Deploy Azure Virtual Desktop with the getting started feature

You can quickly deploy Azure Virtual Desktop with the getting started feature in the Azure portal. This can be used in smaller scenarios with a few users and apps, or you can use it to evaluate Azure Virtual Desktop in larger enterprise scenarios. It works with existing Active Directory Domain Services (AD DS) or Azure Active Directory Domain Services (Azure AD DS) deployments, or it can deploy Azure AD DS for you. Once you've finished, a user will be able to sign in to a full virtual desktop session, consisting of one host pool (with one or more session hosts), one app group, and one user. To learn about the terminology used in Azure Virtual Desktop, see Azure Virtual Desktop terminology.

Joining session hosts to Azure Active Directory with the getting started feature is not supported. If you want to want to join session hosts to Azure Active Directory, follow the tutorial to create a host pool.

Tip

Enterprises should plan an Azure Virtual Desktop deployment using information from Enterprise-scale support for Microsoft Azure Virtual Desktop. You can also find more a granular deployment process in a series of tutorials, which also cover programmatic methods and less permission.

You can see the list of resources that will be deployed further down in this article.

Prerequisites

Please review the Prerequisites for Azure Virtual Desktop to start for a general idea of what's required, however there are some differences when using the getting started feature that you'll need to meet. Select a tab below to show instructions that are most relevant to your scenario.

Tip

If you don't already have other Azure resources, we recommend you select the New Azure AD DS tab. This scenario will deploy everything you need to be ready to connect to a full virtual desktop session. If you already have AD DS or Azure AD DS, select the relevant tab for your scenario instead.

At a high level, you'll need:

  • An Azure account with an active subscription
  • An account with the global administrator Azure AD role assigned on the Azure tenant and the owner role assigned on subscription you're going to use.
  • No existing Azure AD DS domain deployed in your Azure tenant.
  • User names you choose must not include any keywords that the username guideline list doesn't allow, and you must use a unique user name that's not already in your Azure AD subscription.
  • The user name for AD Domain join UPN should be a unique one that doesn't already exist in Azure AD. The getting started feature doesn't support using existing Azure AD user names when also deploying Azure AD DS.

Important

The getting started feature doesn't currently support accounts that use multi-factor authentication. It also does not support personal Microsoft accounts (MSA) or Azure AD B2B collaboration users (either member or guest accounts).

Deployment steps

Here's how to deploy Azure Virtual Desktop and a new Azure AD DS domain using the getting started feature:

  1. Sign in to the Azure portal.

  2. In the search bar, type Azure Virtual Desktop and select the matching service entry.

  3. Select Getting started to open the landing page for the getting started feature, then select Start.

  4. On the Basics tab, complete the following information, then select Next: Virtual Machines >:

    Parameter Value/Description
    Subscription The subscription you want to use from the drop-down list.
    Identity provider No identity provider.
    Identity service type Azure AD Domain Services.
    Resource group Enter a name. This will be used as the prefix for the resource groups that are deployed.
    Location The Azure region where your Azure Virtual Desktop resources will be deployed.
    Azure admin user name The user principal name (UPN) of the account with the global administrator Azure AD role assigned on the Azure tenant and the owner role on the subscription that you selected.

    Make sure this account meets the requirements noted in the prerequisites.
    Azure admin password The password for the Azure admin account.
    Domain admin user name The user principal name (UPN) for a new Azure AD account that will be added to a new AAD DC Administrators group and used to manage your Azure AD DS domain. The UPN suffix will be used as the Azure AD DS domain name.

    Make sure this user name meets the requirements noted in the prerequisites.
    Domain admin password The password for the domain admin account.
  5. On the Virtual machines tab, complete the following information, then select Next: Assignments >:

    Parameter Value/Description
    Users per virtual machine Select Multiple users or One user at a time depending on whether you want users to share a session host or assign a session host to an individual user. Learn more about host pool types. Selecting Multiple users will also create an Azure Files storage account joined to the same Azure AD DS domain.
    Image type Select Gallery to choose from a predefined list, or storage blob to enter a URI to the image.
    Image If you chose Gallery for image type, select the operating system image you want to use from the drop-down list. You can also select See all images to choose an image from the Azure Compute Gallery.

    If you chose Storage blob for image type, enter the URI of the image.
    Virtual machine size The Azure virtual machine size used for your session host(s)
    Name prefix The name prefix for your session host(s). Each session host will have a hyphen and then a number added to the end, for example avd-sh-1. This name prefix can be a maximum of 11 characters and will also be used as the device name in the operating system.
    Number of virtual machines The number of session hosts you want to deploy at this time. You can add more later.
    Link Azure template Tick the box if you want to link a separate ARM template for custom configuration on your session host(s) during deployment. You can specify inline deployment script, desired state configuration, and custom script extension. Provisioning other Azure resources in the template isn't supported.

    Untick the box if you don't want to link a separate ARM template during deployment.
    ARM template file URL The URL of the ARM template file you want to use. This could be stored in a storage account.
    ARM template parameter file URL The URL of the ARM template parameter file you want to use. This could be stored in a storage account.
  6. On the Assignments tab, complete the following information, then select Next: Review + create >:

    Parameter Value/Description
    Create test user account Tick the box if you want a new user account created during deployment for testing purposes.
    Test user name The user principal name (UPN) of the test account you want to be created, for example testuser@contoso.com. This user will be created in your new Azure AD tenant, synchronized to Azure AD DS, and made a member of the AVDValidationUsers security group that is also created during deployment. It must contain a valid UPN suffix for your domain that is also added as a verified custom domain name in Azure AD.

    Make sure this user name meets the requirements noted in the prerequisites.
    Test password The password to be used for the test account.
    Confirm password Confirmation of the password to be used for the test account.
  7. On the Review + create tab, ensure validation passes and review the information that will be used during deployment.

  8. Select Create.

Connect to the desktop

Once the deployment has completed successfully, if you created a test account or assigned an existing user during deployment, you can connect to it following the steps for one of the supported Remote Desktop clients. For example, you can follow the steps to Connect with the Windows Desktop client.

If you didn't create a test account or assigned an existing user during deployment, you'll need to add users to the AVDValidationUsers security group before you can connect.

Resources that will be deployed

Resource type Name Resource group name Notes
Resource group your prefix-avd N/A This is a predefined name.
Resource group your prefix-deployment N/A This is a predefined name.
Resource group your prefix-prerequisite N/A This is a predefined name.
Azure AD DS your domain name your prefix-prerequisite Deployed with the Enterprise SKU. You can change the SKU after deployment.
Automation Account ebautomationrandom string your prefix-deployment This is a predefined name.
Automation Account runbook inputValidationRunbook(Automation Account name) your prefix-deployment This is a predefined name.
Automation Account runbook prerequisiteSetupCompletionRunbook(Automation Account name) your prefix-deployment This is a predefined name.
Automation Account runbook resourceSetupRunbook(Automation Account name) your prefix-deployment This is a predefined name.
Automation Account runbook roleAssignmentRunbook(Automation Account name) your prefix-deployment This is a predefined name.
Managed Identity easy-button-fslogix-identity your prefix-avd Only created if Multiple users is selected for Users per virtual machine. This is a predefined name.
Host pool EB-AVD-HP your prefix-avd This is a predefined name.
Application group EB-AVD-HP-DAG your prefix-avd This is a predefined name.
Workspace EB-AVD-WS your prefix-avd This is a predefined name.
Storage account ebrandom string your prefix-avd This is a predefined name.
Virtual machine your prefix-number your prefix-avd This is a predefined name.
Virtual network avdVnet your prefix-prerequisite The address space used is 10.0.0.0/16. The address space and name are predefined.
Network interface virtual machine name-nic your prefix-avd This is a predefined name.
Network interface aadds-random string-nic your prefix-prerequisite This is a predefined name.
Network interface aadds-random string-nic your prefix-prerequisite This is a predefined name.
Disk virtual machine name_OsDisk_1_random string your prefix-avd This is a predefined name.
Load balancer aadds-random string-lb your prefix-prerequisite This is a predefined name.
Public IP address aadds-random string-pip your prefix-prerequisite This is a predefined name.
Network security group avdVnet-nsg your prefix-prerequisite This is a predefined name.
Group AVDValidationUsers N/A Created in your new Azure AD tenant and synchronized to Azure AD DS. It contains a new test user (if created) and users you selected. This is a predefined name.
User your test user N/A If you select to create a test user, it will be created in your new Azure AD tenant, synchronized to Azure AD DS, and made a member of the AVDValidationUsers security group.

Clean up resources

If you want to remove Azure Virtual Desktop resources from your environment, you can safely remove them by deleting the resource groups that were deployed. These are:

  • your-prefix-deployment
  • your-prefix-avd
  • your-prefix-prerequisite (only if you deployed the getting started feature with a new Azure AD DS domain)

To delete the resource groups:

  1. Sign in to the Azure portal.

  2. In the search bar, type Resource groups and select the matching service entry.

  3. Select the name of one of resource groups, then select Delete resource group.

  4. Review the affected resources, then type the resource group name in the box, and select Delete.

  5. Repeat these steps for the remaining resource groups.

Next steps

If you want to publish apps as well as the full virtual desktop, see the tutorial to Manage app groups with the Azure portal.

If you'd like to learn how to deploy Azure Virtual Desktop in a more in-depth way, with less permission required, or programmatically, check out our series of tutorials, starting with Create a host pool with the Azure portal.