Collect and query Graphics Data for Azure Virtual Desktop connections – Now in Public Preview
Graphics data logs for Azure Virtual Desktop are in public preview! You can now set up the diagnostics table in Azure Log Analytics and collect graphics data for your Azure Virtual Desktop connections. The graphics data table generates information whenever end-to-end delay and dropped frames percentages fall below a healthy threshold for Azure Virtual Desktop. This table helps administrators understand factors across the server, client, and network that could be contributing to slow or choppy experiences for a user. Set up To start collecting graphics data, you’ll need to ensure your Azure Virtual Desktop host pools have diagnostics enabled and that the Connection Graphics Data Logs Preview table is selected. You can check and modify these settings in the Azure Portal: Visit your Azure Virtual Desktop Host Pools in the Azure Portal. Select the host pool where you’d like to set up network data, then select Diagnostic settings. Select Edit setting, or +add diagnostic setting if you don’t have a diagnostic setting already. Select allLogs or the individual categories you would like to collect. Confirm Connection Graphics Data Logs Preview is selected. Select a destination (Log Analytics workspace for Azure Virtual Desktop Insights users) Save and repeat for other host pools. Sample queries You can run these sample Kusto queries in the Log Analytics query editor. For each query, replace alias@domain, start_time, end_time, VmName, or HostPoolName with the information you would like to search for. Search graphics data by a specific user or users // Query for a specific user or group of users let Users = datatable(User:string) [ "alias@domain.com", "alias@domain.com" ]; WVDConnectionGraphicsDataPreview | join kind = leftouter ( WVDConnections | extend Protocol = iff(UdpUse in ("<>", "0"), "TCP", "UDP") | extend GatewayRegion = iff(GatewayRegion in ("<>", ""), "Unknow", GatewayRegion) | summarize GatewayRegion = take_anyif(GatewayRegion, GatewayRegion != "Unknown") by CorrelationId, UserName, SessionHostName, Protocol ) on CorrelationId | where UserName in (Users) | project-away CorrelationId1 | project-reorder TimeGenerated, UserName, Protocol, GatewayRegion, SessionHostName Search graphics data in a specific time range // Query for a specific time range let start_time = todatetime('2022-09-01 00:00:00.0'); let end_time = todatetime('2022-09-15 00:00:00.0'); WVDConnectionGraphicsDataPreview | join kind = leftouter ( WVDConnections | extend Protocol = iff(UdpUse in ("<>", "0"), "TCP", "UDP") | extend GatewayRegion = iff(GatewayRegion in ("<>", ""), "Unknown", GatewayRegion) | summarize GatewayRegion = take_anyif(GatewayRegion, GatewayRegion != "Unknown") by CorrelationId, UserName, SessionHostName, Protocol ) on CorrelationId | where TimeGenerated between (start_time .. end_time) | project-away CorrelationId1 | project-reorder TimeGenerated, UserName, Protocol, GatewayRegion, SessionHostName Search graphics data for a specific session host // Query for a specific Session Host let VmName = ""; WVDConnectionGraphicsDataPreview | join kind = leftouter ( WVDConnections | extend Protocol = iff(UdpUse in ("<>=", "0"), "TCP", "UDP") | extend GatewayRegion = iff(GatewayRegion in ("<>", ""), "Unknown", GatewayRegion) | summarize GatewayRegion = take_anyif(GatewayRegion, GatewayRegion != "Unknown") by CorrelationId, UserName, SessionHostName, Protocol ) on CorrelationId | where SessionHostName == VmName | project-away CorrelationId1 | project-reorder TimeGenerated, UserName, Protocol, GatewayRegion, SessionHostName Search graphics data for a specific host pool // Query for a specific Host Pool let HostPoolName = ""; WVDConnectionGraphicsDataPreview | join kind = leftouter ( WVDConnections | extend Protocol = iff(UdpUse in ("<>", "0"), "TCP", "UDP") | extend GatewayRegion = iff(GatewayRegion in ("<>", ""), "Unknown", GatewayRegion) | summarize GatewayRegion = take_anyif(GatewayRegion, GatewayRegion != "Unknown") by CorrelationId, UserName, SessionHostName, Protocol ) on CorrelationId | where extract("/subscriptions/.*/resourcegroups/.*/providers/.*/hostpools/(.*)", 1, _ResourceId) == HostPoolName | project-away CorrelationId1 | project-reorder TimeGenerated, UserName, Protocol, GatewayRegion, SessionHostName Query all graphics data and correlate with username, protocol, gateway region, and session host name // Query all rows from graphics data table and add username, protocol, gateway region, and session host name information from connections table WVDConnectionGraphicsDataPreview | join kind = leftouter ( WVDConnections | extend Protocol = iff(UdpUse in ("<>", "0"), "TCP", "UDP") | extend GatewayRegion = iff(GatewayRegion in ("<>", ""), "Unknown", GatewayRegion) | summarize GatewayRegion = take_anyif(GatewayRegion, GatewayRegion != "Unknown") by CorrelationId, UserName, SessionHostName, Protocol ) on CorrelationId | project-away CorrelationId1 | project-reorder TimeGenerated, UserName, Protocol, GatewayRegion, SessionHostName Please feel free to submit feedback here or leave questions on this post! To learn more about the Connection Graphics Data Logs Preview and other connection quality resources, see Connection quality in Azure Virtual Desktop or our Network Data announcement from April.
AVD DomainTrustCheck errror
A Domain Trust Check error appears in the AVD host pool. This error occurs hepatically, and when you restart a virtual machine, the error disappears or occurs without it. To verify the error, we checked the event viewer and the error 0x29 KRB_AP_ERR_MODIFIED appears with event ID number 3. The AD connector server has the same event log continuously. We are currently in the process of AAD synchronization with the AD server. Please help me with how to solve it.
Teams not working in Windows 11 AVD + FSLogix
I am currently setting up and testing a Windows 11 AVD environment for future use, but I am having trouble with getting Teams to work properly. When a user logs in for the first time I am able to log into Teams. When keeping it open for a couple of minutes the client will start having problems, like crashing, restarting, staying on the "Waiting on Teams" screen or just showing a full white Teams application window. When signing off from the AVD Session Host and signing in again Teams is not working either anymore. I have found out that Teams appears to be working fine when I exclude the user profile from using FSLogix. This is not a solution however. The problem seems very similair to https://docs.microsoft.com/en-us/answers/questions/671639/teams-for-vdi-amp-fslogix.html, unfortunately the mentioned registry key is already present. Further information about the current setup: Image: Windows 11 Enterprise multi session Applied VDOT: https://github.com/The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool FSLogix: tested with versions 2105 and 2015 HF_01 Teams: Latest version installed with ALLUSER=1 and in combination with AVD Optimisations (WebRTC) I am very curious if anyone else has experienced problems like this.
AVD full screen on multiple displays
We are using the display RDP properties as per the attached screenshot. When AVD session is launched, it goes into full screen across all displays attached to device. When full screen is exited, it goes into single display mode. However, from that point onwards, full screen stays within single display and only way we can go multi-display again is to disconnect and reconnect the session. Can this behaviour be changed so that user has the flexibility to go full screen across all their displays and single display mode and vice-versa.Announcing FSLogix 2201 hotfix 1 (2.9.8171.14983) has been released!
FSLogix Release Notes - FSLogix | Microsoft Docs Summary This update for FSLogix 2201 includes fixes to Cloud Cache and container redirection processes. No new features are included with this update. Changes IMPORTANT This is a **hotfix** for FSLogix 2201 (2.9.8111.53415). If you are using Cloud Cache or have experienced intermittent system crashes as a result of FSLogix, it is recommended to install this update. Resolved an issue with Cloud Cache where disk read / write blocking could potentially create a deadlock to the disk and cause the Virtual Machine to become unresponsive. Resolved an issue that would cause a Virtual Machine to crash while removing profile redirections during the sign out process. File Information Download the following package: Download FSLogix 2201 hotfix 1 (2.9.8171.14983)Announcing FSLogix 2201 hotfix 2 (2.9.8228.50276) has been released!
FSLogix Release Notes - FSLogix | Microsoft Docs Summary This update for FSLogix 2201 includes fixes to multi-session VHD mounting, Cloud Cache meta tracking files, and registry cleanup operations. Changes IMPORTANT This is a hotfix for FSLogix 2201 (2.9.8111.53415) and includes all previous changes from v2201 hotfix 1 (2.9.8171.14983). It is recommended all customers update to this version. Resolved an issue that would cause a system crash while reading from meta tracking files in a Cloud Cache configuration. Resolved an issue where a logon would succeed even if when the disk failed to attach. Most commonly occurs in multi-session environments. Resolved an issue during profile cleanup where user registry hives would be removed regardless of the FSLogix local group exclusions. File Information Download the following package: Download FSLogix 2201 hotfix 2 (2.9.8228.50276)Azure Virtual Desktop planning - a little guide (please don't underestimate planning)!
Dear Azure Virtual Desktop friends, Again and again I encounter Azure Virtual Desktop infrastructures that were obviously poorly planned. Not only is performance poor, but security has been neglected and scalability is simply not possible. With such infrastructures, it is then simply impossible to get everything up and running again with a few adjustments. For this reason, I have tried to create a possible planning guide in this article. Let's start with the following points: Define objectives and requirements: -> Determine the purpose of the Azure Virtual Desktop infrastructure -> Identify the applications and resources required for end-users -> Establish performance, availability, and security goals -> Assess network connectivity and bandwidth requirements https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/windows-virtual-desktop https://learn.microsoft.com/en-us/training/modules/azure-virtual-desktop-architecture/3-azure-virtual-desktop-components https://azure.microsoft.com/en-us/products/virtual-desktop/assessment/ https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/windows-virtual-desktop Assess existing infrastructure: -> Evaluate current on-premises infrastructure and applications -> Identify any potential compatibility issues or bottlenecks -> Determine if any applications or services need to be migrated to Azure https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/migrate-assess https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/migrate-deploy https://learn.microsoft.com/en-us/azure/virtual-desktop/proxy-server-support https://learn.microsoft.com/en-us/azure/virtual-desktop/data-locations Choose a deployment model: -> Decide between a pooled or personal host pool -> Determine the appropriate operating system (e.g., Windows 10 or Windows Server) -> Select the necessary virtual machine sizes and configurations https://learn.microsoft.com/en-us/training/modules/azure-virtual-desktop-architecture/4-personal-pooled-desktops https://learn.microsoft.com/en-us/training/modules/design-azure-virtual-desktop-architecture/4-recommend-operate-system-azure-virtual-desktop-implementation https://learn.microsoft.com/en-us/azure/virtual-desktop/host-pool-load-balancing https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/virtual-machine-recs https://learn.microsoft.com/en-us/training/modules/azure-virtual-desktop-architecture/6-azure-limitations-for-azure-virtual-desktop Design network connectivity: -> Configure virtual networks and subnets within Azure -> Set up VPN or ExpressRoute for hybrid connectivity (if required) -> Implement network security groups and firewall rules to restrict traffic -> Plan for load balancing and traffic management https://learn.microsoft.com/en-us/azure/virtual-desktop/network-connectivity https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/network-guidance https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-network-topology-and-connectivity https://learn.microsoft.com/en-us/azure/firewall/protect-azure-virtual-desktop https://learn.microsoft.com/en-us/azure/virtual-desktop/rdp-bandwidth Plan for user profiles and data storage: -> Choose between FSLogix, Azure Files, or other profile management solutions -> Determine storage requirements and configure file shares -> Implement data backup and recovery strategies https://learn.microsoft.com/en-us/fslogix/how-to-install-fslogix https://learn.microsoft.com/en-us/fslogix/tutorial-configure-profile-containers https://learn.microsoft.com/en-us/fslogix/tutorial-configure-odfc-containers https://learn.microsoft.com/en-us/azure/virtual-desktop/store-fslogix-profile https://learn.microsoft.com/en-us/azure/virtual-desktop/fslogix-containers-azure-files https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-update-password Design application delivery: -> Decide on the application delivery method (e.g., RemoteApp, MSIx App Attach) -> Package and test applications for compatibility -> Set up application groups and assign them to appropriate users or user groups -> Implement application lifecycle management and updates https://learn.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/overview https://learn.microsoft.com/en-us/training/paths/m365-wvd/ https://learn.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/custom-apps https://learn.microsoft.com/en-us/azure/virtual-desktop/install-office-on-wvd-master-image https://learn.microsoft.com/en-us/azure/virtual-desktop/teams-on-avd https://learn.microsoft.com/en-us/azure/virtual-desktop/language-packs https://learn.microsoft.com/en-us/windows/msix/overview https://learn.microsoft.com/en-us/azure/virtual-desktop/what-is-app-attach https://learn.microsoft.com/en-us/windows/msix/packaging-tool/create-app-package Plan for identity and access management: -> Integrate Azure Active Directory (AD) for user authentication and authorization -> Configure Multi-Factor Authentication (MFA) for added security -> Set up role-based access control (RBAC) to manage user permissions https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-identity-and-access-management https://learn.microsoft.com/en-us/azure/active-directory-domain-services/compare-identity-solutions https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/azure-virtual-desktop-azure-active-directory-join Estimate costs and optimize resources: -> Calculate the expected infrastructure costs based on VM sizes, storage, and network usage -> Evaluate licensing requirements for Azure Virtual Desktop and other services -> Implement cost management and optimization strategies, such as auto-scaling and reserved instances https://learn.microsoft.com/en-us/azure/virtual-desktop/prerequisites https://learn.microsoft.com/en-us/azure/virtual-desktop/remote-app-streaming/total-costs https://azure.microsoft.com/en-us/pricing/details/virtual-desktop/ https://azure.microsoft.com/de-de/pricing/reserved-vm-instances/ https://learn.microsoft.com/en-us/azure/virtual-machines/windows/hybrid-use-benefit-licensing Develop a monitoring and management strategy: -> Monitor the performance and health of the Azure Virtual Desktop environment using Azure Monitor and Log Analytics -> Set up alerts and notifications for critical events or performance issues -> Implement a patch management strategy to ensure OS and application updates https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-management-and-monitoring https://learn.microsoft.com/en-us/training/paths/monitor-maintain-azure-virtual-desktop-infrastructure/ https://learn.microsoft.com/en-us/azure/virtual-desktop/insights https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/manage https://learn.microsoft.com/en-us/azure/virtual-desktop/security-guide https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-security-governance-and-compliance https://learn.microsoft.com/en-us/azure/virtual-desktop/diagnostics-log-analytics https://github.com/tomwechsler/Azure_Virtual_Desktop/blob/main/Scripte/WVD_Log_Analytics_KQL.ps1 Plan for disaster recovery and business continuity: -> Design a backup and recovery strategy for user profiles, applications, and data -> Implement redundancy and failover solutions for critical components -> Test disaster recovery procedures and update them as needed https://learn.microsoft.com/en-us/azure/virtual-desktop/disaster-recovery https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-business-continuity-and-disaster-recovery https://learn.microsoft.com/en-us/azure/virtual-desktop/disaster-recovery-concepts https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/azure-virtual-desktop-multi-region-bcdr Once you have successfully worked through the planning, it is time to prepare the implmentation. Again, take enough time to work through the various items. This way, you are well on your way to successfully deploying an Azure Virtual Desktop infrastructure. Prepare for implementation: -> Create a detailed project plan with timelines and milestones -> Assign roles and responsibilities to team members -> Develop a testing and validation plan to ensure the infrastructure meets objectives and requirements https://learn.microsoft.com/en-us/azure/virtual-desktop/getting-started-feature https://azure.microsoft.com/en-us/resources/get-step-by-step-guidance-to-quickly-deploy-azure-virtual-desktop/ Execute deployment and migration: -> Deploy the Azure Virtual Desktop infrastructure according to the project plan -> Migrate user profiles, applications, and data as needed -> Test connectivity, performance, and functionality to ensure a successful migration https://azure.microsoft.com/en-us/resources/get-step-by-step-guidance-to-quickly-deploy-azure-virtual-desktop/ https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/wvd/eslz-platform-automation-and-devops Conduct user training and support: -> Develop training materials and resources to familiarize end-users with the new environment -> Conduct training sessions for end-users and provide ongoing support -> Establish a helpdesk or support process to address user issues and concerns https://learn.microsoft.com/en-us/azure/virtual-desktop/users/ https://azure.microsoft.com/en-us/support https://learn.microsoft.com/en-us/training/modules/m365-wvd-intro/ Monitor, manage, and optimize the environment: -> Continuously monitor the Azure Virtual Desktop infrastructure for performance, availability, and security -> Address any issues or concerns that arise during daily operations -> Periodically review and optimize resources, costs, and configurations to improve the overall user experience https://learn.microsoft.com/en-us/azure/virtual-desktop/disaster-recovery-concepts https://learn.microsoft.com/en-us/azure/virtual-desktop/security-guide https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-virtual-desktop-security-baseline It is absolutely clear to me that this is not an exhaustive list. However, I hope that this information will help you as a basis/start to successfully build an Azure Virtual Desktop infrastructure. Thank you for taking the time to read this article. Best regards, Tom Wechsler P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechslerUser disconnects, signs back in and does not get their FSLogix profile
Hey everyone, I have an AVD environment with an FSLogix Azure file share joined to the domain. Sometimes users will just close their RDP session, putting their profile into a disconnected state. When they log back in, it does not give them their session back and locks their profile. This has been a huge headache - is this a known issue in AVD? I can enable multi-session writeback but I feel like that's a work around. I know there's a possible fix in the FSLogix preview but what is your experience with it?Azure Virtual Desktop and Azure AD Join with Enroll VM in Intune - possible pitfall!
Dear Azure Virtual Desktop friends, If you want to set up Azure Virtual Desktop infrastructure in Azure and you have chosen Azure AD Join and with Enroll VM with Intune, you may get the following error message: -------------------- [{"code":"VMExtensionProvisioningError","message":"VM has reported a failure when processing extension 'AADLoginForWindows'. Error message: \"AAD Join failed with status code: -2145648509. AzureSecureVMJoinOperation: DeviceEnroller::AzureSecureVMEnroll failed 0x801c0083.\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/vmextensionwindowstroubleshoot "}]} -------------------- This could possibly be because you have reached the limit for adding devices to Intune. You can find this information in the Intune Admincenter and increase the value. Either edit the default settings or set up a new Restriction policy. I realize it's not super, great, extra news, but I ran into these limitations during a deployment and the hints weren't necessarily obvious. Thank you for taking the time to read the article. Best regards, Tom Wechsler P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler
