Step by Step Deployment of Microsoft Cloud PC (Windows 365 Enterprise) from Scratch – Part 1
There are lot of blogs published about windows 365 since its release in August 2nd, 2021, however in this series of blog I would like to focus on the enterprise deployment of the Windows 365 from scratch. Windows 365 is a cloud-based service that automatically creates a new type of Windows virtual machine (Cloud PCs) for your end users. Each Cloud PC is assigned to an individual user and is their dedicated Windows device. Windows 365 provides the productivity, security, and collaboration benefits of Microsoft 365.
Windows 365 is available in two editions:
- Windows 365 Business is made specifically for use in smaller companies (up to 300 seats) who want ready-to-use Cloud PCs with simple management options.
- Windows 365 Enterprise is for larger companies who want unlimited seats for creating Cloud PCs. It includes options to create custom Cloud PCs based on device images that you create, more management options, and full integration with Microsoft Endpoint Manager.
In my today’s post I would like to discuss about how you can deploy Windows 365 Enterprise step by step.
Windows 365 Enterprise is a cloud-based service that automatically creates a new type of Windows virtual machine (Cloud PCs) for your end users. It provides the productivity, security, and collaboration benefits of Microsoft 365. Windows 365 Enterprise uses:
- Microsoft Endpoint Manager to manage the Cloud PCs.
- Azure Active Directory (Azure AD) for identity and access control.
- Azure Virtual Desktop for remote connectivity.
In the first step you need to by the Windows 365 License. The basic pre-requisite which must be meet to enable the Windows 365 Enterprise
- Intune License must be present in Azure AD
- Azure AD Hybrid Joined must be enabled
A more detail pre-requisite in terms of technical requirement is listed below for the Windows 365:
To use Windows 365, you have to have the following requirements:
- Licenses need in order to use Cloud PC/Windows 365:
- Users with Windows Pro endpoints: Windows 10 Enterprise E3 + EMS E3 or Microsoft 365 F3/E3/E5/BP
- Users w/non-Windows Pro endpoints: Windows VDA E3 + EMS E3 or Microsoft 365 F3/E3/F5/BP
- Azure subscription
- Subscription Owner (setup network connection)
- Virtual Network (vNET) in Azure subscription
- Azure vNET virtual Network must route to a DNS server that can resolve Active Directory records either on-premises or on Azure.
- This AD must be in sync with Azure AD to provide hybrid identity in Azure AD
- Microsoft Intune supported licenses (e.g. Microsoft 365 E3)
- Intune Service Admin
In the first step of the cloud PC deployment we will first log in to the end point manager portal. In the cloud PC everything works together with Microsoft Endpoint Manager. From within the Devices blade, you will get access to the Windows 365 – Cloud PC service.
Quickly see the status of your environment (e.g. provisioning, connection health, etc.) with the Overview dashboard.
Step 1: Create the On-Premises Network Connection
Login to the end point manager portal https://endpoint.microsoft.com/ and go to the device blade.
You can see in Provisioning Windows 365 is showing. Go to the On-Premises connection tab.
Make sure you have proper access in your Azure Subscription where you want to create the network connection. Else you will get the above error.
In the next step select the Azure Subscription, select the VNET and the subnet as shown below.
In the next step provide your Active Directory Details
The next is create a connection.
Now the network connection will be created
The next step you can see below Status of the connection is showing Running checks
Let’s see what all it will check as part of the connection.
I have check the warning and it showing like the below
However, you can ignore the above warning and proceed to the next step.
That’s all for today, Next week I will show you how you can create a Provisioning Policy for the cloud PC and assign that policy to the users. Stay Tuned. You can click here to read the 2nd part of this post.