Deploying Azure Virtual Desktop – A Modular, Automated Approach

Posted on June 8, 2025June 8, 2025 by Andy

Reading Time: 9 minutes7 Introduction Azure Virtual Desktop (AVD) is Microsoft’s comprehensive Desktop-as-a-Service platform, enabling secure remote access to Windows desktops and apps from virtually anywhere. While powerful, deploying AVD in a robust, enterprise-ready manner can be complex: it requires careful orchestration of network, identity, security, storage, and user access. Manual configuration is time-consuming, error-prone, and difficult to scale or […]

Continue reading →

Using Cloud PKI with Always On VPN

Posted on May 9, 2025May 9, 2025 by Andy

Reading Time: 8 minutes4 Using Microsoft Cloud PKI With Always On VPN Introduction I have been playing around with Always On VPN recently. Using it with Domain, Hybrid and Entra Joined devices. As you will be aware Always on VPN heavily relies on Certificates and requires an Active Directory Certificate Services (ADCS) PKI infrastructure. When using Domain and or […]

Continue reading →

Virtual PAW – Part 4 – Completing the basic setup

Posted on March 23, 2025March 23, 2025 by Andy

Reading Time: 7 minutes4 So this is part 4 of my multi part series on my journey with Bicep and ARM Templates and deploying AVD as a PAW.. Introduction In this part I’ll go through what I did to complete the basic setup, this will then enable you to log on to the Azure Virtual Desktop PAW’s from the […]

Continue reading →

Virtual PAW – Part 3 – Deploying the session hosts

Posted on February 27, 2025February 27, 2025 by Andy

Reading Time: 10 minutes7 So this is the 3rd part of a multi part series on my journey with Bicep and ARM Templates and deploying AVD as a PAW.. Introduction Welcome to the 3rd installment of my multipart series on using a virtual/cloud PAW. By now you have hopefully deployed the core components for AVD, the Host pool, the […]

Continue reading →

Virtual PAW – Part 1 – A high level overview

Posted on February 14, 2025February 18, 2025 by Andy

Reading Time: 11 minutes7 I have decided to create this as a multi part post to hopefully make it easier to understand. Introduction So Following on from my last post I thought I’d share how I actually went about deploying my AVD environment as a PAW. This post is a high level overview of what I have done. The […]

Continue reading →

Why use a PAW?

Posted on February 5, 2025February 5, 2025 by Andy

Reading Time: 6 minutes4 Introduction Following on from my previous post I have been asked why I use a PAW for my own tenant, and or why not just use a conditional access policy to ensure that a compliant device for the tenant is used by the privileged user. So, I reply with the question, why wouldn’t you want […]

Continue reading →

Securing my privileged access with AVD

Posted on January 15, 2025January 15, 2025 by Andy

Reading Time: 3 minutes2 I’m trying to “lead by example” (I use that term loosely), when it comes to privileged access. A bit of background For a long time my regular Microsoft 365 account was also my GA account in my own tenant, I know, I know thats top of the no no’s when it comes to Entra, but, […]

Continue reading →

Creating Multiple Security Groups in Microsoft Entra

Posted on May 24, 2024May 24, 2024 by Andy

Reading Time: 4 minutes3 I was recently asked if there was a quick way to create 180 plus Security Groups in Microsoft Entra. I used to do a lot of PowerShell Scripting but not done much in recent years. Also with the switch to Microsoft Graph for management now I was treading in new territory. Previously I would have […]

Continue reading →