Azure Virtual Desktop Gets Tagging and Single Sign-On Previews
Microsoft this week announced a couple of previews for organizations using the Azure Virtual Desktop virtual desktop infrastructure service.
There's a new Microsoft Cost Management tagging capability that organizations can use to assess host pool costs, per this Microsoft announcement. Also, the Azure Virtual Desktop service now has a single sign-on (SSO) capability that's at the preview stage, as described here.
The SSO preview capability lets end users authenticate without having to use the session host credential prompt, according to Microsoft's document description. "Without SSO, the client will prompt users for their session host credentials for every connection," the document explained.
Instead, users can authenticate using Microsoft's Windows Hello biometric authentication feature, such as a face scan. Alternatively, they can use a FIDO key, such as a card or key fob, for authentication using Windows desktop clients.
The SSO preview for the Azure Virtual Desktop service offers the following options, per the announcement:
- Enable a single sign-on experience to Azure AD-joined and Hybrid Azure AD-joined session hosts when using the Windows and the web clients
- Use passwordless authentication to sign in to the host using Azure AD
- Use passwordless authentication inside the session when using the Windows client
- Use third-party Identity Providers (IdP) that integrate with Azure AD to sign in to the host
Organizations can use the SSO preview, which "is not recommended for production workloads," with Windows 11 or Windows 10 single or multisession clients or with Windows Server 2022. The SSO preview requires first installing "the September Cumulative Update Preview," the announcement indicated.
Enablement of the SSO preview is said to be "easy," per this Azure Academy video demo.
Cost Management Tagging Preview
The Azure Virtual Desktop service also this week got a new Microsoft Cost Management tagging capability at the preview stage. Tagging is an existing Azure services capability that's getting previewed for use with the Azure Virtual Desktop service.
IT pros can tag Azure services using the "Azure portal or through PowerShell," Microsoft explained in this document. The tags are just text in the format of a "key-value pair." The tag information gets reported to Azure Cost Management, which "shows organizational cost and usage patterns with advanced analytics."
Tagging can be tricky, though. Here's the document's description to that end:
Tags only report usage and cost data for Azure resources they're directly assigned to. If you've tagged a resource without tagging the other resources in it, then Azure Virtual Desktop will only report activity related to the top-level tagged resource. You'll also need to tag every resource under that top-level resource if you want your billing data to be accurate.
Microsoft recommends tagging Azure Virtual Desktop resources such as "resource groups, virtual machines, disks, and network interface cards (NICs)," per the document.
It's also possible to use tags to help automate processes, such as monthly virtual machine clean-up tasks, according to this Azure Academy video.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.