top of page

Windows Virtual desktop – How To Completely Setup

Updated: Dec 27, 2023

In this article, I am going to explain how we can Setup Azure Windows Virtual Desktop.

Kindly note this setup has been tested, Please do reach out if any issues once followed and not working as expected. Let’s get started.

Windows Virtual Desktop prerequisites

Below are the basic Prerequisites to setup Azure Virtual Desktop

  1. An Azure subscription with Sufficient Credits

  2. Make sure your virtual network in Azure is configured in such a way that new VMs have your Domain Controller or Azure AD Domain Services (Azure AD DS) set as the DNS (otherwise the domain join step will likely fail).

  3. Download and install the Windows Virtual Desktop cmdlets for Windows PowerShell on a device.

  4. Make sure all Azure resources are in the same region.

  5. If you require seamless SSO (HTML5 client excluded), you will need AD FS or users will have to authenticate when gaining access to the VM. (Steps on how to enable this with AD FS will follow at a later stage.)

  6. Credentials requirements, Below are the Permissions for each component

Virtual Desktop

Step 1:

  1. Grant Azure Active Directory permissions to the Windows Virtual Desktop service.

  2. Assign the TenantCreator application role to a user in your Azure Active Directory tenant.

Grant Azure Active Directory permissions to the Windows Virtual Desktop service.

  1. Open a browser and begin the admin consent flow to the Windows Virtual Desktop server app.

  2. Sign in to the Windows Virtual Desktop consent page with a global administrator account.

  3. Select Accept.

  4. Wait for one minute so Azure AD can record consent.

Virtual Desktop

Virtual Desktop

  1. Open a browser and begin the admin consent flow to the Windows Virtual Desktop client app.

  2. Sign into the Windows Virtual Desktop consent page as global administrator, as you did in step 2.

  3. Select Accept.

Virtual Desktop

Virtual Desktop

Assign the Tenant Creator application role

Assigning an Azure Active Directory user the TenantCreator application role allows that user to create a Windows Virtual Desktop tenant associated with the Azure Active Directory instance. You’ll need to use your global administrator account to assign the TenantCreator role.

To assign the TenantCreator application role:

  1. Go to the Azure portal to manage the TenantCreator application role. Search for and select Enterprise applications. If you’re working with multiple Azure Active Directory tenants, it’s a best practice to open a private browser session and copy and paste the URLs into the address bar.

  2. Within Enterprise applications, search for Windows Virtual Desktop. You’ll see the two applications that you provided consent for in the previous section. Of these two apps, select Windows Virtual Desktop.

Virtual Desktop
  1. Select Users and groups. You might see that the administrator who granted consent to the application is already listed with the Default Access role assigned. This is not enough to create a Windows Virtual Desktop tenant. Continue following these instructions to add the TenantCreator role to a user.

Virtual Desktop

Step 2:

Open PowerShell in the Elevated Mode and Run the commands to install PowerShell Module

Install-Module -Name Microsoft.RDInfra.RDPowerShell 
Import-Module -Name Microsoft.RDInfra.RDPowerShell 

Run the below commands one by one

$AadTenantId    = “AAD ID” 
$subscriptionId = “Subscription ID” 
$TenantName = “WVD01RK01” 
$HostPoolname = “WVDHostpool01” 

Change Host Pool Name, Tenant Name, AADTenantId, Azure Subscription Ids

Run the below command to connect to RD Broker services,

Add-RdsAccount -DeploymentUrl “

Run the below command to create a new tenant,

New-RdsTenant -Name $TenantName -AadTenantId $AadTenantId -AzureSubscriptionId $subscriptionId 

Run the below command to create a Hostpool

New-RdsHostPool -TenantName $tenantName -FriendlyName “WVD01RK01New” -name $HostPoolName -ValidationEnv $true 

Do run the below commands to add the user for the Virtual Desktop,

Add-RdsAppGroupUser -TenantName $TenantName -Hostpoolname $HostPoolName -AppGroupName “Desktop Application Group” -UserPrincipalName 

Virtual Desktop

Virtual Desktop

Step 3:

Custom DNS Configuration to the VNet in which we are going to configure Azure Virtual Desktop,

Go to Resource Group à Click on Vnet

Virtual Desktop

Configure the DNS Server, It is the server domain controller installed in the Vnet Subnet for the Domain Joining and authentication

Virtual Desktop

Step 4:

Configuring Virtual Desktop

Login to Https:// –> Resource Group à Click on Add

Virtual Desktop

Search for Windows Virtual Desktop – Provision a host pool

Virtual Desktop

Click on Create

Virtual Desktop

Enter the Host Pool Name created using PowerShell

Virtual Desktop

Select the number of Users and Virtual Desktop Name Prefix

Virtual Desktop

Under Virtual Machine Settings

Enter the Image OS version you want to configure, AD Domain Join UPN(Assigned Privilege to Domain join the Machines), and Select the Vnet and Subnet to information. Carefully enter the details and ensure the domain controller and DNS are reachable from this subnet. Setup will fail if there are any issues in the domain controller reachability.

Virtual Desktop

Enter the Virtual Desktop Tenant name created using PowerShell and Azure admin privileged account and password.

Note: Ensure MFA is not enabled for the account you’re using for the setup

Virtual Desktop

Virtual Desktop

Virtual Desktop

This is fantastic! The setup has been completed without any issues or warnings. To validate, Login to the Domain controller and ensure the Virtual desktop has been domain joined and available in the Active Directory Users and computers

Testing and validation

Virtual Desktop

Testing using the Web Client

To test the Virtual Desktop, open the Browser à Enter the Url

Do login with the account assigned for the Virtual Desktop.

Virtual Desktop

With the above screenshot, You’re able to successfully login to the Virtual Desktop without any issues.

Testing using the Remote Desktop

This can be validated using the Remote Desktop,

Virtual Desktop

Virtual Desktop
8 views0 comments
bottom of page