From my previous articles of Windows Virtual Desktop series, I have discussed step by step on Implementing prerequisites, configuring Azure tenant, Creating WVD tenant, Creating Windows 10 multisession Host pools, and connecting from windows, android, and iOS devices. All these are mandatory steps for implementing Windows Virtual Desktop. Moreover, I have discussed implementing user profiles using FSlogix with Azure files in a domain-joined environment.
From this post, I am continuing where I left to publish applications and manage app groups in the WVD environment. Please refer to the previous posts if you miss any configurations.
01 – Working remotely and efficiently with Microsoft technologies
02 - Windows Virtual Desktop | Configuring Prerequisites and WVD Tenant Creation
03 - Windows Virtual Desktop | Create Host Pool and Access through Web, Client App and Mobile Devices
04 - Windows Virtual Desktop | Configure FSLogix User Profiles using Azure Files and AD Authentication.
Before Publishing Applications, you should have
- Implemented Windows Virtual Desktop tenant
- Configured host pool
- A user account with RDS Owner access rights.
- PowerShell with WVD Module imported
- Install-Module -Name Microsoft.RDInfra.RDPowerShell
- Import-Module -Name Microsoft.RDInfra.RDPowerShell
Create and Manage App groups
After you create a Host pool and publish a desktop, a default app group will be created. Further to this, you can have multiple app groups. An App group is required when you publish applications to users. Using multiple app groups, you can segregate uses accessing all applications and assign only the applications they require.
When creating App Groups consider the followings,
- Logically app groups can be divided into Desktop App groups and Remote app groups
- A User cannot be assigned to a Desktop app group and a Remote app group in the same Host pool
- User can be assigned to multiple app groups within the same Host pool,
You can use this method to deny users from accessing some applications.
From this article I am sticking to PowerShell only for Creating app groups, Publishing applications, and Assigning users, you can perform these tasks through GUI however you need to configure the Management UX using GitHub scripts. Let’s talk about that from another post.
Create App Groups
- Login to your WVD Tenant
Add-RdsAccount -DeploymentUrl https://rdbroker.wvd.microsoft.com
- To create an App group, you need the WVD Tenant name and Hostpool name, if you don’t know, use following cmdlets with get
Get-RDSTenant -Name <Tenant Name>
Get-RDSHostpool -TenantName <Tenant Name>
Check other Appgroups - Get-RdsAppGroup -TenantName <Tenant Name> -HostPoolName <Host Pool Name>
- Run following cmdlet to create a new App Group
New-RdsAppGroup <tenantname> <hostpoolname> <appgroupname> -ResourceType "RemoteApp"
Here I’m creating two app groups for all Browsers and Office Apps
Office Apps -
- If you want to verify the app group use the following cmdlets (Optional)
Get-RdsAppGroup <tenantname> <hostpoolname>
Publish Applications to App Group
- Before publishing make sure to install all the required applications in the Host Pools VM’s
- Run the following cmdlet to find the details of installed applications,
Get-RdsStartMenuApp <tenantname> <hostpoolname> <appgroupname>
- Run the following cmdlet to publish the app to the app group, this is based on AppAlias, if your app is not listed as start menu app, do the step 8.
New-RdsRemoteApp <tenantname> <hostpoolname> <appgroupname> -Name <remoteappname> -AppAlias <appalias>
In my scenario, I’m adding all office apps to OfficeApps App Group
- If you cannot find the relevant app from AppAlias cmdlets, manually find the application name and the file path, in my scenario Microsoft Edge not listed, so use the following command to add that app to the app group.
New-RdsRemoteApp <tenantname> <hostpoolname> <appgroupname> -Name <remoteappname> -Filepath <filepath> -IconPath <iconpath> -IconIndex <iconindex>
Ex - New-RdsRemoteApp ESPTesting Testpool AllBrowsers -Name Edge -Filepath C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe -IconPath C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe -IconIndex 0
Assign Users to App Groups
- Each user needs to grant permission to access the applications. Use below cmdlet to assign users to App groups
Add-RdsAppGroupUser <tenantname> <hostpoolname> <appgroupname> -UserPrincipalName <userupn>