This article is an excerpt from the book, Mastering Windows 365, by Jonathan R. Danylko. Mastering Windows 365 provides you with detailed knowledge of cloud PCs by exploring its designing model and analyzing its security environment. This book will help you extend your existing skillset with Windows 365 effectively.
Introduction
In today's cloud-centric world, establishing a secure and efficient network infrastructure is crucial for businesses of all sizes. Microsoft Azure, with its robust set of networking tools, provides a seamless way to connect various environments, including Windows 365. In this guide, we will walk you through the process of creating a virtual network in Azure, and how to connect it to a Windows 365 environment. Whether you're setting up a new network or integrating an existing one, this step-by-step tutorial will ensure you have the foundation necessary for a successful deployment.
Creating a virtual network in Azure
Start by going to https://portal.azure.com/ and create a new virtual network. It's quite straightforward. You can use all the default settings, but take care that you aren't overlapping the address space with an existing one you are already using:
2. Start the creation of a new virtual network. From here, choose the Resource group option and the name of the virtual network. When these have been defi ned, choose Next.
Figure 3.5 – Virtual network creation basic information
3. There are some security features you can enable on the virtual network. Th ese features are optional, but Azure Firewall should be considered if no other fi rewall solution is deployed.
When you are ready, click on Next.
Figure 3.6 – Virtual network creation security
4. Now the IP address range and subnets must be defined. Once these have been defi ned, click on Next.
Figure 3.7 – Virtual network creation | IP addresses
5. Next, we can add any Azure tags that might be required for your organization. We will leave it as is in this case. Click on Next.
Now that the virtual network has been created, we can start looking at how we create an ANC in Intune. We will look at the confi guration for both an AADJ and HAADJ network connection.
Setting up an AADJ ANC
Let's have a look at how to configure an ANC for AADJ Cloud PC device :
1. Start by going to Microsoft Intune | Devices | Windows 365 | Azure network connection.
From here, click on + Create and select Azure AD Join:
Figure 3.10 – Creating an ANC in Windows 365 overview
2. Fill out the required information such as the display name of the connection, the virtual network, and the subnet you would like to integrate with Windows 365. Once that is done, click on Next.
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at €18.99/month. Cancel anytime
Figure 3.11 – Creating an AADJ ANC | network details
3. Review the information you have filled in. When you are ready, click Review + create:
Figure 3.12 – Creating an AADJ ANC | settings review
Once the ANC has been created, you are now done and should be able to view the connection in the ANC overview. You can now use that virtual network in your provisioning policy.
Figure 3.13 – Windows 365 ANC network overview
Setting up a HAADJ ANC
A HAADJ network connection is a bit trickier to set up than the previous one. We must ensure the virtual network we are using has a connection with the domain we are trying to join. Once we are sure about that, let's go ahead and create a connection:
1. Visit Microsoft Intune | Windows 365 | Azure network connection. From here, click on + Create and select Hybrid Azure AD Join.
Figure 3.14 – Creating a HAADJ ANC in Windows 365 | Overview
2. Provide the required information such as the display name of the connection, the virtual network, and the subnet you would like to integrate with Windows 365. Click Next.
Figure 3.15 – Creating a HAADJ ANC | network details
3. Type the domain name you want the Cloud PCs to join. The Organization Unit field is optional. Type in the AD username and password for your domain-joined service account. Once done, click Next:
Figure 3.16 – Creating a HAADJ ANC | domain details
4. Review the settings provided and click on Review + create. The connection will now be established:
Figure 3.17 – Creating a HAADJ ANC | settings details
Once the creation is done, you can view the connection in the ANC overview. You will now be able to use that virtual network in your provisioning policy.
Figure 3.18 – Windows 365 ANC network overview
Conclusion
Creating a virtual network in Azure and connecting it to your Windows 365 environment is a fundamental step towards leveraging the full potential of cloud-based services. By following the outlined procedures, you can ensure a secure and efficient network connection, whether you're dealing with Azure AD Join (AADJ) or Hybrid Azure AD Join (HAADJ) scenarios. With the virtual network and ANC now configured, you are well-equipped to manage and monitor your network connections, enhancing the overall performance and reliability of your cloud infrastructure.
Author Bio
Christiaan works as a Principal Program Manager and Community Lead on the Windows Cloud Experiences (Windows 365 + AVD) Engineering team at Microsoft, bringing his expertise to help customers imagine new virtualization experiences. A former Global Black Belt for Azure Virtual Desktop, Christiaan joined Microsoft in 2018 as part of the FSLogix acquisition. In his role at Microsoft, he worked on features such as Windows 365 app, Switch, and Boot. His mission is to drive innovation while bringing Windows 365, Windows, and Microsoft Endpoint Manager (MEM) closer together, and drive community efforts around virtualization to empower Microsoft customers in leveraging new cloud virtualization scenarios.
Sandeep is a virtualization veteran with nearly two decades of experience in the industry. He has shipped multiple billion-dollar products and cloud services for Microsoft to a global user base including Windows, Azure Virtual Desktop, and Windows 365. His contributions have earned him multiple patents in this field. Currently, he leads a stellar team that is responsible for building the product strategy for Windows 365 and Azure Virtual Desktop services and shaping the future of end-user experiences for these services.
Morten works as a Cloud Architect for a consultant company in Denmark where he advises and implements Microsoft virtual desktop solutions to customers around the world, Morten started his journey as a consultant over 8 years ago where he started with managing client devices but quickly found a passion for virtual device management. Today Windows 365 and Azure Virtual Desktop are the main areas that are being focused on alongside Microsoft Intune. Based on all the community activities Morten has done in the past years, he got rewarded with the Microsoft MVP award in the category of Windows 365 in March 2022.
United States
United Kingdom
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Argentina
Austria
Belgium
Bulgaria
Chile
Colombia
Cyprus
Czechia
Denmark
Ecuador
Egypt
Estonia
Finland
Greece
Hungary
Indonesia
Ireland
Italy
Japan
Latvia
Lithuania
Luxembourg
Malaysia
Malta
Mexico
Netherlands
New Zealand
Norway
Philippines
Poland
Portugal
Romania
Singapore
Slovakia
Slovenia
South Africa
South Korea
Sweden
Switzerland
Taiwan
Thailand
Turkey
Ukraine
