This blog article is throwback to the session I did at the MCT Summit in The Hague. The Windows 365 session was an eye-opener for organizations of all sizes and setups. It demonstrated how easy it is to implement Windows 365 and how it can benefit any organization. In this write-up, we will cover the basics of Windows 365 and the easy setup process.
Gone are the days when Windows was consumed solely from a native PC. I still remember the day when the first PC arrived at our home. I finally got my hands on the glory of Windows XP.
The first step towards virtualization was evolutionary. We introduced system administrators to the flexibility and control of their environment beyond the physical. Azure Virtual Desktop, formerly known as Windows Virtual Desktop, was a gamechanger.
Today, a whole new option presents itself: Windows 365, or the Cloud PC. This option has a specific focus on experience, more importantly end-user experience. It takes into account that the end-user of this solution is not solely the consumer. The system administrator that needs to configure and maintain it, also plays a big part.
How do I integrate this with my current environment?
One of the most frequently asked questions I receive is “How can we integrate this into our existing environment?”. The answer is simple: How are you doing this today? Depending on your current environment, there are three main architectures you can use.
The first option is to host the full solution in the Microsoft subscription and utilize the Microsoft Hosted Network. The option to connect to on-premises resources with something like a split-tunnel VPN is still valid.
The second option utilizes something we call an Azure Network Connection. It basically allows you to connect your Cloud PC to a vNET that exists within your Azure subscription. You can connect this vNET through a site-to-site VPN or even an ExpressRoute.
For our third option, we take it one step further. You can create a computer object in your AD and manage it as if it were an on-premises device. This allows for SCCM to perform the device management. This requires a line-of-sight from your vNET, that we specified in the ANC (Azure Network Connection), to your domain controller. You need to specify some additional information to allow the computer object to be created in the relevant organizational unit.
The provisioning policy
If you want to set up a Cloud PC, you need to create a provisioning policy first. This policy defines everything about your Cloud PC, such as its name, description, and features. One of the most important choices you have to make is whether to use Enterprise or Frontline.
How do you decide? Well, it depends on how many Cloud PCs you and concurrent sessions you need. The Frontline license gives you three Cloud PCs for the price of one, but only one session at a time.
For example, you have 300 workers who need a Cloud PCs. But only 100 of them will use it at the same time. This allows you to save money by choosing 100 Windows 365 Frontline licenses.
Another important choice in the provisioning policy is your “Join type details”. This refers to the network architecture you want to use: Microsoft Hosted Network, Microsoft Entra Join with your own vNET, or Hybrid Microsoft Entra Join. I have explained these options above. You can enable the single sign-on checkbox if you use the Microsoft Entra Join or if you have a Cloud Kerberos Trust with the Hybrid Microsoft Entra Join.
After clicking next, you get the option to choose a gallery image or a custom image. It is always recommended to go with the gallery images. These are created and maintained by Microsoft. Providing you with optimized images for the Cloud PC.
The final step before applying the provisioning policy is to configure some settings. You can choose the language and region for the Cloud PC, create a naming template, and opt to enroll the device in Windows Autopatch. This is a service that I will cover in a future blog post.
Easy-peazy!
That’s it! Were done! The provisioning policy will check if the assigned group has some licenses. Afterwards, it will start spinning up the relevant Cloud PC. As you see, the entire process is as easy as one-two-three!
Leave a Reply