Microsoft Azure Remote Desktop
Description Use the Microsoft Remote Desktop app to connect to a remote PC or virtual apps and desktops made available by your admin. The app helps you be productive no matter where you are. Getting Started Configure your PC for remote access first. RDS license – to run Remote Desktop Services (RDS) in Azure, you need to obtain an RDS license either through a SPLA agreement or through your CSP Provider using CSP Software Subscriptions.
What is Microsoft Azure RemoteApp?
Microsoft Azure RemoteApp allows employees to work remotely, via any internet-based device, while business applications are run on a Windows server in the Azure cloud.
End-of-Life announcement of Microsoft Azure RemoteApp
Back in August 2016, Microsoft announced the End-of-Life of Microsoft Azure RemoteApp. Microsoft also announced that Microsoft Azure RemoteApp would no longer be sold to new customers after October 2016, but they continued to support their existing customers until the end of August 2017. From then on, Microsoft Azure RemoteApp hasn’t been available.
Does Microsoft have any plans in the pipeline for a new RemoteApp?
Microsoft announced their partnership with Citrix and that they are working together to develop the next generation of the Azure RemoteApp service: the new Citrix Virtual Apps (formerly Citrix XenApp) Essentials Service (previously XenApp “express”). Citrix will improve upon Microsoft’s vision of Azure RemoteApp by using their Citrix Virtual Apps (formerly Citrix XenApp) technology to provide additional management, user experience, and security features.
What does this mean for Microsoft Azure RemoteApp customers?
Most organizations would be required to move their apps to the cloud, as well as move their supporting infrastructure. While many suggest Citrix Virtual Apps (formerly Citrix XenApp) Essentials as a preferred replacement service, Parallels® Remote Application Server (RAS) can offer several advantages—and it is a better alternative already today.
Citrix solutions are quite costly, and users moving to Citrix Virtual Apps (formerly Citrix XenApp) Essentials would have to deal with all these challenges as well.
Parallels® has already assisted many organizations in the migration from Citrix Virtual Apps (formerly Citrix XenApp) to Parallels RAS. Our solution is cost-effective and simple. Parallels RAS offers the same features as Citrix Virtual Apps (formerly Citrix XenApp)—and many more—while simplifying the migration process for IT managers.
Three good reasons to choose Parallels RAS over Citrix Virtual Apps (formerly Citrix XenApp) Essential
Pricing
Parallels RAS is offered by subscription or in SPLA. The subscription list price per concurrent user per year is $99.99, or $8.33 per user per month. This makes Parallels RAS over 30% more cost-effective than Citrix Virtual Apps (formerly Citrix XenApp) Essentials (when no Citrix add-ons are considered).
Testing and Trial
In general, Citrix does not provide free trials for any of the Essentials services. Customers have to buy the minimum quantity from Azure Marketplace (25 users), which comes to $456.25 (without including Azure compute costs). Citrix only allows trials of Citrix Virtual Apps (formerly Citrix XenApp) Essentials as an exception and on a limited basis. Citrix will evaluate each request and reach out to customers as the trial is available to them.
With Parallels RAS, access to trials is granted instantly, providing any customer a free 30-day trial period for 50 concurrent users, with access to all features and functions. Trial experience from Azure Marketplace can be accessed from the Azure marketplace.
Licensing
Citrix provides different licenses for different functionalities. Citrix cloud-based deployment options are: Azure Marketplace Citrix Virtual Apps (formerly Citrix XenApp) Essentials; Azure Marketplace Citrix Virtual Apps and Desktop (formerly Citrix XenDesktop) Essentials; traditional Citrix Virtual Apps (formerly Citrix XenApp) or Citrix Virtual Apps and Desktop (formerly Citrix XenDesktop) deployed separately in the cloud; Citrix Cloud Citrix Virtual Apps (formerly Citrix XenApp) Service; and Citrix Virtual Apps and Desktop (formerly Citrix XenDesktop) Service.
With Parallels RAS, all features are provided with an all-in-one license. This eliminates the complexity of evaluating which license best suits your business needs and provides enterprise features to any company—no matter the size—out of the box.
References
Azure Windows Virtual Desktop (WVD) is fast-becoming the solution of choice for organisations looking for a reliable, secure and cost-efficient solution to remote working. Accessible and affordable for all businesses, it’s easier to set up and manage than a traditional virtual desktop solution.
If you’re the IT lead in your organisation, this latest blog post on Azure WVD provides high-level guidance on the day-to-day management of Microsoft’s best-in-class solution. It follows on from our posts on How to implement Azure WVD and How to optimise the cost and performance of Azure WVD.
Whether you’re looking for a virtual desktop or remote app solution or have already set up Azure WVD, read on or contact us for a free discussion. We are Microsoft Azure Gold partners and one of our certified Azure consultants will be happy to advise you.
Azure WVD key management tasks
Once you’ve set up Azure WVD, we’ve identified a number of key management tasks to keep the environment performing at its best, including how to:
- Administer Group Policy
- Manage images
- Update your desktops and applications or deploy new applications
- Validate updates before users access them
- Add or remove session hosts from the host pool
- Create new host pools
- Monitor and receive alerts for the environment
- Backup the environment
1. Administer Group Policy
Settings for user and computer objects in Active Directory Domain Services (AD DS) are managed using Group Policy Objects (GPOs). If you are using a domain controller (whether that be an Azure virtual machine or an on-prem one accessed via a site-to-site VPN) to domain join the WVD session hosts to, then you can control them with Group Policy on the domain controller.
If you’re using Azure AD DS instead of a domain controller, you can manage Group Policy by installing Group Policy Management Tools on a domain-joined Windows server. These settings will synchronise with the Azure AD DS service so that you could then shut down your virtual machine until you next need to implement changes.
Azure AD DS includes built-in GPOs for the AADDC users and AADDC computer containers. You can customise these built-in GPOs to configure Group Policy as needed for your environment. Members of the Azure AD DC administrators group have Group Policy administration privileges in the Azure AD DS domain and can also create custom Group Policy Objects (GPOs) and Organisational Units (OUs). This useful article from Microsoft explains in more detail how to create and manage Group Policy in Azure AD Domain Services.
2. Manage images
Creating the image that you use to deploy your WVD session hosts from is the most time-consuming element of managing WVD. Read our blog post about how to implement Azure Windows Virtual Desktop (WVD) for more details on creating images. Once you have the image, deploying session hosts from it is straightforward. Having put the effort into creating the images, you need to put some care into managing them.
Provided that you have a fairly simple set up, you can manage images manually with your own naming system while deleting older ones that you no longer need. However, if you have a larger, more complex set up, with host pools in multiple geographies or host pools with large numbers of session hosts, then you can use the Shared Image Gallery. This is a good way to organise images and offers a number of benefits:
- Replication to other regions: If you’ve deployed host pools on different continents, you can replicate images to those regions and keep them up to date, so that your session hosts all use the same one.
- Deploy at scale: If your host pool has 20 or more session hosts, then it is recommended to have multiple copies of the image. One managed image supports up to 20 simultaneous deployments. Attempting to create more than 20 virtual machines concurrently, from the same managed image, may result in provisioning timeouts due to the storage performance limitations of a single virtual hard disk (VHD). To create more than 20 virtual machines concurrently, use a Shared Image Galleries image configured with one replica for every 20 concurrent virtual machine deployments. Take a look at Microsoft’s article on Shared Image Galleries for a good overview of this service.
3. Update the desktop and applications or deploy new applications
By default users don’t have the ability to re-start the virtual desktop to apply any Windows 10 updates – and you wouldn’t want this as it would re-start the session host and thus kick off any other users on it. By default users do, however, have the ability to check for Windows 10 updates and download and install them. You can of course use Group Policy to control this as you wish, and it is wise to only allow IT admin staff to manage updates.
You can patch or update your Windows 10 virtual desktop sessions by signing into each session host with an admin account. Alternatively, you can create a new image with all the updates and re-deploy to the host pool.
We advise updating session hosts with Windows patches and potentially updating applications on a monthly basis. Occasionally, you may also need to add a new application and we recommend the following approach:
- update the image including Windows and application patches and any new applications.
- add new session hosts created from the updated image to the host pool.
- remove the session hosts with the “old” image from the host pool.
You can update the image by creating a new Azure virtual machine from it, make the updates to this virtual machine, then create the updated image from this virtual machine. See below for how to add and remove session hosts.
4. Validate updates before users access them
Before rolling out updated images to all your users, you can test them in the host pool by signing into it. To have control of which session host you sign into, you’ll need to temporarily change the drain mode settings on the other session hosts to “On”. If they’re running, this prevents them from accepting any new user sessions. Alternatively, if they’re not needed by other users, you can shut them down.
The other option is to set up an additional host pool as a validation environment. You can use this for two purposes:
a. The Azure WVD service itself is updated at least every month and targets validation environments first. It means that you can use the validation environment to test and spot problems with Azure WVD service updates before they are applied to your production environment.
b. When you update your image you can test it in the validation environment first.
Ideally, your validation environment should be identical to that used for production and you’ll need users to regularly access it. It can simply be a regular host pool marked as a validation environment and one that is used all the time by a subset of your users such as your IT staff.
It’s worth noting that there’s a cost attached to the validation environment as you pay for the session hosts in the same way as the main pool.
For further guidance on any aspect of managing your Azure environment, contact us for a free consultation. Our Azure WVD specialists will be happy to help.
5. Add or remove session hosts from the host pool
If, for instance, you currently have 30 users spread over five session hosts in your host pool, and now need to add capacity for another 12 users, then you’d need to add another two session hosts to the host pool.
In the Azure portal, adding or removing session hosts couldn’t be simpler. To add a session host, in the session hosts blade:
- Click to add new ones.
- Enter the quantity.
- Select the image from which you wish to create these.
NB This must be the same image that you used to create the existing session hosts.
Similarly, if the number of users who need a virtual desktop has decreased and you now have more session hosts than you permanently need, you can remove them. For example, if you simply want to decrease the number of session hosts by one:
- Switch on drain mode for the session host that you want to remove to stop any new connections to it.
- Force a log-off or wait for users to do so.
- Click the Remove button on the session host blade.
- Shut down and delete the virtual machine, its OS disk and network interface.
6. Create new host pools
There are a number of reasons for creating a new host pool in addition to those you already have:
- Your organisation may have a new set of users in a different geographical location and you need a host pool that’s local to them either for performance or data residency reasons.
- You may want to provide a set of users with a more or less powerful PC or a different set of applications, while other users continue with their existing PCs in the first host pool.
- You may have a set of users for which you want to apply a different auto-scaling schedule – read our blog post on How to optimise the cost and performance of Azure WVD for more about auto-scaling.
One of the advantages of the Azure portal is that you can create as many host pools as you like, and once a host pool is set up, creating another one is quick and simple. Go to the host pool blade, click to add another one, then go through the wizard.
If you’re deploying a new host pool in a different Azure region but using the same image, the image needs to be available in the target region so that you can deploy session hosts from it. Simply go to the Shared Image Gallery and replicate the image to your target region.
If you’re creating a new host pool to provide a group of users with a new application, then you’ll need to update your image accordingly and deploy the new host pool using that image.
7. Monitor and receive alerts
If you have a large or complex Azure WVD environment, you’ll benefit from setting up monitoring and alerts. This can be done using Microsoft’s Azure Monitor for Windows Virtual Desktop, an out-of-the box solution that’s currently in public preview.
Microsoft Azure Remote Desktop Software
Relatively straightforward to set up, it will help you optimise cost and performance and assist with trouble-shooting. Further, the only cost associated with Azure Monitor is the Log Analytics Workspace and once set up it gives you dashboards covering:
- connection diagnostics
- connection performance
- host diagnostics
- host performance
- user report
- utilisation report
- client report
Watch this Azure Monitor Insights video from Microsoft’s Azure Academy for guidance on how to set it up.
8. Back-up the environment
The main elements of your WVD set-up that need to be backed up are the images, session hosts and the FSLogix user profiles. You should also back up domain controllers, file servers and any other systems and data that your virtual desktop sessions are accessing.
Session hosts are disposable, so there’s no need to back them up. However, the images you’ve created are vital for creating new session hosts and we recommend that you protect them. By default, Azure keeps at least three copies of your images, however this won’t prevent accidental deletion, which also deletes the replicas. To protect against this, set up a Deletion Lock in the Azure portal:
- Go to the image blade.
- Click on Locks to set it up.
- Remove the Lock first if you do want to delete the image.
Azure doesn’t offer a way to back up the image itself, therefore the best work around for this is to take a snapshot of the OS disk of the virtual machine being used to create the image just before it is sysprepped and the image captured. If you need to re-create this image, you can use the snapshot to create a managed disk from it. You can then create a virtual machine from the OS disk, then sysprep and capture the image. The advantage of doing this is that if something goes wrong during sysprep, you can roll back to the snapshot and try again.
To back up the FSLogix user profiles you can use Azure Backup which can back up Azure Files, where we usually recommend you save the profiles.
If you’d like to know more about managing Azure WVD or you would like further details regarding Azure WVD pricing, please contact us for a free discussion with one of our certified Azure consultants. As an Azure Gold partner, we are trusted Microsoft partners and can advise you on all aspects of Azure from set-up to performance, management and security.
Read the Compete366 Azure WVD series
Read other recent articles from our Compete366’s Azure consultants in the Azure WVD series:
● Optimising Azure Windows Virtual Desktop (WVD) for cost and performance
Microsoft Remote Desktop
● How to implement Azure Windows Virtual Desktop (WVD)
Microsoft Azure Remote Desktop App
● What is Azure Windows Virtual Desktop? A quick guide from the Compete366 Azure Experts