This article is a 5th and last part of a series regarding WVD deployment.

Previous articles from the series could be found here:

  1. https://www.azureblog.pl/2020/09/19/windows-virtual-desktop-deployment-1-5/
  2. https://www.azureblog.pl/2020/10/07/windows-virtual-desktop-deployment-2-5/
  3. https://www.azureblog.pl/2020/10/09/windows-virtual-desktop-deployment-3-5/
  4. https://www.azureblog.pl/2020/11/15/windows-virtual-desktop-deployment-4-5/

Today I’d like to walk you through the custom image optimization using:

  • Prerequisites
  • OS Configuration
  • Template Creation
  • VMSS Deployment
  • Environment test

Prerequisites

Before we proceed, please deploy 1 VM described below:

  1. VM1OS: Windows 10 Enterprise multi-session, Version 2004., Disk Type: Managed
  2. Authentication source: Azure AD DS / Active Directory synchronized with Azure AD
  3. WVD environment: Host Pool, Application Pool, and Workspace

OS Configuration

We should start by accessing our VM1, so please log in there and download this file:

https://github.com/przybylskirobert/WVD/blob/master/4_VMSS_GoldenImage_configuration_steps.ps1

Variables configuration

Open your favorite code editor (I bet it will be PowerShell ISE) and open the ps1 file

Start from running region called Variables

#region Variables
$verboseSettings = $VerbosePreference
$VerbosePreference = 'Continue'
$toolsPath = "C:\Tools"
$agentURL = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv"
$agentMSI = "Microsoft.RDInfra.RDAgent.Installer-x64-1.0.2548.6500.msi"
$agentMSIPath = "$toolsPath\$agentMSI"
$bootLoaderURL = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH"
$bootLoaderMSI = "Microsoft.RDInfra.RDAgentBootLoader.Installer-x64.msi"
$bootLoaderMSIPath = "$toolsPath\$bootLoaderMSI"
#endregion

Variables declaration

As you can see, this was just a simple variables assignment

Agents Installation

The next step is to download tools and install them using the following code

#region agents installation
$toolsTest = Test-Path -Path $toolsPath
if ($toolsTest -eq $false){
    Write-Verbose "Creating '$toolsPath' directory"
    New-Item -ItemType Directory -Path $toolsPath | Out-Null
}
else {
    Write-Verbose "Directory '$toolsPath' already exists."
}
Write-Verbose "Downloading '$agentURL' into '$agentMSIPath '"
Invoke-WebRequest -Uri $agentURL -OutFile $agentMSIPath 
Write-Verbose "Downloading '$bootLoaderURL' into '$bootLoaderMSIPath'"
Invoke-WebRequest -Uri $bootLoaderURL -OutFile $bootLoaderMSIPath

Set-Location "$toolsPath"
. .\$agentMSI
Start-Sleep -Seconds 60
. .\$bootLoaderMSI
#endregion

When script will run you should see the installer screen

Agents download and run

Host Pool Registration Key

Now we need to do a kind of dance between the azure portal and our VM1

From Azure Portal, we need to get the registration key for our WVD host pool

Host Pool registration key

All you need to do is to copy the registration key.

Agents Configuration

Go back to the VM1 and see that you have two installers opened:

  1. Remote Desktop Services Infrastructure Agent Setup
  2. Remote Desktop Agent Boot Loader Setup

First, let’s focus on the Remote Desktop Services Infrastructure Agent Setup and click enter until you see this screen.

RDS Infrastructure Agent setup

Replace INVALID_TOKEN with the registration key taken from your host pool and click next.

Continue the installation until done

RDS Infrastructure Agent setup

Now go to the 2nd installer Remote Desktop Agent Boot Loader Setup, and install.

RDS Infrastructure Agent Boot Loader setup

So we have successfully installed the required agents in order to make our VM working under the host pool.
You should see this VM under your host pool.

WVD Host Pool Session host overview.

Do not delete this object!!!

This is a ‘link’ between our golden image and host pool. In the next steps, we will deploy VMSS using this image, so it will change to our VMSS name after a while.

LOB applications installation

After agents installation, you can follow the standard procedure regarding Golden Image creation.
Install all required applications and go to the next step

Sysprep

When everything is done, and you are 100% sure that it will work, you can run Sysprep.
Remember to use Generalize and Shutdown options.

Sysprep configuration

When VM1 will shutdown, this is all from the golden image perspective.

Image creation

The next step is to create an image – described here https://www.azureblog.pl/2020/10/09/windows-virtual-desktop-deployment-3-5/

Template Creation

Now it is time to deploy VMSS.

But how can we do it?

I guess you might think that is so easy – just find VMSS, use our golden image, and done.

And that is right it will work, but only if you don’t need Domain Authentication 🙂

The solution for VMSS deployment is to use a custom made template for deployment. Why custom? Because we will use an extension to add our VMSS to our domain.

The process overview below

VMSS deployment process for WVD usage

For template creation, we will use Azure templates available here:

https://portal.azure.com/#blade/HubsExtension/BrowseResourceBlade/resourceType/Microsoft.Gallery%2Fmyareas%2Fgalleryitems

Click New and fill the required fields (Name, Description)

Template creation

After clicking OK, we will be moved to the ARM template screen. Please remove the pre-configured and then paste the code available here: https://github.com/przybylskirobert/WVD/blob/master/VMSS_deployment_template.json

ARM template configuration

The last step is to click Add to save our template.

After a while, we should be able to see our template on the list

Azure Templates list

VMSS Deployment

We are almost at the end of our trip today.

Now we need to deploy the template. So just go to Azure Templates (in preview), find the one that we want to deploy, and click Deploy.

Template deployment

On a Custom deployment screen, you need to fill in all required parameters. 

Personally, I like to speed up things, so I have prepared a parameters file that we can use 🙂

File is available here: https://github.com/przybylskirobert/WVD/blob/master/VMSS_deployment_parameters.json

On a Custom deployment screen, click Edit parameters.

Custom deployment configuration

Remove code and paste new code from the GitHub link above.

Change the following placeholders with your actual data:

  • {Subscription} – Subscription ID
  • {ImageResourceGroup} – Resource group name where you have the image file.
  • {Image} – Image name
  • {ResourceGroup} – Resource group name where you have virtual network deployed
  • {VirtualNetwork} – Virtual network name where WVD session host should be placed
  • {Subnet} – Subnet name where WVD session host should be placed
  • {NetworkSecurityGroup} – Network security group that should be configured on the NIC level

Click Save to finish.

Template parameters configuration

Before opening Champagne, we need to modify something within this parameter.

  1. Resource group name: rg-wvd-neu
  2. Admin Username: in my case Sysop
  3. Admin Password: 🙂
  4. Domain Name: this was preconfigured under parameters file provide FQDN of your domain
  5. OUDN: this was preconfigured under parameters file, provide DistinguishedName
  6. Domain And Username: This is important to use NETBIOS\username (LAB\domop)
  7. Domain Join Password: Self-explanatory 🙂

When you fill in all the required parameters, you should see a screen like this:

Custom deployment parameters
Custom deployment parameters

Click Purchase, and if we didn’t make any mistake after a while we should see VMSS deployed under our Host Pool

After the deployment, you should see VMSS deployed under your rg-wvd-neu resource group.

VMSS deployed under the resource group


You should also be able to see two nodes from our VMSS under your Host Pool / Session host tab

WVD Host pool session hosts overview

Environment test

Now it is time to log in to the WVD environment and test 🙂

WVD WMSS usage

So this is the end of our series of WVD articles.
I hope that you like it and that you used it.

2 Comments

  1. Thanks for the above post.
    Having an issue whereby only the last VMSS VM gets registered into the Host Pool, it sort of “steals” the registration of the other machines.
    Did you come across this too, or maybe I’ve done something wrong.

  2. This looks to be quite simple to implement but I am having issues with template referring to your subscription but no mention of your subscription ID in the json.
    Do you know where i am going wroong
    he client has permission to perform action ‘Microsoft.Compute/images/read’ on scope ‘/subscriptions/d8a0cff5-207d-resourcegroups/wvd_session_hosts/providers/Microsoft.Compute/virtualMachineScaleSets/wvd-vmss’, however the current tenant ‘426d55e4-f190- is not authorized to access linked subscription ‘4e4eec1a-a20f-411e-a026-9690737e4538’.

Write A Comment