First announced in early 2021, Windows 365 is Microsoft’s latest product that is making waves in the domain of virtualization technology. It is a platform that has been designed to take the desktop-as-a-service experience to greater heights.
Windows 365 is built on top of existing Azure Virtual Desktop infrastructure. It provides clients with PCs in the cloud that can be provisioned from the very same Microsoft Endpoint Manager dashboard that your organization may be using to manage your physical devices and VMs.
However, unlike with AVD where the pricing is consumption-based, Windows 365 comes in two editions – Windows 365 Business and Windows 365 Enterprise – both of which have fixed per-user monthly pricing. But, as with any product, It gets better with regular updates and Microsoft just announced a few that we should definitely take a look at.
What is Azure AD Join?
When we talk about Azure AD joined devices we are referring to devices whose computer object is no longer stored in the on-premises Active Directory Domain Services environment. Rather, it is now located in Azure Active Directory.
Simply put, by using Azure AD Join you’ll be able to join devices directly to Azure AD without the need to join to on-premises Active Directory. And all this can be done while keeping your users productive and secure. Your admins can easily leverage Azure AD Join for both at-scale and scoped deployments.
In addition, you can get single sign-on (SSO) access to on-premises resources for all your devices that are Azure AD joined. But, as you can imagine, this makes a rather significant change to how IT professionals have been managing devices over the decades. So when considering Azure AD Join there are a few criteria you can look at to help you decide:
- If your goal is to adopt Microsoft 365 as the productivity suite for your users then Azure AD Join could be ideal for you.
- Another ideal scenario is if you are interested in device management using a cloud device management solution.
- Azure AD join would also be good for those wanting to simplify device provisioning for geographically distributed users.
- Lastly, if you are planning on modernizing your application infrastructure then it’s worth considering.
Adding the ‘join’ feature
So after looking at what Azure AD Join is, it’s probably not surprising that one of the biggest requests that have been made to Microsoft regarding Windows 365 has been to simplify the onboarding process by adding this feature. And there’s great news for all admins out there.
Microsoft has recently announced some Windows 365 updates and undoubtedly the Azure AD Join Windows 365 Cloud PC support is going to draw a lot of attention. Microsoft had this to say in the announcement:
” This has been by far the most requested feature since Windows 365 reached general availability. With Azure AD Join as a Cloud PC join type option, you no longer need an existing Azure infrastructure to use the service, just your Azure AD users.”
This new feature is meant to make it easier for admins to onboard users using Azure Active Directory. As one can imagine, this is a huge development when you consider just how integral Azure AD is to Microsoft’s identity and security services.
Therefore, bringing the ‘join’ feature to the Windows 365 platform will go a long way in maintaining the theme of ease of use that Microsoft has described for its Cloud PC. Until now, the ‘join’ feature has helped businesses that use the on-premises version of Active Directory by functioning as a device-joining bridge.
So bringing Azure AD Join to the Windows 365 platform is going to enable admins to enroll devices without the need to have on-premises Active Directory. Now all you need to do is use your Azure AD users.
Localized first run experience
One of the key aspects that can help to expand the reach of Windows 365 is to ensure that clients in any part of the world can make use of this platform as easily as those within the United States. To that end, Microsoft is aiming to simplify the configuration process by enabling admins to set up local language Cloud PCs easily and at first login.
What this entails is that when you’ll be doing the process of creating provisioning policies, this new update will enable you to configure a Language & Region pack to be installed on the Cloud PCs during provisioning. Currently, it appears as though there will be 38 languages available.
Also, the process should be a relatively simple one. It will require you to navigate to the Microsoft Endpoint Manager admin center. There you’ll find Language & Region under Configuration where you can then proceed to select your language of choice.
So what about already provisioned Cloud PCs? Well, Microsoft has made it such that provisioned Cloud PCs can also reap the same benefits. Admins will be able to change the configured language for any existing provisioning policies that you choose and subsequently reprovision any desired Cloud PCs.
I think most admins will agree that this new feature is going to vastly simplify their lives. You no longer have to spend all that time manually installing language packs onto a custom image to l
I think most admins will agree that this new feature is going to vastly simplify their lives. You no longer have to spend all that time manually installing language packs onto a custom image to localize your Cloud PCs. Instead, all you need to do is simply configure language settings in a gallery image.
Adding more regions
In addition to providing organizations with local languages for their Cloud PCs, Microsoft is looking to reach more people by expanding the regions they support.
With the February 2022 announcement, Microsoft informed their clients that with immediate effect the US Central region and the Germany West Central region were now on the list of supported regions for Windows 365.
So for any businesses that would like to use the new features that are Azure AD Join and Microsoft hosted network, you simply head over to the Region drop-down and you’ll see these as available options.
Create a virtual network
So if you intend to bring your own network you’ll need to ensure that you create virtual networks in advance in one of these new regions. This virtual network is necessary for connecting to resources in the cloud.
As you migrate compute workloads to the cloud you’ll discover that a virtual network is integral to the process. There needs to be communication among your resources but this has to happen in a secure environment. There are several ways you can use to create a virtual network including:
- Creating a virtual network using the Azure portal.
- Creating a virtual network using PowerShell.
- Creating a virtual network using the Azure CLI.
- Creating a virtual network using the Azure Resource Manager template.
Create an on-premises network connection
After you have completed the process of creating a virtual network, you’ll then need to create a new on-premises network connection with this virtual network. And what an on-premises network connection (OPNC) is, is an object in the Microsoft Endpoint Manager admin center.
This is what provides Cloud PC provisioning profiles with the required information to connect to on-premises resources. So before you get started with creating the OPNC, you’ll need the following:
- AD DNS domain name
- Organizational unit
- Configure Azure AD Connect
- AD username UPN
- AD join password
With everything now in place, you first need to find your domain name which is simple enough with access to a domain controller. Once you know your domain name then you can proceed to validate the User Principal Name Suffix (UPN Suffix). Checking that your UPN Suffix is routable is extremely important to avoid problems later on.
With that done, you need to create an Organizational Unit that will allow you to properly manage your Cloud PCs and dedicated GPOs. To perform this task, go to AD Users and Computers mmc and then head over to where you want to set your new Organizational Unit. Next, you can then either right-click an existing Organizational Unit or click where you want to create a new one.
Next, you need to ensure that Azure AD Connect is properly configured to get users synchronized with Azure AD. This you will do by opening Azure AD Connect and then selecting Configure device options.
Finally, you need to fill in the AD username UPN and the AD domain password. Then click next. On the page that then appears click Review+create. It should take no more than a few minutes to create the on-premises network connection. And if you have configured everything properly, you’ll see a “checks successful” status.
Become more proficient
Improving your proficiency in Windows 365 is critical to your organization taking full advantage of what the platform has to offer. Microsoft designed Windows 365 to be easy to use from the outset.
So, unlike with Azure Virtual Desktop, your organization does not need to have an Azure Solutions expert on staff to configure and manage your Windows 365 environment. The provisioning and deployment process should not present too many difficulties. And it will be even easier with the new updates that have just been announced.
Also, to learn more about Windows 365 Enterprise and utilizing these features, Microsoft has a video on Windows in the Cloud that you should take a look at.
In addition, to help Windows 365 clients, even more, Microsoft is going to be hosting Ask Microsoft Anything (AMA) events specifically dedicated to Windows 365. These will be held on the fourth Wednesday of every month starting February 2022. So all interested parties should make a note in their calendars for Wednesday, February 23rd at 8:00 AM Pacific Time.
Any questions that you have about Windows 365 will be up for discussion including questions regarding the available features, provisioning, deployment, customization, best practices, and anything else you may need clarification on.
And Microsoft will have members from its engineering and product teams available at these hour-long events to help you and provide you with the answers you need.
Therefore, if your organization wants to get the most out of running Windows in the cloud, there’s probably no better place to get the information you need.
As Microsoft has stated previously, the feedback that they constantly receive from clients has been crucial in the creation of Windows 365. And Microsoft wants to continue in that manner as the platform continues to evolve.
To that end, Microsoft is availing a platform to us where we can forward our feedback and/or suggestions. So if you want to help further enhance Windows 365 and have ideas that you’d like to share you can do so at https://aka.ms/W365feedback.
There’s no denying the impact that Windows 365 is having on the way that businesses manage their IT environments. Admins can benefit from a platform that is easy to use and provides their organization with a great virtualization experience. And one of the truly good things about the services is that Microsoft appears to be paying attention to the feedback from its clients.
This is something that is pretty much evident in the new updates that have been recently announced. By giving us Azure AD Join Cloud PC support Microsoft simplifies the process of enrolling devices without an on-premises Active Directory. Not only that but this feature can help to increase the appeal of Windows 365 to those who may have been on the fence about it.
Talking of expanding appeal, having more regions that are supported and availing local language packages for Cloud PCs should go a long way with that. It can allow clients from different parts of the world to have a better experience with the Windows 365 Cloud PC.
And all this will be done without burdening IT with the task of manually installing language packs onto a custom image. Windows 365 has a goal to revolutionize the virtualization domain and with regular improvements like this, that reality is far from impossible.