Search This Blog

Monday, November 15, 2021

How to create a custom image for Windows 365 Enterprise Cloud PCs

 

00
Windows 365 Enterprise Cloud PC with a custom Windows 11 image on my son's iPad.



Introduction

A few months back I wrote a blog post about how to configure Windows 365 Enterprise in Microsoft Endpoint Manager, which was provisioned with a standard gallery Windows 10 image and after Windows 11 became generally available, my Cloud PC was successfully reprovisioned with a standard gallery Windows 11 image. - It just works!

But what if you would like to provision your Cloud PC(s) with a custom image (also known as a Golden Image)? Well Microsoft understand the need for this and since it is supported in Windows 365 I believe it’s time for yet another Windows 365 post and this time I will walk you through the process of how to provision your Cloud PC(s) with a custom Windows 11 image.


The original blog post about - How to configure Windows 365 Enterprise in Microsoft Endpoint Manager
The blog post about - How to reprovision existing Cloud PC (Windows 365) to Windows 11


Creating a custom image for Windows 365 Enterprise

If I connect to my current Windows 365 Cloud PC we can see that it is running Windows 11 and the system local is “en-US” at the moment and no extra application has been installed since this Cloud PC is provisioned with a standard gallery image.
01


Let’s create a custom Windows 11 image for Windows 365 Cloud PCs.
Go to https://portal.azure.com


Search for “Virtual Machines” and select the service from the list.
02


Click Create and select Virtual machine.
03


Fill in all the required fields and click on “See all images”   
04


Search for “Cloud PC” and click Select.
05


Select “Windows 11 Enterprise Cloud PC + Microsoft 365 Apps - Gen 2” from the list.
06


Fill in the rest of the required fields.
Note. It’s important that security type is set to “Standard” and that VM generation is “Gen 2”. - Microsoft does not support Gen 1 images as part of Windows 365 Enterprise.

Click on Next.
07


Select “Standard SSD” as the OS disk type and click Next.
08


Configure the network interface and click Next.
09


Configure the monitoring and management options and click Review + Create.
10


Review your configuration and click Create.
11


After a few minutes you should see that the deployment has completed.
Click on “Go to resource
12

 


Once the VM has been created, you should see that the VM is running and that it is assigned a private IP address. Make note of the assigned private IP address, you will need it to connect to the VM via RDP.
13


Connect to the VM with either Azure Bastion or RDP.
14


I’ve added a Danish language pack and installed the latest OS updates to the image.
For the purpose of this blog post I’ve added a few applications: 7-Zip | Adobe Acrobat Reader DC | Notepad++
15


Once you are done with the customizations, run this sysprep command:
sysprep.exe /generalize /shutdown /oobe
16


Go to “Virtual Machines” in the Azure Portal and put the VM into a stopped (deallocated) state.
Click on Capture.
17

 
Create or choose an existing resource group, select “No, capture only a managed image.” give the image a name and click Review + create.
18


Click on Create.
19

 
After a few minutes you should see that the deployment has completed.
20
 

Provision the custom image to your Windows 365 Enterprise Cloud PC(s)



Let’s add the new custom Windows 11 image to our provisioning policy.
Go to https://endpoint.microsoft.com

Click on Devices | Windows 365 | Device images.
21


Click on add, fill in the required fields and click Add again.
Note. The upload process will take approx. 30 minutes to complete.
22


Once the upload process is completed, click on the “Provisioning policies” tab.
23


Create a new provisioning policy or modify an existing policy.
I chose to modify an existing policy and then I reprovisioned my Windows 365 Cloud PC.

Note. Creating a new provisioning policy is described in our original Windows 365 blog post.
How to configure Windows 365 Enterprise in Microsoft Endpoint Manager


Select your provisioning policy.
24


Click on Edit.
25


Change the image type to “Custom image” and click on Select.
Select your custom Windows 11 image, click Select and then click Next.
26


Click on Update.
27

Click on Devices | Windows 365 | All Cloud PCs or Devices | Windows. 
Select your Cloud PC from the list of devices and click on Reprovision.
Click Yes.
28

29


Approximately 1 hour later and your new Cloud PC with a custom Windows 11 image will be ready for use.
Success! My Windows 365 Cloud PC is now in Danish and the added applications are still present for the user logged on…
30

 

 

Summary


Now you know how to create a custom Windows 11 image for your Windows 365 Cloud PC(s). I do understand the need and why Microsoft support custom images in Windows 365, and I think it makes great sense in scenarios where you want to apply a few baseline applications and/or language packs to your custom image. But it is also my recommendation that you keep the image as clean as possible to leave a very small footprint and then let Microsoft Endpoint Manager and Intune add other applications, and configuration settings. Happy testing!

As always, if you have any questions regarding this topic, feel free to reach out to us.

2 comments:

  1. Sune,

    We use a lightweight image with a few standard apps for our standard build and use apps and app groups to build up to the users requirements.

    What are your thoughts on using specific images for builds that are very time consuming to replicate. Example: Visual studio 2019, Docker for Windows, .net core, Node etc.

    Trying to balance speed to deliver with keeping down cycles for image management.

    Thanks

    ReplyDelete
    Replies
    1. Hi John,

      I personally support the use of thin image approach, and then let ConfigMgr or Intune manage the application deployment after or during OS deployment.

      Application management and deployment can be achieved in many different ways, but one way could be a required deployment to specific users that may need e.g. Visual studio 2019 and Docker for Windows. The group or collection could be dynamic and measure on some known variable on the user or computer object.

      I do understand that some might need a custom image and there is no right or wrong here since it is totally supported by Microsoft, but it won't be my first recommendation and please be careful not to leave a too big footprint or make it too cumbersome to manage in the end if someone chooses this approach.

      Br,
      Sune Thomsen

      Delete