can't stand up
801
00:29:08,910 --> 00:29:09,569
a 50,
802
00:29:10,389 --> 00:29:11,329
a 50
803
00:29:11,710 --> 00:29:13,089
VM host pool
804
00:29:13,390 --> 00:29:16,190
if I don't have access to, you know,
805
00:29:16,190 --> 00:29:17,490
those hundred CPUs
806
00:29:17,789 --> 00:29:19,329
or those 200 CPUs
807
00:29:19,884 --> 00:29:22,765
and that actual quota in that region ready
808
00:29:22,765 --> 00:29:24,285
to go in there. And then the other
809
00:29:24,285 --> 00:29:26,525
thing to keep in mind is just because
810
00:29:26,525 --> 00:29:28,924
you have a quota doesn't always mean that
811
00:29:28,924 --> 00:29:30,924
the compute is available as well. Like that's
812
00:29:30,924 --> 00:29:33,005
another weird one. You can't just go and
813
00:29:33,005 --> 00:29:35,670
always spin up 50 VMs depending on your
814
00:29:35,670 --> 00:29:38,309
environment, your quota, and what's going on, especially
815
00:29:38,309 --> 00:29:41,109
if it's not all reserved compute that's reserved
816
00:29:41,109 --> 00:29:42,890
and held out for you all the time.
817
00:29:43,029 --> 00:29:46,009
Yes. I have absolutely hit that before where
818
00:29:46,150 --> 00:29:47,829
we went to go stand up and I
819
00:29:47,829 --> 00:29:50,065
mean, a lot of default quotas are, like,
820
00:29:50,065 --> 00:29:50,964
50 CPUs.
821
00:29:51,424 --> 00:29:53,204
And one of these in particular,
822
00:29:53,984 --> 00:29:56,565
we needed to stand up, like, twenty sixteen
823
00:29:56,785 --> 00:29:57,684
core VMs
824
00:29:58,065 --> 00:30:00,724
or twenty four sixteen core VMs.
825
00:30:01,119 --> 00:30:02,799
That is a lot more than 50. So
826
00:30:02,799 --> 00:30:04,500
we had to go get quota right away.
827
00:30:04,720 --> 00:30:08,179
The other thing I would also say is
828
00:30:08,799 --> 00:30:09,779
a lot of these
829
00:30:10,159 --> 00:30:12,399
going back to even your custom images, if
830
00:30:12,399 --> 00:30:14,240
you wanna refresh these. Right? If you have
831
00:30:14,240 --> 00:30:15,380
a VM that
832
00:30:15,684 --> 00:30:16,424
has issues
833
00:30:17,365 --> 00:30:18,984
or when I go to
834
00:30:19,765 --> 00:30:22,005
stand up new images, let's say I go
835
00:30:22,005 --> 00:30:23,845
do an update, I wanna refresh with my
836
00:30:23,845 --> 00:30:26,325
golden image, Intune does not push stuff down
837
00:30:26,325 --> 00:30:26,825
instantaneously.
838
00:30:27,859 --> 00:30:29,779
So if this is one of those environments
839
00:30:29,779 --> 00:30:31,380
where it has to run around the clock
840
00:30:31,380 --> 00:30:32,920
or you have to have a certain number
841
00:30:33,059 --> 00:30:35,779
around the clock, you may actually have to
842
00:30:35,779 --> 00:30:36,279
run
843
00:30:37,220 --> 00:30:40,100
double the amount of compute that you normally
844
00:30:40,100 --> 00:30:43,059
would for twelve hours or for twenty four
845
00:30:43,059 --> 00:30:44,974
hours so that your
846
00:30:45,275 --> 00:30:47,515
new images can come up, Intune can get
847
00:30:47,515 --> 00:30:49,375
deployed, they can get joined to AD,
848
00:30:49,835 --> 00:30:52,474
they can get all the applications pushed down
849
00:30:52,474 --> 00:30:55,355
to them. All that stuff that maybe takes
850
00:30:55,355 --> 00:30:57,674
a few hours to do can get done
851
00:30:57,674 --> 00:31:00,059
on your new VMs while your old VMs
852
00:31:00,059 --> 00:31:02,140
are still running, which means you need twice
853
00:31:02,140 --> 00:31:03,900
the amount of quota. And then you can
854
00:31:03,900 --> 00:31:06,380
shut down your old images, get rid of
855
00:31:06,380 --> 00:31:07,980
them as people log out of them as
856
00:31:07,980 --> 00:31:10,140
you don't need them anymore. But sometimes you
857
00:31:10,140 --> 00:31:11,919
need a lot more quota than you initially
858
00:31:11,980 --> 00:31:14,585
think because of some of that overlap in
859
00:31:14,585 --> 00:31:16,924
how you do your deployments. We got compute.
860
00:31:17,225 --> 00:31:19,644
You mentioned kind of roaming profiles in FSLogix.
861
00:31:19,865 --> 00:31:21,545
So once you've got your compute, I think
862
00:31:21,545 --> 00:31:23,384
there's a step kind of in the middle
863
00:31:23,384 --> 00:31:26,525
here where you've got to assign your users.
864
00:31:26,690 --> 00:31:28,929
So we talked about the need for Active
865
00:31:28,929 --> 00:31:30,390
Directory or Azure
866
00:31:30,929 --> 00:31:33,089
AD, Entra ID to be there. And push
867
00:31:33,089 --> 00:31:34,769
those things through. So you've got to assign
868
00:31:34,769 --> 00:31:36,869
those users to virtual desktops
869
00:31:37,250 --> 00:31:37,750
or
870
00:31:38,289 --> 00:31:40,230
to your groups of applications
871
00:31:40,529 --> 00:31:42,615
that you have out there. You gotta give
872
00:31:42,615 --> 00:31:45,494
those users access, potentially bootstrap them, get them
873
00:31:45,494 --> 00:31:47,174
going, get them set up on the Windows
874
00:31:47,174 --> 00:31:47,674
app.
875
00:31:48,295 --> 00:31:49,835
All that kind of stuff.
876
00:31:50,855 --> 00:31:53,015
And once that's ready to go, then we're
877
00:31:53,015 --> 00:31:53,515
into
878
00:31:54,869 --> 00:31:58,009
actually configuring that. So you mentioned roaming profiles,
879
00:31:58,230 --> 00:31:58,730
FSLogix.
880
00:31:59,589 --> 00:32:01,690
Let's kinda take a step back there, maybe
881
00:32:01,990 --> 00:32:04,230
real high level. What's what the benefits are
882
00:32:04,230 --> 00:32:04,970
of FSLX,
883
00:32:05,829 --> 00:32:07,049
FSLogix profiles,
884
00:32:07,589 --> 00:32:08,730
profile containers,
885
00:32:09,174 --> 00:32:12,454
and how that impacts the user experience. So
886
00:32:12,454 --> 00:32:15,015
profiles, this is a big one. I would
887
00:32:15,015 --> 00:32:16,394
say this is almost a requirement
888
00:32:16,855 --> 00:32:19,255
if you are doing that pooled approach. Because
889
00:32:19,255 --> 00:32:21,174
we we talked about it. Right? Like, this
890
00:32:21,174 --> 00:32:21,835
one environment
891
00:32:22,134 --> 00:32:25,710
or a larger environment, you may have 24
892
00:32:25,710 --> 00:32:26,210
different
893
00:32:26,829 --> 00:32:29,410
VMs in a shared host pool. Let's say
894
00:32:29,549 --> 00:32:31,230
each one of those can support 10 people.
895
00:32:31,230 --> 00:32:33,390
You have, like, 240 users that are using
896
00:32:33,390 --> 00:32:36,670
ABD across those 24 VMs. If you don't
897
00:32:36,670 --> 00:32:37,730
do the whole
898
00:32:38,174 --> 00:32:40,115
roaming profiles, which is essentially
899
00:32:40,575 --> 00:32:41,394
my profile
900
00:32:41,695 --> 00:32:44,654
for my Windows environment, is stored off in
901
00:32:44,654 --> 00:32:45,154
another
902
00:32:45,535 --> 00:32:47,775
storage account. It could be NetApp storage. It
903
00:32:47,775 --> 00:32:49,075
could be Azure files.
904
00:32:49,535 --> 00:32:50,674
But that typical
905
00:32:51,134 --> 00:32:52,355
c users,
906
00:32:53,160 --> 00:32:53,820
b steging,
907
00:32:54,440 --> 00:32:56,840
s h og is stored out there. When
908
00:32:56,840 --> 00:32:59,240
I log in to a virtual machine, it
909
00:32:59,240 --> 00:33:01,559
goes out to that file share, grabs my
910
00:33:01,559 --> 00:33:02,059
profile,
911
00:33:02,600 --> 00:33:04,759
loads it into that VM that I'm connected
912
00:33:04,759 --> 00:33:06,764
to so that as I'm doing my work,
913
00:33:06,764 --> 00:33:08,625
working in my documents or
914
00:33:09,325 --> 00:33:11,024
working within Outlook,
915
00:33:11,404 --> 00:33:12,944
all of that application
916
00:33:13,244 --> 00:33:15,424
data that's stored in my user profile,
917
00:33:15,804 --> 00:33:17,565
stored in there. When I log out of
918
00:33:17,565 --> 00:33:19,859
the VM, it gets written back to
919
00:33:20,319 --> 00:33:21,940
that network storage location,
920
00:33:22,720 --> 00:33:25,359
and saved out there. The benefit is is
921
00:33:25,359 --> 00:33:27,519
because I'm in that pooled environment, and I
922
00:33:27,519 --> 00:33:29,119
mentioned this before, I may go log in
923
00:33:29,119 --> 00:33:31,440
ten minutes later and end up on a
924
00:33:31,440 --> 00:33:33,220
completely different virtual machine.
925
00:33:33,815 --> 00:33:35,894
If I have my profile on that network
926
00:33:35,894 --> 00:33:37,755
drive, now it can pull in my profile,
927
00:33:37,974 --> 00:33:39,974
pull it into that second VM I'm logged
928
00:33:39,974 --> 00:33:40,474
into,
929
00:33:40,775 --> 00:33:42,855
and I really am just picking up right
930
00:33:42,855 --> 00:33:45,035
where I left off. All my applications
931
00:33:45,494 --> 00:33:47,654
are configured the same. My documents are there.
932
00:33:47,654 --> 00:33:49,710
Everything I configured on my desk top is
933
00:33:49,710 --> 00:33:50,210
there.
934
00:33:50,990 --> 00:33:53,230
Everything is configured as it should be or
935
00:33:53,230 --> 00:33:55,630
as I left it versus if I'm not
936
00:33:55,630 --> 00:33:57,470
doing that and I'm logging in from one
937
00:33:57,470 --> 00:33:59,950
machine to another machine to another machine, those
938
00:33:59,950 --> 00:34:01,869
profiles are local to that machine. So now
939
00:34:01,869 --> 00:34:02,295
I have
940
00:34:02,855 --> 00:34:05,494
a profile on every single VM I've logged
941
00:34:05,494 --> 00:34:05,994
into,
942
00:34:06,295 --> 00:34:06,795
and
943
00:34:07,494 --> 00:34:09,735
the information that's stored in my user profile
944
00:34:09,735 --> 00:34:10,554
on my machine
945
00:34:11,015 --> 00:34:12,695
is different because it's on all these other
946
00:34:12,695 --> 00:34:16,000
virtual machines. The other downside is guess what
947
00:34:16,000 --> 00:34:17,840
else profiles take up on all those different
948
00:34:17,840 --> 00:34:20,960
virtual machines? Storage space on your c drive.
949
00:34:20,960 --> 00:34:21,460
Mhmm.
950
00:34:21,920 --> 00:34:23,360
If I have 240
951
00:34:23,360 --> 00:34:23,860
users
952
00:34:24,239 --> 00:34:26,000
logging in to each one of those machines
953
00:34:26,000 --> 00:34:27,920
at any time, 240
954
00:34:27,920 --> 00:34:28,420
profiles
955
00:34:28,960 --> 00:34:31,375
on each machine across however many machines. I
956
00:34:31,375 --> 00:34:32,515
said 24 machines.
957
00:34:32,894 --> 00:34:34,575
It takes up a lot of storage space
958
00:34:34,575 --> 00:34:36,735
as well, so you end up with a
959
00:34:36,735 --> 00:34:38,755
whole mess of profiles
960
00:34:39,295 --> 00:34:39,795
and
961
00:34:40,335 --> 00:34:43,375
storage bloat and expensive disks and all of
962
00:34:43,375 --> 00:34:46,280
that. So, absolutely, if you're going down this
963
00:34:46,280 --> 00:34:49,000
pooled route, I and if you're doing more
964
00:34:49,000 --> 00:34:51,079
than if you're doing really more than one
965
00:34:51,079 --> 00:34:53,640
machine, you should think about doing these roaming
966
00:34:53,640 --> 00:34:54,140
profiles,
967
00:34:54,519 --> 00:34:55,340
doing FSLogix.
968
00:34:56,199 --> 00:34:57,880
I have done this before where it's a
969
00:34:57,880 --> 00:34:58,699
small company,
970
00:34:59,155 --> 00:34:59,974
five users.
971
00:35:00,434 --> 00:35:03,235
They want the benefits of ABD from the
972
00:35:03,235 --> 00:35:05,954
remote application logging in. They just stand up
973
00:35:05,954 --> 00:35:08,595
one great big machine. There's some downsides to
974
00:35:08,595 --> 00:35:10,994
that, but one great big machine, you don't
975
00:35:10,994 --> 00:35:12,595
need to go through the extra effort of
976
00:35:12,595 --> 00:35:14,215
roaming profiles because
977
00:35:14,570 --> 00:35:16,570
you got a handful of people, their profiles
978
00:35:16,570 --> 00:35:17,469
are on the machine,
979
00:35:17,849 --> 00:35:19,130
you can get away with it and be
980
00:35:19,130 --> 00:35:21,690
fine. I think beyond the consistency of the
981
00:35:21,690 --> 00:35:23,469
user experience, which is important,
982
00:35:23,849 --> 00:35:26,409
hey, let's make sure my app config carries
983
00:35:26,409 --> 00:35:28,664
over and those things are there, You'll also
984
00:35:28,664 --> 00:35:31,785
see vastly improved login times because all that
985
00:35:31,785 --> 00:35:33,785
information already exists and it's ready to go
986
00:35:33,785 --> 00:35:35,164
and it doesn't need to be bootstrapped.
987
00:35:35,545 --> 00:35:37,065
If you think about the out of the
988
00:35:37,065 --> 00:35:39,864
box bootstrapping experience for just logging in the
989
00:35:39,864 --> 00:35:41,224
first time as a user to a new
990
00:35:41,224 --> 00:35:41,724
desktop,
991
00:35:42,090 --> 00:35:44,250
you don't want your users to go through
992
00:35:44,250 --> 00:35:46,010
that every time. So, yeah, if you do
993
00:35:46,010 --> 00:35:48,890
have that pool out there and then that's
994
00:35:48,890 --> 00:35:50,829
ready to go, I think that's a consideration
995
00:35:50,970 --> 00:35:53,849
for you. So we got roaming profiles. We
996
00:35:53,849 --> 00:35:56,590
talked a little bit about management with Intune.
997
00:35:57,014 --> 00:36:00,234
Management with Intune does extend beyond deploying applications.
998
00:36:00,454 --> 00:36:01,914
You can also monitor
999
00:36:02,375 --> 00:36:04,534
VM health and and some things in there.
1000
00:36:04,534 --> 00:36:06,214
So I think it's a little bit of
1001
00:36:06,214 --> 00:36:08,454
a mix between what you're gonna monitor potentially
1002
00:36:08,454 --> 00:36:09,755
in Intune versus
1003
00:36:10,454 --> 00:36:12,554
Azure Virtual Desktop as a service
1004
00:36:12,989 --> 00:36:15,070
and Yep. And the health of your pools,
1005
00:36:15,070 --> 00:36:17,570
things like that. Yeah. We talked about FSLogix.
1006
00:36:17,949 --> 00:36:19,710
Intune, you can also push out all your
1007
00:36:19,710 --> 00:36:20,849
FSLogix settings.
1008
00:36:21,230 --> 00:36:23,309
So, typically, a lot of people did that
1009
00:36:23,309 --> 00:36:25,469
with GPOs. Those are all in Intune now.
1010
00:36:25,469 --> 00:36:28,085
So you can say, here's all my FSLogix
1011
00:36:28,224 --> 00:36:30,864
settings, all that. That's another big reason to
1012
00:36:30,864 --> 00:36:32,385
put them in Intune. Alright. So we got
1013
00:36:32,385 --> 00:36:34,085
that. Other considerations,
1014
00:36:35,105 --> 00:36:35,605
cost.
1015
00:36:36,065 --> 00:36:38,945
So you mentioned Windows licensing, things like that.
1016
00:36:38,945 --> 00:36:40,860
I think that's definitely out there.
1017
00:36:41,340 --> 00:36:43,180
You know, you've got the cost of Azure
1018
00:36:43,180 --> 00:36:45,900
Virtual Desktop itself. Like, here's the cost of
1019
00:36:45,900 --> 00:36:47,739
the service. Which do you know what the
1020
00:36:47,739 --> 00:36:49,820
cost of that is, Scott? Free? Nothing. Yeah.
1021
00:36:49,820 --> 00:36:52,220
It's free. It's all management. It it's it's
1022
00:36:52,220 --> 00:36:54,059
kinda like AKS It really is. And those
1023
00:36:54,059 --> 00:36:56,905
things. But then you roll in your virtual
1024
00:36:56,905 --> 00:36:59,385
machines on top of that, your storage is
1025
00:36:59,385 --> 00:37:00,905
gonna have a cost to it. So if
1026
00:37:00,905 --> 00:37:04,764
you deploy those FSLogix profiles into Azure Files
1027
00:37:04,824 --> 00:37:06,364
or Azure NetApp Files,
1028
00:37:06,680 --> 00:37:08,519
That's another thing that you potentially need to
1029
00:37:08,519 --> 00:37:10,519
consider that's out there. You also need to
1030
00:37:10,519 --> 00:37:13,400
consider your network usage. Depending on how your
1031
00:37:13,400 --> 00:37:15,800
egress goes from regions, things like that, there
1032
00:37:15,800 --> 00:37:18,760
can be billable networking components in there for
1033
00:37:18,760 --> 00:37:20,305
you. So it's worth it to spend a
1034
00:37:20,305 --> 00:37:21,744
little bit of time in the Azure pricing
1035
00:37:21,744 --> 00:37:24,065
calculator as well and add some of those
1036
00:37:24,065 --> 00:37:25,505
services in and see where you're going to
1037
00:37:25,505 --> 00:37:26,945
land. Like if you know you're going to
1038
00:37:26,945 --> 00:37:27,445
have
1039
00:37:28,144 --> 00:37:29,364
n hundred gigabytes
1040
00:37:29,664 --> 00:37:30,164
or
1041
00:37:30,465 --> 00:37:31,364
n terabytes
1042
00:37:31,664 --> 00:37:32,565
of user profiles,
1043
00:37:33,090 --> 00:37:35,410
Well, go figure that out and and start
1044
00:37:35,410 --> 00:37:37,650
to spec that cost. Start to spec some
1045
00:37:37,650 --> 00:37:38,309
of your
1046
00:37:38,610 --> 00:37:40,930
VM sizes. And, you know, you can play
1047
00:37:40,930 --> 00:37:42,930
around with the sizes within the pools and
1048
00:37:42,930 --> 00:37:43,910
things like that.
1049
00:37:45,650 --> 00:37:48,070
There can be some meaningful differences between
1050
00:37:49,664 --> 00:37:51,605
the cost of a VM
1051
00:37:52,144 --> 00:37:54,625
size and series as you're stepping in. And
1052
00:37:54,625 --> 00:37:57,425
that might even, you know, impact the regions
1053
00:37:57,425 --> 00:37:59,184
that you go to. Maybe you require a
1054
00:37:59,184 --> 00:38:01,204
certain VM size or VM series
1055
00:38:01,590 --> 00:38:04,250
for your multi session pool compute
1056
00:38:04,630 --> 00:38:07,030
and that forces you into, say, like, East
1057
00:38:07,030 --> 00:38:09,210
US 2 in The US versus East US.
1058
00:38:09,430 --> 00:38:12,470
Or it forces you into West Europe versus
1059
00:38:12,470 --> 00:38:14,235
North Europe. Things like that. So
1060
00:38:14,635 --> 00:38:16,075
you you know, make sure that you're paying
1061
00:38:16,075 --> 00:38:18,974
attention to all of those things as well
1062
00:38:19,195 --> 00:38:21,375
when you're standing up your your environment
1063
00:38:21,675 --> 00:38:22,175
and
1064
00:38:22,555 --> 00:38:24,315
you're getting ready to go for it. You
1065
00:38:24,315 --> 00:38:27,409
can also use reserved instances for your compute.
1066
00:38:27,710 --> 00:38:29,650
So if you are a customer with reservations,
1067
00:38:29,949 --> 00:38:32,589
that's potentially another consideration for you or an
1068
00:38:32,589 --> 00:38:34,530
optimization that you can make along the way.
1069
00:38:34,670 --> 00:38:36,670
Is the same reservations that you're using for
1070
00:38:36,670 --> 00:38:38,269
your other compute in Azure, if you happen
1071
00:38:38,269 --> 00:38:39,824
to be using it there, can also be
1072
00:38:39,824 --> 00:38:42,304
used for, your pooled compute over in your
1073
00:38:42,304 --> 00:38:45,344
host pools in APD. Yep. Another cost I
1074
00:38:45,344 --> 00:38:45,844
would
1075
00:38:46,144 --> 00:38:47,105
100%
1076
00:38:47,105 --> 00:38:49,824
factor in is think about cost of log
1077
00:38:49,824 --> 00:38:50,324
analytics.
1078
00:38:50,784 --> 00:38:53,410
There are a lot of insights for ABD
1079
00:38:53,630 --> 00:38:54,130
around
1080
00:38:54,910 --> 00:38:56,849
errors when users are connecting,
1081
00:38:57,230 --> 00:38:58,369
around monitoring
1082
00:38:58,750 --> 00:38:59,490
the performance
1083
00:39:00,190 --> 00:39:01,970
of your ABD environment,
1084
00:39:02,510 --> 00:39:03,730
monitoring host diagnostics,
1085
00:39:04,635 --> 00:39:07,695
round trip times between your users and ABD,
1086
00:39:09,034 --> 00:39:11,934
any errors that users may log into, utilization,
1087
00:39:12,715 --> 00:39:16,015
all of that those insights in your monitoring
1088
00:39:16,554 --> 00:39:17,215
of ABD,
1089
00:39:17,914 --> 00:39:20,869
is tied to or is it's required to
1090
00:39:20,869 --> 00:39:22,730
have that tied to a log analytics workbook.
1091
00:39:23,030 --> 00:39:24,869
So if you do want to have any
1092
00:39:24,869 --> 00:39:25,610
type of
1093
00:39:25,989 --> 00:39:27,130
monitoring, logging
1094
00:39:27,670 --> 00:39:30,150
insights into all of that, you're gonna have
1095
00:39:30,150 --> 00:39:32,565
that cost of log analytics. And you can
1096
00:39:32,565 --> 00:39:35,445
also do scaling. So you mentioned reserved instances
1097
00:39:35,445 --> 00:39:35,945
as
1098
00:39:37,445 --> 00:39:38,744
a tweak and optimization.
1099
00:39:39,364 --> 00:39:41,304
The other thing you can do is scaling.
1100
00:39:41,364 --> 00:39:42,585
So if you
1101
00:39:43,045 --> 00:39:45,684
in the evenings, everybody leaves, it's not being
1102
00:39:45,684 --> 00:39:47,950
used at night. As people log out, you
1103
00:39:47,950 --> 00:39:49,329
can also shut
1104
00:39:49,630 --> 00:39:50,289
down and
1105
00:39:50,670 --> 00:39:51,730
turn on VMs
1106
00:39:52,269 --> 00:39:54,590
based on utilization and usage to help with
1107
00:39:54,590 --> 00:39:56,769
some optimization there. So you're not leaving
1108
00:39:57,070 --> 00:39:59,789
24 VMs running twenty four seven. You'd scale
1109
00:39:59,789 --> 00:40:01,545
down and you have four of them running
1110
00:40:01,545 --> 00:40:03,704
overnight. As people start logging in in the
1111
00:40:03,704 --> 00:40:05,864
morning, you ramp up, turn them on as
1112
00:40:05,864 --> 00:40:07,784
needed. Then again, as they leave, you start
1113
00:40:07,784 --> 00:40:10,505
shutting them down as people are logging off,
1114
00:40:10,505 --> 00:40:12,425
headed home for the evenings. Yeah. It's it's
1115
00:40:12,425 --> 00:40:14,824
basically VM scale sets and some of the
1116
00:40:14,824 --> 00:40:16,125
things that come in there.
1117
00:40:16,500 --> 00:40:18,179
All available and ready to go. So you
1118
00:40:18,179 --> 00:40:19,940
get that up, get your compute running, get
1119
00:40:19,940 --> 00:40:21,860
your users on there while your users need
1120
00:40:21,860 --> 00:40:24,579
to connect. That's just the Windows app these
1121
00:40:24,579 --> 00:40:27,480
days, AKA the remote desktop client.
1122
00:40:27,860 --> 00:40:29,860
I always forget all the platforms it runs
1123
00:40:29,860 --> 00:40:32,074
on. So you know the other one that
1124
00:40:32,074 --> 00:40:33,514
I do as I mentioned about like I'm
1125
00:40:33,514 --> 00:40:35,194
on my personal laptop and maybe I go
1126
00:40:35,194 --> 00:40:38,234
into AVD through the Windows app. I also
1127
00:40:38,234 --> 00:40:40,875
have you know my iPad. Sometimes I go
1128
00:40:40,875 --> 00:40:42,635
in there through my iPad real quick too
1129
00:40:42,635 --> 00:40:44,554
if I can just jam something out and
1130
00:40:44,554 --> 00:40:47,150
get it done. So you've got remote desktop
1131
00:40:47,150 --> 00:40:49,009
connectivity and clients across
1132
00:40:49,630 --> 00:40:50,849
Windows, macOS,
1133
00:40:51,230 --> 00:40:51,730
iOS,
1134
00:40:52,109 --> 00:40:52,609
Android,
1135
00:40:52,909 --> 00:40:54,609
you know all that stuff's out there
1136
00:40:54,989 --> 00:40:56,909
ready to go for you. You probably have
1137
00:40:56,909 --> 00:40:59,355
to give your users some information like
1138
00:40:59,914 --> 00:41:01,594
you know, make sure you log in with
1139
00:41:01,594 --> 00:41:03,835
your organizational ID. So that way, the first
1140
00:41:03,835 --> 00:41:05,835
time you log in, it ties into your
1141
00:41:05,835 --> 00:41:06,335
workspace
1142
00:41:06,875 --> 00:41:07,695
or workspaces
1143
00:41:08,394 --> 00:41:10,155
and presents that back to you in that
1144
00:41:10,155 --> 00:41:11,835
client. Like, if you're in the Windows app,
1145
00:41:11,835 --> 00:41:13,355
you know, it'll just present you a bunch
1146
00:41:13,355 --> 00:41:14,175
of, like, accordion,
1147
00:41:14,589 --> 00:41:16,589
Hey. You've got access to this workspace, this
1148
00:41:16,589 --> 00:41:18,829
workspace, this workspace. And then within those, here's
1149
00:41:18,829 --> 00:41:19,329
your
1150
00:41:19,869 --> 00:41:21,949
your units of compute that are available to
1151
00:41:21,949 --> 00:41:23,710
you. Yep. You can also do it, Scott,
1152
00:41:23,710 --> 00:41:24,989
right in the browser. If you don't want
1153
00:41:24,989 --> 00:41:26,909
to install an application, you just want to
1154
00:41:26,909 --> 00:41:29,170
go to the browser, there is a
1155
00:41:29,630 --> 00:41:31,724
URL you can visit, log in via the
1156
00:41:31,724 --> 00:41:35,324
browser, and do your remote desktop right in
1157
00:41:35,324 --> 00:41:36,924
your browser as well. Yeah. I always forget
1158
00:41:36,924 --> 00:41:38,525
that one. Like, it's just easier for me
1159
00:41:38,525 --> 00:41:39,804
to have the app there and sign in,
1160
00:41:39,804 --> 00:41:42,204
and then your workspace is automatically tied into
1161
00:41:42,204 --> 00:41:44,500
it. I've I've gotten quite lazy in my
1162
00:41:44,500 --> 00:41:47,139
old age. Yes. And, fortunately, to now the
1163
00:41:47,139 --> 00:41:49,779
Windows app, if you have multiple tenants, because
1164
00:41:49,779 --> 00:41:51,460
that's the world I live in, you can
1165
00:41:51,460 --> 00:41:53,799
add multiple accounts and quickly flip
1166
00:41:54,099 --> 00:41:54,599
between
1167
00:41:55,074 --> 00:41:56,535
different accounts and
1168
00:41:56,914 --> 00:41:59,474
different m three sixty five environments, different a
1169
00:41:59,474 --> 00:42:02,275
d v AVD environments within the app too,
1170
00:42:02,275 --> 00:42:04,434
which is also a handy aspect to it.
1171
00:42:04,434 --> 00:42:05,715
Cool. Well, that was a little bit of
1172
00:42:05,715 --> 00:42:08,114
a whirlwind one and a long one for
1173
00:42:08,114 --> 00:42:08,855
us. So
1174
00:42:09,170 --> 00:42:10,769
thanks for those of you that are still
1175
00:42:10,769 --> 00:42:11,269
listening
1176
00:42:11,570 --> 00:42:12,070
and
1177
00:42:12,769 --> 00:42:13,269
sticking
1178
00:42:13,650 --> 00:42:14,469
with us.
1179
00:42:14,849 --> 00:42:16,550
And so we've got AVD
1180
00:42:16,930 --> 00:42:18,610
end to end. We'll have to see if
1181
00:42:18,610 --> 00:42:21,269
we can talk about some more VDI stuff
1182
00:42:21,969 --> 00:42:24,644
in the future here. But we'll have links
1183
00:42:24,644 --> 00:42:26,585
in the show notes for everybody to
1184
00:42:26,965 --> 00:42:28,184
go out and
1185
00:42:28,565 --> 00:42:29,065
listen.
1186
00:42:29,445 --> 00:42:31,525
As always, you can give us feedback and
1187
00:42:31,525 --> 00:42:34,664
questions via the website. We're on threads
1188
00:42:35,364 --> 00:42:36,105
at MSCloudITPro.
1189
00:42:37,590 --> 00:42:38,329
We're on
1190
00:42:39,190 --> 00:42:39,769
the Mastodon,
1191
00:42:40,390 --> 00:42:40,890
LinkedIn,
1192
00:42:41,349 --> 00:42:43,269
Facebook. Hit us up. Let let us know
1193
00:42:43,269 --> 00:42:44,390
what you want to do. Blue Sky. Come
1194
00:42:44,390 --> 00:42:45,829
on, Scott. Blue Sky. Blue Sky. That's where
1195
00:42:45,829 --> 00:42:47,590
I've seen I've had most of my interactions
1196
00:42:47,590 --> 00:42:49,269
lately on Blue Sky. Blue Sky is out
1197
00:42:49,269 --> 00:42:49,994
there as well.
1198
00:42:50,635 --> 00:42:52,235
Yeah. All the socials. You can find us
1199
00:42:52,235 --> 00:42:54,494
somewhere. All the all the socials.
1200
00:42:55,434 --> 00:42:57,775
Alright. Well, thank you, Scott. Enjoy
1201
00:42:58,474 --> 00:42:59,535
Seattle. Hopefully,
1202
00:42:59,835 --> 00:43:01,835
you get some nice weather out there, and
1203
00:43:01,835 --> 00:43:03,839
I will enjoy sunny, warm Florida. Well, it's
1204
00:43:03,839 --> 00:43:06,639
cold here. It's currently 22 degrees Fahrenheit. So,
1205
00:43:06,639 --> 00:43:09,839
like, we're Go skiing. By minus 10. Celsius
1206
00:43:09,839 --> 00:43:12,480
minus 10. It's it's cold. It's chilly. Alright.
1207
00:43:12,480 --> 00:43:15,039
Well, thanks. Enjoy. Stay warm, and we'll talk
1208
00:43:15,039 --> 00:43:16,465
to you again soon. Alright. Thanks,
1209
00:43:18,284 --> 00:43:20,684
bud. If you enjoyed the podcast, go leave
1210
00:43:20,684 --> 00:43:22,764
us a five star rating in iTunes. It
1211
00:43:22,764 --> 00:43:24,445
helps to get the word out so more
1212
00:43:24,445 --> 00:43:26,684
IT pros can learn about Office three sixty
1213
00:43:26,684 --> 00:43:27,585
five and Azure.
1214
00:43:28,125 --> 00:43:29,609
If you have any questions you want us
1215
00:43:29,609 --> 00:43:31,929
to address on the show, or feedback about
1216
00:43:31,929 --> 00:43:34,329
the show, feel free to reach out via
1217
00:43:34,329 --> 00:43:36,509
our website, Twitter, or Facebook.
1218
00:43:36,809 --> 00:43:38,650
Thanks again for listening, and have a great
1219
00:43:38,650 --> 00:43:39,150
day.
