Evolving the remote collaboration experience - How Logicalis integrates Windows Virtual Desktop with Teams

Challenge: 

As we enter into the new normal phase of this pandemic and customers get more sophisticated in enabling virtual modern workspaces, there has been a rise in windows virtual desktop deployments to ensure a stable working environment for employees. 

 

Microsoft’s Azure Windows Virtual Desktop (WVD) provides a comprehensive desktop and app virtualisation service running in the cloud. It is the only virtual desktop infrastructure (VDI) that delivers simplified management, multi-session Windows 10 and optimisations for Microsoft 365 Apps for enterprise.  Not only does the service deliver a seamless employee experience, it also allows you to deploy and scale your Windows desktops and apps on Azure in minutes and get built-in security and compliance features.  

 

Logicalis have been working with a range of customers on their WVD deployments both pre-pandemic and beyond.  One of the emerging themes we’re hearing is the desire for broader flexibility and easier visibility into their WVD environments. As Architects of Change, Logicalis wanted to find a simple solution for our customers to access their WVD environment without having to wade through all the admin layers and various tools such as Azure portal, CLI, PowerShell and others.  Customers just want a quick overview and current status of WVD environment whilst enforcing identity and security. 

 

Solution:  

The toolkit Logicalis turned to was Azure Representational State Transfer (REST) API service endpoints that support sets of HTTP operations (methods), which provide; create, retrieve, update, or delete access to WVD resources. Leveraging the Microsoft identity platform allows Web App based REST API calls to access WVD resources securely.

 

A close up of a map

Description automatically generated

 

This diagram demonstrates a .NET Framework Web App calling an ASP.NET Web API, which in turn calls the ASP.NET Core OpenID connect middleware using an access token obtained using the on-behalf-of flow. All of these are secured using the Microsoft identity platform.

 

Users can connect with personal accounts (including outlook.com, live.com, and others) as well as work and school accounts from any company or organisation that has integrated with Azure Active Directory.

Customers using their Microsoft identity can authenticate to the Web App which queries their WVD environment and displays the status of their session hosts. They no longer need to navigate the various admin consoles and tools to access this information in WVD.

 

Outcome:  

Customers now have the flexibility to surface data retrieved by the Web App into Microsoft Teams. The Teams App integration allows for Single Sign-on (SSO) to the application with Azure Multi-factor Authentication (MFA) providing enhanced security.  

 

Within the Teams channel customers can view up to the minute details of their WVD host pool environments, without the need to authenticate to and open other consoles. The Teams App can be customised to suit customer WVD reporting and security requirements.

 

A screenshot of a cell phone

Description automatically generated