Last Update: Sep 04, 2024 | Published: Jul 22, 2016
In this article, I will show you how you can speed up and automate the deployment of Azure RemoteApp, Microsoft’s managed Remote Desktop Services farm in the cloud, using PowerShell. I will also share how you can use PowerShell to publish applications in the app collection and assign users access to those applications.
I have written quite a few articles over the last year or so about Azure RemoteApp. In summary, RemoteApp allows you to present desktop applications to users as publish applications without the desktop to RDS clients:
If you wanted to build an RDS farm in Azure from virtual machines, then you’d need to start with RDS CALs acquired via:
And then you’d need to build a complex infrastructure with load balanced SSL gateways, connection broker, and all that mess.
RemoteApp makes it easy:
Ideally, you only want to create the app collection and assign users at the time of failover. Do you want to be clicking through lots of wizards then? Probably not, so my solution is to use PowerShell.
Note that in this example, a Sysprep-ed image is already imported into RemoteApp and the necessary Active Directory (Azure AD, service account, and organizational unit) elements have been deployed.
I’ve never had a real scenario where I’ve deployed the “cloud” model of RemoteApp; I’ve always deployed RemoteApp with a VNet and domain join. The first line will prompt you to enter a the user name and password for joining the new session hosts to your domain.
$cred=Get-Credential -Message “Please enter the details of the domain join account”
The following line will deploy a new app collection. Note the following variables:
$Result = New-AzureRemoteAppCollection -Credential $cred -Collectionname $CollectionName -Description $CollectionDescription -ImageName $ImageName -Plan $Plan -VNetName $VNETName -SubnetName $SubnetName –Domain $DomainName -OrganizationalUnit $DomainOU
The above line does the equivalent of a lot of clicking in the Azure management portal. A job is created to create the app collection and the session hosts. My example stores details of that job in $Result. You can track progress of the job in the management portal, but I found that the portal can take a long time to report success (or failure) after a job has completed. I can use $result with PowerShell to track the job:
Get-AzureRemoteAppOperationResult –TrackingId $result.Tracking
In my deployments, I’ve seen a deployment complete in less than 30 minutes, but the UI continues to say that the job is still running (for up to one hour).
The new session hosts will contain programs (installed in the original image that you captured and then imported into RemoteApp) that can be published. The next line of PowerShell will publish one such application, using some variables:
Publish-AzureRemoteAppProgram -CollectionName $CollectionName -DisplayName $ProgramName -FileVirtualPath $ProgramPath
You can grant users access to a RemoteApp app collection using their accounts in Azure AD. In the domain join example, use domain integration (such as Azure AD Connect). The next line of PowerShell will grant a single user access to the app collection and thus, access to all applications in the collection. The following variables are used:
Add-AzureRemoteAppUser -CollectionName $CollectionName -Type OrgId -UserUpn $UserName
Now you have the 3 key cmdlets for automating the deployment of RemoteApp. You can wrap these lines up in logic to have an end-to-end deployment script, or even convert it into an Azure Automation runbook that could be used by an Azure Site Recovery (ASR, Azure’s DR solution) recovery plan (orchestrated failover).