IT Connect
Your connection to information technology at the UW

Windows Virtual Desktop

Windows Virtual Desktop is a Microsoft-provided cloud-based Virtual Desktop Infrastructure (VDI) offering. You get the benefits of a virtual workspace without the complexity of buying and managing a VDI.

Background

The Windows Virtual Desktop solution provides simplified management, multi-session Windows 10, and optimizations for Office 365 ProPlus. You can easily deploy and scale your Windows desktops and apps and get built-in security and compliance features. A Microsoft marketing page is available at: https://azure.microsoft.com/en-us/services/virtual-desktop/. Technical information is available at: https://docs.microsoft.com/en-us/azure/virtual-desktop/.

Here at the UW, you can’t run Windows Virtual Desktop without some assistance getting setup from UW-IT.

Getting Started

Licensing for Window Virtual Desktop (WVD) is covered for UW employees and students.

Costs to run WVD are:

  • minor storage costs to store the VM disks in Azure
  • Azure VM runtime costs (you can minimize those if you shut them down for inactive periods)
  • ExpressRoute or some other site-to-site VPN

To proceed, you’ll need the following to use Window Virtual Desktop (WVD):

  1. Azure subscription. If you don’t have one, see here: https://uw.service-now.com/sp?id=sc_entry&sys_id=ed4f54b5db567748d6a77a8eaf961940
  2. Azure ExpressRoute. This is a site to site VPN which provides the network connectivity from Azure to the UW network to allow your WVD VMs to join the NETID AD and interact with any data sources on-premises. See: https://uw.service-now.com/sp?id=sc_entry&sys_id=8ab2e8b9dbd67748d6a77a8eaf96190f
  3. An Azure AD service principal. You can create one yourself. See https://docs.microsoft.com/en-us/azure/virtual-desktop/virtual-desktop-fall-2019/create-service-principal-role-powershell#create-a-service-principal-in-azure-active-directory for the steps to do so. Because there are many units which use WVD, we ask that you prepend the displayName argument with your unit name, e.g. “-DisplayName “Pottery – Windows Virtual Desktop Svc Principal”
  4. A Windows Virtual Desktop tenant. This is something UW-IT must provision for you. Send email to help@uw.edu with subject “Windows Virtual Desktop”. You will need the following:
    1. Azure subscription ID. Reference https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory#assign-the-tenantcreator-application-role and search for “To find your Azure subscription ID” for help on how to determine this.
    2. The service principal’s application id. This is in one of the steps for #3 above in the Microsoft doc for that step.
  5. Once you have the WVD tenant, you’ll be using the service principal to manage it, generally following the Microsoft documentation.
  6. The Azure AD service principal will require occasional maintenance attention. The service principal secret will expire and it is best practice to have more than one owner assigned. See https://itconnect.uw.edu/wares/msinf/aad/apps/creds/ for help on this.

Running Windows Virtual Desktop

You are responsible for managing your WVD tenant. If you’d like UW-IT to do that for you, please contact the Managed Workstation service via help@uw.edu with a subject line of “Managed Windows Virtual Desktop”.

Last reviewed April 22, 2020