The Windows Virtual Desktop – what we know so far. 83 facts listed

Throughout the last couple of months a lot has been said (and shown) about and around the Windows Virtual Desktop, so much that I thought a summary would be in place. Do note that I’m relying on what’s publicly available or what I’ve picked up from hearsay. In case of the latter I will make note of it. Updated per 25-03-2019 after my visit to Microsoft Ignite On Tour in Amsterdam where multiple announcements have been made. All facts have been verified by a PM of the WVD / RDS team.

1. Management will be done from a central control panel based in Microsoft Azure (Microsoft Managed Azure Services) a.k.a. PaaS, or platform as a service.
2. Everything that’s available from a Microsoft 365 perspective, feature and security wise, will be applicable to the WVD as well.
3. The WVD architecture (control panel) is based on the earlier announced RDMI technology, back in 2017.
4. The WVD control panel houses the Broker, Web Access, Diagnostics, the Gateway role, and Load Balancing (which is part of the Broker, by the way, it’s not a seperate role). This is all taken care of by Microsoft.
5. Each VM will have a WVD agent installed which takes care of the communication between the VM and the control panel.
6. Connectivity options will include: a HTML5 RD Web, Client RemoteApp and Desktop Connections (RADC), and the WVD Client App, no further details as of yet.
7. During Ignite they showed the remote desktop app which will work on all supported WVD Operating Systems. It’s a Win32 application.
8. The WVD will introduce a new multi-user (Enterprise) Windows 10 OS, based on the same RDS technology used in the MS Server OS’s.
9. There will also be support for other Operating Systems like Windows Server 2012 R2, 2016, 2019, and Windows 7 and 10 single user.
10. WVD based machines can be located in different regions within Azure, spread across the globe.  
11. All machines, no matter which Windows version they run need to be located in Azure, at least that’s how it is today, this may change in the future (wishful thinking).
12. For this to work you will need to have a valid Azure subscription. An Azure Active Directory. A Windows Server Active Directory in sync with Azure Active Directory – use Azure AD Connect or Azure AD Domain Services for this. A virtual network (vNet) that either contains or is connected to the Windows Server Active Directory.
13. Virtual machines can’t be Azure AD-joined. They must be standard domain joined or hybrid domain joined.
14. Support for Azure Active Directory only will be possible in the future.  
15. A WVD tenant needs to be created and mapped to your Azure AD tenant. You can create multiple (separate and isolated) WVD tenants within your Azure subscription. Especially useful for service providers servicing multiple customers.
16. Because of the multitenant architecture different AD setups, on a per customer basis will be used. Customer environments are highly isolated.
17. WVD works with so-called Host-pools, a collection of identical machines which serve the same purpose. Like offering a published desktop, for example. Or a host-pool that is configured to offer published applications, is another use-case.
18. Individual app groups can be created for different sets of users, or you can assign users to multiple app groups if you want.
19. You can use known solutions, like VPN’s en Azure EXPRESSROUTE to connect back (and forth) to your existing on-premises environment.
20. When Azure AD Domain Services is used multi factor authentication and conditional access will be optional as well.
21. On the control panel, Roll Based Access Control (RBAC) is available. Delegated access can be based on 4 different (built-in) roles: Owner, Contributor, Reader, and an Operator.
22. Active Directory Federation Services for Single Sign On is supported.
23. Reverse Connect: Outbound (WebSocket) connections from customer VM’s to the Broker and Gateway (the PaaS control panel) – no inbound ports to customer environments are needed. Bidirectional communication between VM’s and WVD infra goes over 443.
24. At some point there will come an on-premises option as well,
    According to Microsoft. This will apply to all OS’s except for the Win10 multi-user option. It’s also not a 100% clear if this will be an Azure Stack offering, or that you will be allowed to run these machines on your own (on-prem) hardware, for example.
25. Manfred Helber even started a petition were people could express their desire to have WVD made available on-premises as well, it’s here.
26. Again, the newly introduced W10 multi-user will be, and stay Azure only though. At least that’s the official statement today.
27. During the public preview as well as when WVD goes GA both persistent as well as non-persistent machines are, and will be supported. The Fslogix software will take care of your profile data.
28. For W10 single-user you can use pooled as well as personal assignment. If this will also be persistent only to start out with, I’m not sure, but probably. Note that not all options mentioned will be directly available once the preview launches. Or when the GA hits, for that matter.
29. The WVD service is build up out of multiple instances (multi-tenant), including brokers, which can be shared between customers or can per customer. This is transparent to individual customers.
30. To start, the WVD service (the Azure control panel) will only become available in the US East 2 region. The control panel will deployed into other regions once it will hit GA.
31. It will go GA somewhere in Q2 of 2019.
32. WVD will be available directly from the Azure market place. You can use/select any type of VM you want as long as its offered from the marketplace. Of course, it also needs to be available in the region you want to deploy it to.
33. If you search for ‘Windows Virtual Desktop’ in the Azure Marketplace you’ll find ‘Windows Virtual Desktop – Provision a host pool. Once you click ‘Create’ a wizard will walk you through the necessary steps.
34. Note that various ARM templates will be available to help you set up things more quickly. You still need to know what you’re doing, of course.
35. ARM templates can be manually edited and used to help you scale your environment.
36. ARM templates will be made available through GitHub.
37. WVD can also be set up and configured manually using a step by step approach.
38. Microsoft’s new Diagnostics service van be used to troubleshoot errors on the WVD platform. The diagnostics service works end-to-end, meaning from client through the WVD service all the way down to the VM’s themselves.
39. Load Balancing as part of WVD Windows 10 multi-user comes in two flavours, Breadth and Depth.
40. Breadth is the default mode and based on Reserved Azure instances (IaaS). With Breadth user will spread evenly across your virtual machines.
41. Depth load balancing is optional for pay per use VM’s and works by first filling up the first VM up to a configurable amount of users before spinning up a next one, and so on. This is an automated process which can be configured using various ARM templates. You can set thresholds for when machines need to be provisioned, or perhaps decommissioned.
42. Load balancing can be configured using PowerShell. There are separate Cmdlets available.
43. Multiple tools around scaling, load balancing and diagnostics will be made available. Mostly in the form of ARM templates as mentioned above.
44. WVD W10 single and multi-user will require one of the following licenses: Microsoft 365 E3, E5, A3, A5, Business or Windows E3, E5, A3, A5.
45. This the same applies to Windows 7 as well.
46. For Windows Server 2012 R2, 2016, 2019 you will need a RDS Client Access License (CAL) with Software Assurance.
47. The WVD service as part of the above mentioned license will be free of charge, you pay for the Azure (IaaS) resources consumed by your VM’s. In other words, the WVD control panel will be free of charge, the rest isn’t.
48. Existing Azure discount options, like Azure Reserved Virtual Machine Instances, for example apply to WVD as well.
49. Personal branding (own URL, website, look and feel), isn’t possible today. This might change soon.
50. While support for Windows 7 will end on January the 14^th in 2020, when used on/combined with the WVD, support will be extended (security updates) till 2023 – free of charge. On Azure that is, at least that’s how it stands today.
51. Besides publishing shared desktops from W10 multi-user, Server 2012, 2016 and 2019, you also have the option to publish Windows applications separately. This can be done from the W10 multi-user OS as well.
52. WVD is optimized for Office ProPlus. Again, Fslogix plays an important part in all this. This together with any plugins, codecs and such that will be installed by default. Here’s what Fslogix adds to WVD: Outlook caching and Windows search support, OneDrive for Business, including files on demand support, Native SharePoint in Windows Explorer, Office 365 ProPlus computer activation license roaming, Skype for Business GAL caching, Teams support for virtual desktops, Cloud Cache with auto storage failover and globally redundant disaster recovery for profiles, and finally, Application Masking.
53. There was some uncertainty about being able to still use Fslogix for other use-cases than WVD, like on-premises, for example. Well, if you own, or buy Microsoft 365 E3/A3/E5/A5, Windows 10 Enterpsie E3/A3/E5/A5, Windows 10 Education A3/A5, Windows 10 VDA per user licenses, or RDS Call licenses (all of them), you are entitled to use the entire FSLogix product suite on-premises and in the Cloud.
54. Fslogix Cloud Cache technology could be used when moving from on-prem to Cloud by replicating user profile, for example.
55. To be clear, you don’t need SA (Software Assurance) to be able to use the Fslogix software. You do need SA to run server OS based WVD’s in Azure.
56. Apparently a new and rebranded Fslogix agent will be released somewhere around the WVD GA date. More information will follow.
57. If you have RDS Call licenses with SA you are entitled to WVD as well.
58. When using W10 multi-user, you don’t have to purchase separate rds call licenses.
59. Windows 10 Enterprise single and multi-user both fall under the Semi-Annual Channel option.
60. Windows Server 2012 R2, 2016 and 2019 are part of the Long-Term Servicing Channel.
61. Both Windows 10 Enterprise single and multi-user will be able to offer Office 365 ProPlus going forward.
62. Windows Server 2019 only supports Office 2019 perpetual licensing, while Server 2016 does support Office 365 ProPlus, at least till extended support ends in 2025.
63. Server 2019 will still support the RDSH role. Today it’s unknown if future Server Operating Systems will as well.  
64. Both Windows 10 Enterprise single and multi-user will support Win32 applications as well as the modern UWP type applications. All other OS’s as part of WVD only support Win32 applications.
65. Customers will be responsible for maintaining their own compute images holding their applications, security patches and other software.
66. The same applies to the rest of their Azure tenant when it comes to networking, access control, security and so on.
67. Images can be created manually in the form of a VHD or VHDX, which can be uploaded to Azure. You can use managed and on-managed disks.
68. Default images are available, pre-configured to get you up and running quickly. Selectable from the Azure management portal while setting up the service.
69. The WVD is supported and backed by multiple partners. As far as I know, today we have: Citrix, Liquidware, CloudJumper, Lakeside Software, People Tech Group, and ThinPrint. They will deliver their services on top of WVD, further enhancing the overall user experience.
70. Will the WVD be a threat to Citrix? It might be in the distant future but not on short notice. Citrix has built (or is in the process of doing so) their own DaaS solution on top of the WVD, I’m sure more will be announced very soon.
71. Third parties are able to develop their own DaaS solution based on, or on top of WVD
72. The platform is ‘extensible’. Microsoft offers Rest API and PowerShell (to Rest) support, free for everyone to get their hands dirty. WVD, from start to finish can be completely managed through PowerShell and/or REST, if you like.  
73. A new WVD GUI management section, within the Azure portal is being worked on. No time lines as of yet. Everything that’s possible with the current API’s and/or PowerShell from a management perspective will be made available in the WVD Azure portal as well. Saw a short demo while at Ignite, looks promising.
74. Managing your WVD’s with Microsoft’s SCCM and/or Intune is optional as well. SCCM can be used to manage your server operating systems, while Intune can be used to manage your desktop operating systems.
75. Fully Managed Service Provider – The extensive network of Microsoft Cloud Solution Providers will be able to offer Windows Virtual Desktop to their customers and offer additional value around the service.
76. Citrix is now a Microsoft Fully Managed Service Provider as well.
77. In addition to the above, most enterprise features are still lacking when it comes to WVD, this is where CTX still shines. The WVD roadmap is long but an impressive one. Of course, we’re expecting much more information to be released soon so this could turn into old news quickly.
78. CloudJumper’s ‘Cloud Workspace for Azure’ proposition also integrates with and leverages WVD.
79. Load tests have been done by independent parties which show that the multi-user WVD W10 version can host about 20% less users per machine when compared to Windows Server 2016/2019 based on the same specs.
80. In theory your WVD machine, including the Win10 multi-user option can handle an unlimited number of connections and users. You decide. Which, of course, will come down to sizing, assigning VM resources and such – nothing we haven’t done before, right?
81. There is a script available to help you automatically scale hosts as you go.
82. Insiders tell me that even for Microsoft standards the WVD is getting above normal attention. Thousands (over 20?) of people have subscribed to the Public Preview program that they launched a few months back.
83. Of course not everyone is equally excited. Claudio (@crod on Twitter) shared his thoughts on multiple occasions. One of his blogs is named: The Windows Virtual Desktop (WVD) BS – you’ll find it here. He will also give a presentation during the upcoming Virtual Expo conference with a similar title: The Windows Virtual Desktop (WVD) Bullshit. Have a look at the agenda here, it includes a ton of WVD sessions – hot topic.

What did I miss? To be continued…

Bas van Kaam

Field CTO EMEA by day, author by night @ Nerdio

Father of three, EMEA Field CTO @ Nerdio, Author of the book Van de Basis tot aan Meester in de Cloud, Co-author of the book Project Byte-Sized and Yuthor of the book: Inside Citrix – The FlexCast Management Architecture, over 500 blog posts and multiple (ultimate) cheat sheets/e-books. Public speaker, sport enthusiast­­­­­­­­: above-average runner, 3 x burpee-mile finisher and a former semiprofessional snooker player. IT community participant and initiator of the AVD User group Community world wide.