All Posts

Using FSLogix file shares with Azure AD cloud identities in Azure Virtual Desktop - cloud-only, AVD

With AAD-Kerberos, you can use AAD-only joined session hosts with FSLogix. This is a great approach to working more cloud-native. With AAD-Kerberos, the session hosts don’t need to have network...

Debugging Azure Virtual Desktop errors/issues/network latency and bandwidth with an interactive Workbook

Correctly configured, Azure Virtual Desktop sends diagnostic data to a log analytics workspace (Azure Monitor). There are several logs containing data about the events in the backend:

Azure AD only joined hosts in Azure Virtual Desktop: Join and re-join hosts

Azure AD-only joined are getting more common in Azure Virtual Desktop. There are some challenges running AVD hosts as AAD-only. One challenge is that you can roll out a new...

Working interactively with user sessions in Azure Virtual Desktop

Handling user sessions in AVD could be more intuitive in the Azure Portal. Luckily, some tools (like WVDAdmin, Hydra, and others) are available to make it easier. I made a...

Sysprep and deploy Windows 11 22H2 in Azure with a custom image and a workaround

A common way to build virtual machines based on an image in Azure (e.g., as Session hosts for Azure Virtual Desktop) can be done by the “Golden Image” approach.

The challenge of having the correct language in the Edge browser with Azure Virtual Desktop in West Europe

If you run Azure Virtual Desktop in a data center in another country, you maybe know that the browsers are showing some websites in the data center location language. For...

Azure Virtual Desktop: Logging session host state to Log Analytics to show state and sessions over time

Update October 2022: Check out the following Workbook to use diagnostic logging to get and visualize the data

Azure Virtual Desktop Session Hosts with Azure Disk Encryption

Hydra for Azure Virtual Desktop and WVDAdmin are supporting ADE for AVD Session Hosts.

Automatically add or change Azure Active Directory computer objects on-demand

Hybrid joined AVD session hosts are great for working with conditional access, Intune (MEM), access to Azure files, and other AAD integrated services.

Honey-Potting in Azure and Unfavorable Account Names

As everybody knows, running a Windows system in Azure unprotected is not a good idea. To get access to an Azure VM, Azure Bastion or VPN are recommended.

Securing an app service, a key vault, and a database with private endpoints

A typical Azure application uses an app service representing the front end, a database to store the data and configuration settings, and a key vault to keep secrets (like the...