AZ-140T00: Configure and Operate Microsoft Azure Virtual Desktop
Duration: 4 Days
This course teaches Azure administrators how to plan, deliver, and manage virtual desktop experiences and remote apps, for any device, on Azure. Lessons include implementing and managing networking for Azure Virtual Desktop, configuring host pools and session hosts, creating session host images, implementing, and managing FSLogix, monitoring Azure Virtual Desktop performance and health, and automating Azure Virtual Desktop management tasks. Students will learn through a mix of demonstrations and hands-on lab experiences deploying virtual desktop experiences and apps on Azure Virtual Desktop and optimizing them to run in multi-session virtual environments. Candidates of this course must have solid Azure administration skills. This course assumes prior experience, including virtualization, networking, identity, storage, backup and restore, and disaster recovery. Students should have knowledge of on-premises virtual desktop infrastructure technologies as they relate to migrating to Azure Virtual Desktop. Students are expected to have used the tools common to the Azure environment, such as the Azure PowerShell and Cloud Shell.
Students for AZ-140: Configure and Operate Microsoft Azure Virtual Desktop are interested in delivering applications on Azure Virtual Desktop and optimizing them to run in multi-session virtual environments. As an Azure Virtual Desktop administrator, you will closely with the Azure Administrators and Architects, along with Microsoft 365 Administrators. Azure Virtual Desktop administrator responsibilities include planning, deploying, packaging, updating, and maintaining the Azure Virtual Desktop infrastructure. They also create session host images, implement and manage FSLogix, monitor Azure Virtual Desktop performance, and automate Azure Virtual Desktop management tasks.
Azure Virtual Desktop Architecture
Azure Virtual Desktop manages the infrastructure and brokering components, while customers manage their own desktop host virtual machines (VMs) and clients. Microsoft manages the Remote Connection Gateway, and Connection Broker services as part of Azure.
- Azure Virtual Desktop for the enterprise
- Azure Virtual Desktop components
- Personal and pooled desktops
- Service updates for Azure Virtual Desktop desktops
- Azure limitations for Azure Virtual Desktop
- Virtual machine sizing for Azure Virtual Desktop
- Azure Virtual Desktop pricing
Design the Azure Virtual Desktop architecture
Azure Virtual Desktop design requires that you assess network capacity and speed requirements, select a load-balancing method for your Azure Virtual Desktop deployment, and choose the right Windows Desktop client.
- Assess network capacity and speed requirements for Azure Virtual Desktop
- Azure Virtual Desktop Experience Estimator
- Recommend an operating system for an Azure Virtual Desktop implementation
- Balancing host pools
- Recommendations for using subscriptions and management groups
- Configure a location for the Azure Virtual Desktop metadata
- Recommend a configuration for performance requirements
Design for user identities and profiles
Your users require access to those applications both on-premises and in the cloud. You use the Remote Desktop client for Windows Desktop to access Windows apps and desktops remotely from a different Windows device.
- Select an appropriate licensing model for Azure Virtual Desktop based on requirements
- Personal and multi-session desktop scenarios
- Recommend an appropriate storage solution
- Plan for a desktop client deployment
- Plan for Azure Virtual Desktop client deployment - Remote Desktop Protocol (RDP)
- Windows Desktop client to multiple devices
- Hybrid Identity with Microsoft Entra ID
- Plan for Microsoft Entra Connect for user identities
Implement and manage networking for Azure Virtual Desktop
See how to monitor and repair health of their Azure Virtual Desktop including virtual machines, virtual networks, application gateways, and load balancers.
- Plan implement remote desktop protocol shortpath
- Analyze connection quality in Azure Virtual Desktop
- Remote Desktop Protocol (RDP) bandwidth requirements
- RDP Shortpath for Azure Virtual Desktop
- RDP Shortpath for Azure Virtual Desktop sample scenarios
- Manage connectivity internet premises Networks
- Plan and implement an Azure Private Link solution for Azure Virtual Desktop
- Create an RDP connection to a Windows VM using Azure Bastion
- Monitor troubleshoot Network Watcher
Implement and manage storage for Azure Virtual Desktop
FSLogix roams profiles in remote computing environments, such as Azure Virtual Desktop. You set up a FSLogix profile container share for a host pool using a virtual machine-based file share.
- Plan storage for Azure Virtual Desktop user data
- Azure storage management
- Azure Files tiers
- Azure NetApp Files tiers
- Implement storage accounts for Azure Virtual Desktop
Create and configure host pools and session hosts for Azure Virtual Desktop
See how to configure the assignment type of a personal desktop host pool to adjust your Azure Virtual Desktop environment to better suit your needs.
- Prerequisites for Azure Virtual Desktop
- Operating systems and Azure regions
- Network and Remote Desktop client planning
- Create a host pool
- Create a host pool using the Azure portal
- Add session hosts to a host pool
- Customize Remote Desktop Protocol (RDP) properties for a host pool
Create and manage session host image for Azure Virtual Desktop
A Shared Image Gallery simplifies custom image sharing across your organization. Custom images can be used to bootstrap deployment tasks like preloading applications, application configurations, and other OS configurations.
- Create a golden image in Azure
- Using Azure VM Image Builder
- Create an Azure Virtual Desktop image by using VM Image Builder and PowerShell
- Plan for image update and management
- Manage licensing for session hosts that run Windows client
- Install language packs in Azure Virtual Desktop
Manage access for Azure Virtual Desktop
Azure Virtual Desktop uses Azure role-based access controls (RBAC) to assign roles to users and admins. Azure Virtual Desktop has additional roles that let you separate management roles for host pools, app groups, and workspaces.
- Selecting an identity strategy for Azure Virtual Desktop
- Selecting an authentication strategy for Azure Virtual Desktop
- Role-based access control (RBAC) for Azure Virtual Desktop
- Plan and implement Azure roles and role-based access control (RBAC) for Azure Virtual Desktop
- Assign RBAC roles to the Azure Virtual Desktop service principals
- Enforce Microsoft Entra multifactor authentication for Azure Virtual Desktop using Conditional Access
- Using Azure Virtual Desktop with Microsoft Intune
Manage security for Azure Virtual Desktop
The Windows client for Azure Virtual Desktop integrates Azure Virtual Desktop on local machines. You’ll learn the critical actions for keeping your users safe.
- Security recommendations for Azure Virtual Desktop
- Connect your Azure subscriptions to Microsoft Defender for Cloud
- Microsoft Defender for Endpoint for Azure Virtual Desktop sessions
- Apply Zero Trust principles to an Azure Virtual Desktop deployment
- Plan and implement Conditional Access policies for connections to Azure Virtual Desktop
- Security posture management and threat protection
Implement and manage FSLogix
FSLogix enhances and enables a consistent experience for Windows user profiles in virtual desktop computing environments.
- Overview of FSLogix
- Understand FSLogix containers
- Configure FSLogix Profile Containers
- Configure FSLogix Office Containers
- Configure profile containers with Cloud Cache
- Using FSLogix Apps RuleEditor and Rule Sets
- Create and Implementing Rule Sets for Application Masking
- Implement Azure NetApp Files for Azure Virtual Desktop
Configure user experience settings
Persistent virtual desktops save the operating system state in between reboots. Virtual desktop provides users easy and seamless access to their assigned VMs, often with a single sign-on solution.
- Connect to Azure Virtual Desktop with the Remote Desktop client for Windows
- Configure session timeout properties
- Implement the Start Virtual Machine on Connect feature
- Configure Universal Print
- Configure device redirections
- Troubleshoot Azure Virtual Desktop clients
Install and configure apps on a session host
MSIX app attach is a way to deliver MSIX applications to both physical and virtual machines. MSIX app attach is different from regular MSIX because it’s specifically for Azure Virtual Desktop.
- Create and configure an application group
- Assign users to application groups
- Publish an application as a RemoteApp
- Implement and manage OneDrive, including multisession environments
- Implement and manage Microsoft Teams for Remote Desktop
- Implement and manage Microsoft 365 Apps on Azure Virtual Desktop session hosts
- Configure dynamic application delivery by using app attach or MSIX app attach
- Create an application package for app attach or MSIX app attach
Monitor and manage performance and health
For Azure Virtual Desktop issues, check Azure Advisor first. Azure Advisor will give you directions for how to solve the problem, or at least point you towards a resource that can help.
- Configure log collection and analysis for Azure Virtual Desktop session hosts
- Monitor Azure Virtual Desktop by using Azure Monitor
- Customize Azure Monitor workbooks for Azure Virtual Desktop Insights
- Monitor Azure Virtual Desktop by using Azure Advisor
- Implement scaling plans in host pools
- Optimize capacity and performance
Plan and implement updates, backups, and disaster recovery
You can replicate your virtual machines (VMs) to the secondary location for Azure Virtual Desktop. You use Azure Site Recovery to manage replicating VMs in other Azure locations.
- Disaster recovery for Azure Virtual Desktop
- Design and implement a backup strategy for Azure Virtual Desktop
- Monitor costs by using Azure Cost Management