Designing for Azure Virtual Desktop User Identities and Profiles
The course is part of this learning path
An important aspect of designing an Azure Virtual Desktop (AVD) environment is ensuring you understand user identities and profiles. To get the most out of this cloud-hosted service, it is important to ensure our user identities are fully secure and integrated with the storage solutions you use for user profiles. This will in turn give a much better experience for your users.
AVD allows organizations to set up redundant, scalable, and agile environments that offer the following key capabilities:
- Integration with both cloud and on-premises identity and access management solutions
- Configuring Azure native and 3rd party storage solutions to facilitate user profiles
- Complete licensing solution that covers both Azure Virtual Desktop and Microsoft 365 SaaS services
From an identity perspective, you can synchronize your Azure cloud identities with on-premises Active Directory. This allows you to utilize hybrid join for your Azure Virtual Desktop session hosts and integrate your user profiles with Group Policy.
This course will help you design and plan your Azure Virtual Desktop identity and user profiles and allow you to understand how it integrates with other Azure services. It covers understanding choosing the appropriate licensing model, looking at the different storage solutions available, planning for user profiles, and planning for Azure AD Connect for identities.
- Select an appropriate licensing model for Azure Virtual Desktop based on requirements
- Recommend an appropriate storage solution (including Azure NetApp Files vs. Azure Files)
- Planning for Azure Virtual Desktop client deployment
- Planning for user profiles
- Recommending a solution for network connectivity
- Planning for Azure AD Connect for user identities
This course is intended for anyone who wants to become an Azure Virtual Desktop Specialist and is preparing to take the AZ-140 exam.
If you wish to get the most out of this course, it is recommended that you have a good understanding of Azure Administration, however, this is not essential.
We have covered several important topics in this course. First, we covered selecting an appropriate licensing model for Azure Virtual Desktop where we looked at an overview of AVD licensing, then introduced the concept of 'Bring Your Own License', or BYOL. This had two variants, the first being Virtual Desktop BYOL and the second being Application Streaming BYOL.
Next, we discussed recommending an appropriate storage solution, where we covered an overview of Azure Files and its features. We then discussed Azure NetApp Files and its features, and finally did a comparison of both where we compared the features and looked at the use cases that could fit both services. The third module in this course looked at planning for Azure Virtual Desktop Client Deployment. Here we discussed an overview of the required clients to be able to connect from various operating systems. Finally, we looked at the supported browsers for the web client.
We then moved on to looking at planning for user profiles. In this module, we looked at storage options for user profiles in Azure Virtual Desktop, FSLogix for Profile Containers, and FSLogix for Office Containers. In the next module for this course we looked at recommending a solution for network connectivity. We started off by looking at some recommendations for virtual networks, then discussed Azure VPN Gateway and ExpressRoute where we compared their features.
Finally, we talked about some best practice recommendations for network connectivity. In the final module of this course we talked about planning for Azure AD Connect for user identities. Here we started off by discussing what Azure AD Connect is, then looked at some of the different synchronization features, including password hash, pass-through authentication and AD FS. Finally we looked at the use cases that fit each of these synchronization options.
Shabaz Darr is a Senior Infrastructure Specialist at Netcompany based in the UK. He has 15 years plus experience working in the IT industry, 7 of those he has spent working with Microsoft Cloud Technologies in general, with a focus on MEM and IaaS. Shabaz is a Microsoft MVP in Enterprise Mobility with certifications in Azure Administration and Azure Virtual Desktop. During his time working with Microsoft Cloud, Shabaz has helped multiple public and private sector clients in the UK with designing and implementing secure Azure Virtual Desktop environments.