Merge pull request #106770 from TimShererWithAquent/us1680669e

v-albemi · web-flow · commit 9d44c2a4a989 · 2020-03-10T15:35:11.000-07:00
[1680669 Freshness]
diff --git a/articles/virtual-desktop/create-host-pools-azure-marketplace.md b/articles/virtual-desktop/create-host-pools-azure-marketplace.md
@@ -6,22 +6,30 @@ author: Heidilohr
 
 ms.service: virtual-desktop
 ms.topic: tutorial
-ms.date: 08/30/2019
+ms.date: 03/09/2020
 ms.author: helohr
 ---
 # Tutorial: Create a host pool by using the Azure Marketplace
 
+In this tutorial, you'll learn how to create a host pool within a Windows Virtual Desktop tenant by using a Microsoft Azure Marketplace offering.
+
 Host pools are a collection of one or more identical virtual machines within Windows Virtual Desktop tenant environments. Each host pool can contain an app group that users can interact with as they would on a physical desktop.
 
-This tutorial describes how to create a host pool within a Windows Virtual Desktop tenant by using a Microsoft Azure Marketplace offering. The tasks include:
+The tasks in this tutorial include:
 
 > [!div class="checklist"]
+>
 > * Create a host pool in Windows Virtual Desktop.
 > * Create a resource group with VMs in an Azure subscription.
 > * Join the VMs to the Active Directory domain.
 > * Register the VMs with Windows Virtual Desktop.
 
-Before you begin, [download and import the Windows Virtual Desktop PowerShell module](/powershell/windows-virtual-desktop/overview/) to use in your PowerShell session if you haven't already. After that, run the following cmdlet to sign in to your account:
+## Prerequisites
+
+* A tenant in Virtual Desktop. A previous [tutorial](tenant-setup-azure-active-directory.md) creates a tenant.
+* [Windows Virtual Desktop PowerShell module](/powershell/windows-virtual-desktop/overview/).
+
+Once you have this module, run the following cmdlet to sign in to your account:
 
 ```powershell
 Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"
@@ -36,103 +44,113 @@ Sign in to the [Azure portal](https://portal.azure.com).
 To run the Azure Marketplace offering to provision a new host pool:
 
 1. On the Azure portal menu or from the **Home** page, select **Create a resource**.
-2. Enter **Windows Virtual Desktop** in the Marketplace search window.
-3. Select **Windows Virtual Desktop - Provision a host pool**, and then select **Create**.
+1. Enter **Windows Virtual Desktop** in the Marketplace search window.
+1. Select **Windows Virtual Desktop - Provision a host pool**, and then select **Create**.
 
-After that, follow the instructions in the next section to enter the information for the appropriate blades.
+After that, follow the instructions in the next section to enter the information for the appropriate tabs.
 
 ### Basics
 
-Here's what you do for the **Basics** blade:
+Here's what you do for the **Basics** tab:
 
-1. Enter a name for the host pool that’s unique within the Windows Virtual Desktop tenant.
-2. Select the appropriate option for a personal desktop. If you select **Yes**, each user that connects to this host pool will be permanently assigned to a virtual machine.
-3. Enter a comma-separated list of users who can sign in to the Windows Virtual Desktop clients and access a desktop after the Azure Marketplace offering finishes. For example, if you want to assign user1@contoso.com and user2@contoso.com access, enter "user1@contoso.com,user2@contoso.com."
-4. Select **Create new** and provide a name for the new resource group.
-5. For **Location**, select the same location as the virtual network that has connectivity to the Active Directory server.
-6. Select **Next : Configure virtual machines >**.
+1. Select a **Subscription**.
+1. For **Resource group**, select **Create new** and provide a name for the new resource group.
+1. Select a **Region**.
+1. Enter a name for the host pool that's unique within the Windows Virtual Desktop tenant.
+1. Select **Desktop type**. If you select **Personal**, each user that connects to this host pool is permanently assigned to a virtual machine.
+1. Enter users who can sign in to the Windows Virtual Desktop clients and access a desktop. Use a comma-separated list. For example, if you want to assign `user1@contoso.com` and `user2@contoso.com` access, enter *`user1@contoso.com,user2@contoso.com`*
+1. For **Service metadata location**, select the same location as the virtual network that has connectivity to the Active Directory server.
 
->[!IMPORTANT]
->If you're using a pure Azure Active Directory Domain Services and Azure Active Directory solution, make sure to deploy your host pool in the same region as your Azure Active Directory Domain Services to avoid domain-join and credential errors.
+   >[!IMPORTANT]
+   >If you're using a pure Azure Active Directory Domain Services (Azure AD DS) and Azure Active Directory (Azure AD) solution, make sure to deploy your host pool in the same region as your Azure AD DS to avoid domain-join and credential errors.
+
+1. Select **Next: Configure virtual machines**.
 
 ### Configure virtual machines
 
-For the **Configure virtual machines** blade:
+For the **Configure virtual machines** tab:
+
+1. Either accept the defaults or customize the number and size of the virtual machines.
 
-1. Either accept the defaults or customize the number and size of the VMs.
-    
     >[!NOTE]
-    >If the specific VM size you're looking for doesn't appear in the VM size selector, that's because we haven't onboarded it to the Azure Marketplace tool yet. To request a VM size, create a request or upvote an existing request in the [Windows Virtual Desktop UserVoice forum](https://windowsvirtualdesktop.uservoice.com/forums/921118-general).
-    
-2. Enter a prefix for the names of the virtual machines. For example, if you enter the name "prefix," the virtual machines will be called "prefix-0," "prefix-1," and so on.
-3. Select **Next : Virtual machine settings**.
+    >If the specific virtual machine size you're looking for doesn't appear in the size selector, that's because we haven't onboarded it to the Azure Marketplace tool yet. To request a size, create a request or upvote an existing request in the [Windows Virtual Desktop UserVoice forum](https://windowsvirtualdesktop.uservoice.com/forums/921118-general).
+
+1. Enter a prefix for the names of the virtual machines. For example, if you enter *prefix*, the virtual machines will be called **prefix-0**, **prefix-1**, and so on.
+1. Select **Next: Virtual machine settings**.
 
 ### Virtual machine settings
 
-For the **Virtual machine settings** blade:
+For the **Virtual machine settings** tab:
 
->[!NOTE]
-> If you're joining your VMs to an Azure Active Directory Domain Services (Azure AD DS) environment, ensure that your domain join user is a member of the [AAD DC Administrators group](../active-directory-domain-services/tutorial-create-instance-advanced.md#configure-an-administrative-group).
->
-> The account must also be part of the Azure AD DS managed domain or Azure AD tenant - accounts from external directories associated with your Azure AD tenant can't correctly authenticate during the domain-join process. 
+1. For **Image source**, select the source and enter the appropriate information for how to find it and how to store it. Your options differ for Blob storage, Managed image, and Gallery.
 
-1. For **Image source**, select the source and enter the appropriate information for how to find it and how to store it. If you choose not to use managed disks, select the storage account that contains the .vhd file.
-2. Enter the user principal name and password for the domain account that will join the VMs to the Active Directory domain. This same username and password will be created on the virtual machines as a local account. You can reset these local accounts later.
-3. Select the virtual network that has connectivity to the Active Directory server, and then choose a subnet to host the virtual machines.
-4. Select **Next: Windows Virtual Desktop information**.
+   If you choose not to use managed disks, select the storage account that contains the *.vhd* file.
+1. Enter the user principal name and password. This account must be the domain account that will join the virtual machines to the Active Directory domain. This same username and password will be created on the virtual machines as a local account. You can reset these local accounts later.
+
+   >[!NOTE]
+   > If you're joining your virtual machines to an Azure AD DS environment, ensure that your domain join user is a member of the [AAD DC Administrators group](../active-directory-domain-services/tutorial-create-instance-advanced.md#configure-an-administrative-group).
+   >
+   > The account must also be part of the Azure AD DS managed domain or Azure AD tenant. Accounts from external directories associated with your Azure AD tenant can't correctly authenticate during the domain-join process.
+
+1. Select the **Virtual network** that has connectivity to the Active Directory server, and then choose a subnet to host the virtual machines.
+1. Select **Next: Windows Virtual Desktop information**.
 
 ### Windows Virtual Desktop tenant information
 
-For the **Windows Virtual Desktop tenant information** blade:
+For the **Windows Virtual Desktop tenant information** tab:
 
 1. For **Windows Virtual Desktop tenant group name**, enter the name for the tenant group that contains your tenant. Leave it as the default unless you were provided a specific tenant group name.
-2. For **Windows Virtual Desktop tenant name**, enter the name of the tenant where you'll be creating this host pool.
-3. Specify the type of credentials that you want to use to authenticate as the Windows Virtual Desktop tenant RDS Owner. If you completed the [Create service principals and role assignments with PowerShell tutorial](./create-service-principal-role-powershell.md), select **Service principal**. When **Azure AD tenant ID** appears, enter the ID for the Azure Active Directory instance that contains the service principal.
-4. Enter the credentials for the tenant admin account. Only service principals with a password credential are supported.
-5. Select **Next : Review + create**.
+1. For **Windows Virtual Desktop tenant name**, enter the name of the tenant where you'll be creating this host pool.
+1. Specify the type of credentials that you want to use to authenticate as the Windows Virtual Desktop tenant RDS Owner. Enter the UPN or Service principal and a password.
+
+   If you completed the [Create service principals and role assignments with PowerShell tutorial](./create-service-principal-role-powershell.md), select **Service principal**.
+
+1. For **Service principal**, for **Azure AD tenant ID**, enter the tenant admin account for the Azure AD instance that contains the service principal. Only service principals with a password credential are supported.
+1. Select **Next: Review + create**.
 
 ## Complete setup and create the virtual machine
 
-For the last two blades:
+In **Review and Create**, review the setup information. If you need to change something, go back and make changes. When you're ready, select **Create** to deploy your host pool.
 
-1. On the **Review and Create** blade, review the setup information. If you need to change something, go back to the appropriate blade and make your change before continuing. If the information looks right, select **OK**.
-2. Select **Create** to deploy your host pool.
+Depending on how many virtual machines you're creating, this process can take 30 minutes or more to complete.
 
-Depending on how many VMs you’re creating, this process can take 30 minutes or more to complete.
+>[!IMPORTANT]
+> To help secure your Windows Virtual Desktop environment in Azure, we recommend you don't open inbound port 3389 on your virtual machines. Windows Virtual Desktop doesn't require an open inbound port 3389 for users to access the host pool's virtual machines.
+>
+> If you must open port 3389 for troubleshooting purposes, we recommend you use just-in-time access. For more information, see [Secure your management ports with just-in-time access](../security-center/security-center-just-in-time.md).
 
 ## (Optional) Assign additional users to the desktop application group
 
-After the Azure Marketplace offering finishes, you can assign more users to the desktop application group before you start testing the full session desktops on your virtual machines. If you've already added default users in the Azure Marketplace offering and don't want to add more, you can skip this section.
+After Azure Marketplace finishes creating the pool, you can assign more users to the desktop application group. If you don't want to add more, skip this section.
 
-To assign users to the desktop application group, you must first open a PowerShell window. After that, you'll need to enter the following two cmdlets.
+To assign users to the desktop application group:
 
-Run the following cmdlet to sign in to the Windows Virtual Desktop environment:
+1. Open a PowerShell window.
 
-```powershell
-Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"
-```
+1. Run the following command to sign in to the Windows Virtual Desktop environment:
 
-Add users to the desktop application group by using this cmdlet:
+   ```powershell
+   Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"
+   ```
 
-```powershell
-Add-RdsAppGroupUser <tenantname> <hostpoolname> "Desktop Application Group" -UserPrincipalName <userupn>
-```
+1. Add users to the desktop application group by using this command:
 
-The user’s UPN should match the user’s identity in Azure Active Directory (for example, user1@contoso.com). If you want to add multiple users, you must run this cmdlet for each user.
+   ```powershell
+   Add-RdsAppGroupUser <tenantname> <hostpoolname> "Desktop Application Group" -UserPrincipalName <userupn>
+   ```
 
-After you've completed these steps, users added to the desktop application group can sign in to Windows Virtual Desktop with supported Remote Desktop clients and see a resource for a session desktop.
+   The user's UPN should match the user's identity in Azure AD, for example, *user1@contoso.com*. If you want to add multiple users, run the command for each user.
 
-Here are the current supported clients:
+Users you add to the desktop application group can sign in to Windows Virtual Desktop with supported Remote Desktop clients and see a resource for a session desktop.
 
-- [Remote Desktop client for Windows 7 and Windows 10](connect-windows-7-and-10.md)
-- [Windows Virtual Desktop web client](connect-web.md)
+Here are the current supported clients:
 
->[!IMPORTANT]
->To help secure your Windows Virtual Desktop environment in Azure, we recommend you don't open inbound port 3389 on your VMs. Windows Virtual Desktop doesn't require an open inbound port 3389 for users to access the host pool's VMs. If you must open port 3389 for troubleshooting purposes, we recommend you use [just-in-time VM access](../security-center/security-center-just-in-time.md).
+* [Remote Desktop client for Windows 7 and Windows 10](connect-windows-7-and-10.md)
+* [Windows Virtual Desktop web client](connect-web.md)
 
 ## Next steps
 
-Now that you've made a host pool and assigned users to access its desktop, you can populate your host pool with RemoteApp programs. To learn more about how to manage apps in Windows Virtual Desktop, see this tutorial:
+You've made a host pool and assigned users to access its desktop. You can populate your host pool with RemoteApp programs. To learn more about how to manage apps in Windows Virtual Desktop, see this tutorial:
 
 > [!div class="nextstepaction"]
 > [Manage app groups tutorial](./manage-app-groups.md)
