07-29-2019 01:33 AM
07-29-2019 01:33 AM
Hi, it is in preview mode and promoted by Microsoft – so let’s give it a try in my private M365/Azure playground.
So I have a working AutoPilot/Intune environment, which synchronizes with my on-prem Active Directory in hybrid mode … shouldn’t be that difficult.
OK, I need a VPN link to get WVD connected to my on-prem AD ….
S2S VPN not working with my existing router equipment (the most popular AVM router here in Germany, which claims to support VPN S2S) - all solutions discussed in the net failed.
Oops, I need special hardware for it – ok, buy a new smarter router – there is a nice device from Synology for that (130 €)
Ooops again, the Azure VPN setup does not support DNS names, only public IP-addresses. So do a lengthy internet research to find an Azure runbook script to automate the change of IP-addresses done every 24 hours by my DSL internet provider ….
OK, finally solved and VPN status is “connected” (whatever that means …) – and nowhere mentioned, that the subscription bill has started ticking just due to the pure existence of a VPN setup with nothing connected on Azure side …. Unfortunately not an April’s Fools Hoax (see April subscription bill).
So let’s continue getting WVD up & running following the procedure described by MS in the WVD tutorial https://docs.microsoft.com/en-us/azure/virtual-desktop/overview
Ooooops, there is an error every time when creating the resource group due to a connect failure to the on-prem AD (but hey, didn’t it say “connected”) …..
OK, there is some info on how to troubleshoot connectivity issues (yes, this will take some time …), but nowhere mentioned, that the bill is ticking even faster and that I’m getting charged for a WVD setup attempt which repeatedly failed with an error code ….
And having to pay for a service which is still in preview (isn’t it) is a lot of fun.
So I killed the complete setup to avoid any further cost increases (surprise-surprise) and look forward to some managers at my employer willing to spend money on a WVD trial in an much “simpler” corporate environment with DMZ, proxies, SSL inspection, Azure subscription contractual negotiations lasting for more than one year now (all techies like legal, don’t we) to give WVD another try. Quite likely, isn’t it …..
And thanks again for giving MS cloud service in preview a costly meaning …
07-29-2019 08:30 AM
@TJ3012 I'm sorry to hear that your experience with WVD did not go as you'd hoped. Having read your post, it sounds like you jumped into this preview without taking into account the architecture of the environment or the financial ramifications of provisioning resources within a cloud service. It is not unreasonable for there to be a cost associated with bandwidth, virtual appliances, virtual machines, etc., even if you're not using them in production. While I, too, would appreciate some sort of preview discount on the associated compute resources, I do not expect one given that the only functionality in preview is the managed back-end infrastructure (the broker, load balancing, etc.), and that's actually free; we're only paying for the VMs the users would connect to.
I hope you learned something more than "the cloud is bad/expensive" while working on this endeavor, and encourage you to revisit these and other cloud services in the future after completing the requisite amount of research and planning to ensure your needs are met. Also, remember: not every cloud service is right for your environment, and that's okay too!
07-29-2019 11:41 AM
@Blastfire maybe you noticed that I mentioned my Azure AD / Intune / Hybrid Pilot environment, which I am currently piloting for a company with 100k+ Windows clients. So I am not completely unaware of cloudservices and related cost.
Providing a new service in preview with the management component for free (wow, seems it provided only an error code and a non-op setup after multiple attempts) and getting charged for all the components which are required by a still non working WVD trial is a quite a new experience working with MS preview cloud services for more than 3 years now and being in IT-network/Server business for more than 30 yrs.
Maybe the service is a little more complex than MS preview tutorials ......
07-29-2019 01:01 PM
To give it a try in isolated manner, you can create a VM, promote it to a DC, and then deploy WVD with it. Then, scrap it up after working with it. To further save the cost, if you deploy RDS based VM (you need RDS with SA to access it though) - you can add a domain controller function to it and promote it to DC, and decommission the original AD - so you get only one VM. Azure VPN services isn't a consumption plan, behind the scenes you get HA setup of networking infrastructure. Also, most of your problems weren't relating to WVD itself, rather than it requires AD-connectivity of any sort.