Let's build some Session Hosts on the pool we created earlier. Session hosts are added to a pool by installing agents onto virtual machines using a registration key. So, the first step is to make sure that our host pool has a valid registration key. Click 'Registration Key' at the top. And as you can see, this pool no longer has a registration key, and it's not something to really be concerned about. The key is only used when adding a new session host to an existing host pool, and the session host will not expire when the key does. Click here to generate a new key. Now, you'll need to pick a date and time when the key will expire. If I was performing a monthly update and I needed to provision 300 VMS and I was going to do that over three days, I would make the key expire in three days. 

Now, once you've picked your date and time, click 'Okay'. And once the key has been generated and listed here, we don't need to do anything with it from the portal, but if you're using another deployment experience, you might need to copy it and paste, and I'll show you that later in the automation section. For now, close this panel on the right and click over here on your session hosts. Click 'Add' at the top. Notice on this first page that everything is grayed out. That's because this is information about the pool and we can't change that information when provisioning a host. So, click 'Next'. First, you'll need to select a resource group, and I'll take the defaults here, which is the resource group where our host pool is located. 

The name prefix is going to be the first part of the VM name followed by a dash and a number. I'll pick the prefix FirstPool, so the first VM that will be built is FirstPool-0. Another thing to keep in mind here is the Windows NetBios limitation of 15 character names. And because the portal will add a dash and a number at the end, you can only use 11 characters in your prefix. For the location, I'll use the East US, which is where my host pool is located. Then we have our availability options, and this refers to the availability zone or the availability set, or no availability option at all. And if you're going to do a very large deployment and get past the 200 VM per deployment limit, that's when you'd use the no infrastructure redundancy option. 

For this example, I'll just leave it on availability zone and select Zone 1 and scroll down. The security type is the option between standard and trusted launch. Trusted launch will require Gen 2 virtual machines and will use TPM authentication to secure your boot process. For this example though, we'll just use standard. The image type will come from our gallery, and if you click the dropdown for the image, you'll see we have a lot to choose from. For this example, I'll use Windows 11 multi-session + M365 Apps. The VM size of 2 core and 8 gig of RAM is fine for this example, just be sure that when you pick your VM size, you've selected one that best fits your needs. I'll choose the provision three virtual machines session hosts. Again, pick the VM that matches your user density options, so you can meet your total user requirements in your scenario for that VM size.

For the disk type, it is recommended that all production workloads use premium SSDs. With that said, I found that the performance requirements for standard are generally fine for personal host pools. However, pooled host pools must have premium SSDs since we'll have multiple users accessing and writing data to that disc at the same time, and you'll need all the performance you can get. For the boot diagnostics, we'll leave this on enabled with manage storage and scroll down. I'll select a virtual network and subnet that I've already allocated for this solution, and from my network security groups, I'll set that to none since I've already got an NSG attached to the subnet directly. 

For the domain join options, we have two choices: Azure Active Directory or Active Directory. If you want to go with the hybrid option, choose Active Directory here and then your group policies will do the rest. I'll just use Azure Active Directory join in this example, and I'll choose to enroll my VMS with Intune. Just be aware that Intune does have its own licensing requirements, but we won't be covering that in this course. Next, we'll need to add our virtual machine local administrator account and password. And once you're done with all of that, click 'Next'. On the Advanced screen, check the box to enable diagnostics and then select your log analytics workspace, and this should be the same workspace where you're sending your host pool data. 

Then, click 'Next'. Add all of your standard tags like we've done before, then click 'Next'. Verify that everything looks good on this review screen and then click 'Create'. Once the build is done, you can come back to your host pool screen and you can see we now have three total virtual machine session hosts and zero are unavailable. And if you click on that, you can see the names of our three VMs. Over in Azure Active Directory in the devices section, you can see all three of my devices have been Azure AD joined and registered with the MDM solution of Microsoft Intune.