This article is a 5th and last part of a series regarding WVD deployment.

Previous articles from the series could be found here:

1. https://www.azureblog.pl/2020/09/19/windows-virtual-desktop-deployment-1-5/
2. https://www.azureblog.pl/2020/10/07/windows-virtual-desktop-deployment-2-5/
3. https://www.azureblog.pl/2020/10/09/windows-virtual-desktop-deployment-3-5/
4. https://www.azureblog.pl/2020/11/15/windows-virtual-desktop-deployment-4-5/

Today I’d like to walk you through the custom image optimization using:

• Prerequisites
• OS Configuration
• Template Creation
• VMSS Deployment
• Environment test

Prerequisites

Before we proceed, please deploy 1 VM described below:

1. VM1: OS: Windows 10 Enterprise multi-session, Version 2004., Disk Type: Managed
2. Authentication source: Azure AD DS / Active Directory synchronized with Azure AD
3. WVD environment: Host Pool, Application Pool, and Workspace

OS Configuration

We should start by accessing our VM1, so please log in there and download this file:

https://github.com/przybylskirobert/WVD/blob/master/4_VMSS_GoldenImage_configuration_steps.ps1

Variables configuration

Open your favorite code editor (I bet it will be PowerShell ISE) and open the ps1 file

Start from running region called Variables

#region Variables
$verboseSettings = $VerbosePreference
$VerbosePreference = 'Continue'
$toolsPath = "C:\Tools"
$agentURL = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv"
$agentMSI = "Microsoft.RDInfra.RDAgent.Installer-x64-1.0.2548.6500.msi"
$agentMSIPath = "$toolsPath\$agentMSI"
$bootLoaderURL = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH"
$bootLoaderMSI = "Microsoft.RDInfra.RDAgentBootLoader.Installer-x64.msi"
$bootLoaderMSIPath = "$toolsPath\$bootLoaderMSI"
#endregion

As you can see, this was just a simple variables assignment

Agents Installation

The next step is to download tools and install them using the following code

#region agents installation
$toolsTest = Test-Path -Path $toolsPath
if ($toolsTest -eq $false){
    Write-Verbose "Creating '$toolsPath' directory"
    New-Item -ItemType Directory -Path $toolsPath | Out-Null
}
else {
    Write-Verbose "Directory '$toolsPath' already exists."
}
Write-Verbose "Downloading '$agentURL' into '$agentMSIPath '"
Invoke-WebRequest -Uri $agentURL -OutFile $agentMSIPath 
Write-Verbose "Downloading '$bootLoaderURL' into '$bootLoaderMSIPath'"
Invoke-WebRequest -Uri $bootLoaderURL -OutFile $bootLoaderMSIPath

Set-Location "$toolsPath"
. .\$agentMSI
Start-Sleep -Seconds 60
. .\$bootLoaderMSI
#endregion

When script will run you should see the installer screen

Host Pool Registration Key

Now we need to do a kind of dance between the azure portal and our VM1

From Azure Portal, we need to get the registration key for our WVD host pool

All you need to do is to copy the registration key.

Agents Configuration

Go back to the VM1 and see that you have two installers opened:

1. Remote Desktop Services Infrastructure Agent Setup
2. Remote Desktop Agent Boot Loader Setup

First, let’s focus on the Remote Desktop Services Infrastructure Agent Setup and click enter until you see this screen.

Replace INVALID_TOKEN with the registration key taken from your host pool and click next.

Continue the installation until done

Now go to the 2nd installer Remote Desktop Agent Boot Loader Setup, and install.

So we have successfully installed the required agents in order to make our VM working under the host pool.
You should see this VM under your host pool.

Do not delete this object!!!

This is a ‘link’ between our golden image and host pool. In the next steps, we will deploy VMSS using this image, so it will change to our VMSS name after a while.

LOB applications installation

After agents installation, you can follow the standard procedure regarding Golden Image creation.
Install all required applications and go to the next step

Sysprep

When everything is done, and you are 100% sure that it will work, you can run Sysprep.
Remember to use Generalize and Shutdown options.

When VM1 will shutdown, this is all from the golden image perspective.

Image creation

The next step is to create an image – described here https://www.azureblog.pl/2020/10/09/windows-virtual-desktop-deployment-3-5/

Template Creation

Now it is time to deploy VMSS.

But how can we do it?

I guess you might think that is so easy – just find VMSS, use our golden image, and done.

And that is right it will work, but only if you don’t need Domain Authentication 🙂

The solution for VMSS deployment is to use a custom made template for deployment. Why custom? Because we will use an extension to add our VMSS to our domain.

The process overview below

For template creation, we will use Azure templates available here:

https://portal.azure.com/#blade/HubsExtension/BrowseResourceBlade/resourceType/Microsoft.Gallery%2Fmyareas%2Fgalleryitems

Click New and fill the required fields (Name, Description)

After clicking OK, we will be moved to the ARM template screen. Please remove the pre-configured and then paste the code available here: https://github.com/przybylskirobert/WVD/blob/master/VMSS_deployment_template.json

The last step is to click Add to save our template.

After a while, we should be able to see our template on the list

VMSS Deployment

We are almost at the end of our trip today.

Now we need to deploy the template. So just go to Azure Templates (in preview), find the one that we want to deploy, and click Deploy.

On a Custom deployment screen, you need to fill in all required parameters. 

Personally, I like to speed up things, so I have prepared a parameters file that we can use 🙂

File is available here: https://github.com/przybylskirobert/WVD/blob/master/VMSS_deployment_parameters.json

On a Custom deployment screen, click Edit parameters.

Remove code and paste new code from the GitHub link above.

Change the following placeholders with your actual data:

• {Subscription} – Subscription ID
• {ImageResourceGroup} – Resource group name where you have the image file.
• {Image} – Image name
• {ResourceGroup} – Resource group name where you have virtual network deployed
• {VirtualNetwork} – Virtual network name where WVD session host should be placed
• {Subnet} – Subnet name where WVD session host should be placed
• {NetworkSecurityGroup} – Network security group that should be configured on the NIC level

Click Save to finish.

Before opening Champagne, we need to modify something within this parameter.

1. Resource group name: rg-wvd-neu
2. Admin Username: in my case Sysop
3. Admin Password: 🙂
4. Domain Name: this was preconfigured under parameters file provide FQDN of your domain
5. OUDN: this was preconfigured under parameters file, provide DistinguishedName
6. Domain And Username: This is important to use NETBIOS\username (LAB\domop)
7. Domain Join Password: Self-explanatory 🙂

When you fill in all the required parameters, you should see a screen like this:

Click Purchase, and if we didn’t make any mistake after a while we should see VMSS deployed under our Host Pool

After the deployment, you should see VMSS deployed under your rg-wvd-neu resource group.

You should also be able to see two nodes from our VMSS under your Host Pool / Session host tab

Environment test

Now it is time to log in to the WVD environment and test 🙂

So this is the end of our series of WVD articles.
I hope that you like it and that you used it.