Step by Step Guide for Azure Windows 11 Multi Session Image Creation using System Preparation Tool (Sysprep)

 1. Create Win 10/11 Image:

1. Make sure the Virtual Network being used for the Image VM has Internet access.

2. Do not join the Image VM to the domain for getting the installers. As an alternative you can upload all the application installers in a Teams channel and login to the MS Teams inside Image VM and download it from there.

3. Create an Azure VM from the Marketplace using a Windows 10/11 Multi-Session OS.

4. If you plan to use this image as a Managed Image or add it to a Custom Image template for further customization after capturing it, select the Security type as 'Standard' as shown below during the VM image creation process. This is because the Custom Image template currently does not support the Trusted Launch security type.

5. Once the VM is up and running, RDP into the VM either through a Jump Server or Remote Desktop connection depending on the Customer environment. You can also make use of Azure Bastion.

 2. Install LOB applications and One Drive in per-machine mode:

1. Once you are in, install the Line Of Business applications (required by the Customer). In this case we will install Google Chrome browser, Visual Studio Code and Notepad++ 

2. I have experienced AppxPackage error during the Sysprep specifically for Notepad++ installation. Hence, to avoid it select the type of install as Minimalist during the installation process.

3. For Multisession OS, select the System Installer x64 for Visual Studio code installer.

4. Note-If the applications you are installing are not compatible with multi-session environments, you may be able to install them successfully. However, when multiple users log in and use the same application simultaneously, only one user will be able to use it at a time. Therefore, ensure that the application is compatible with multi-session OS environment.

5. Once the LOB applications are installed, uninstall the One Drive that comes pre-installed. We need to install One Drive in per-machine mode that is optimized for multi session environment.

6. Go to Control Panel from the Start Menu, Under Programs->Uninstall a Program. Select One Drive and click on Uninstall. Once uninstalled, go to https://go.microsoft.com/fwlink/?linkid=844652 to download the latest version of One Drive.

7. Go to Command Prompt from the Start Menu, right click and select Run as Administrator.

8. Go to the folder where the One Drive.exe file is placed. In our case its in the Downloads folder. 

Type cd<space>Downloads

9. Then type .\OneDriveSetup.exe /allusers and hit Enter.

10. One Drive starts installing.

11. There is no need to Optimize MS Teams as it comes optimized for Windows 11 Multi Session OS.

12. Once the LOB applications and One Drive is installed, connect with Customer's Security team to install Antivirus, Vulnerability Scan tools and any other Security installers as recommended by the Customer.

3. Check Application icons are available on the Public Desktop:

1. Also, make sure that the required application icons are available on the Public Desktop or else when the users log in they wont be able to see the icons even though the application is installed.

2. Public Desktop folder is Hidden by default. To view it go to C:\Users\Public. Then click on 

View->Show->Hidden Items.

4. Use Multimedia redirection on Azure Virtual Desktop :

1. For multimedia redirection to work, there are two parts to install on your session hosts: the host component and the browser extension for Edge or Chrome. You install both the host component and browser extension for Edge or Chrome browsers on your session hosts from an MSI file. You can also get and install the browser extension from Microsoft Edge Add-ons or the Chrome Web Store.

2. You can install the MSI from https://aka.ms/avdmmr/msi 

3. If during the download you get the below error, right click on it and click on Keep.

4. Once the MSI file is downloaded, double click on it.

5. Click Next.

6. Click Finish.

7. On the Edge browser you would get a notification as below. Click on Turn on extension.

5. Take a Snapshot :

1. A snapshot is a full, read-only copy of a virtual hard disk (VHD). You can use a snapshot as a point-in-time backup.

2. On the Azure Portal, select the Image VM, under Settings click on Disks and click on the Disk name.

3. Click on + Create Snapshot.

4. Select the correct Subscription, resource group. Give a name. Leave the other tabs as default. Click Review +Create.

6. Run Virtual-Desktop-Optimization-Tool :

1. The Virtual Desktop Optimization Tool (VDOT) is a set of mostly text-based tools that apply settings to a Windows operating system, intended to improve performance. The performance gains are in overall startup time, first logon time, subsequent logon time, and usability during a user-session. The optimization settings in this tool are the potential settings that reduce compute activity, and thus increase user density per host. It is important to test the optimization settings in each respective environment, and adjust settings as needed. 

2. Please understand the README section before running the script.

3. Go to GitHub - The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool: The script and configuration files in this repository provide an easy method to customize and apply performance related settings to virtual desktop environments.

4. Click on Code and Download ZIP.

5. Right Click and Extract.

6. Once extracted please go to Virtual-Desktop-Optimization-Tool-main\Virtual-Desktop-Optimization-Tool-main\2009\ConfigurationFiles

7. Go through each file. The JSON parameter that this tool uses to determine whether or not to apply a setting is 'VDIState'. If the 'VDIState' parameter in the respective .JSON file is set to Disabled, the optimization setting will be applied. If 'VDIState' is set to anything else, the setting will not be applied.

8. Depending on the Customer environment, go through each settings and whichever are not required, change the VDIState to Disabled.

9. To Start with you can change the VDIState from Unchanged to Disabled for the following AppxPackages and save the file: 

"Bing Search", "Clipchamp.Clipchamp", "Microsoft.549981C3F5F10", "Microsoft.BingNews", "Microsoft.BingWeather", "Microsoft.GamingApp", "Microsoft.GetHelp", "Microsoft.Getstarted", "Microsoft.MicrosoftSolitaireCollection", "Microsoft.People", "Microsoft.SkypeApp", "Microsoft.WindowsFeedbackHub", "Microsoft.WindowsMaps", "Microsoft.WindowsSoundRecorder", "Microsoft.Xbox.TCUI", "Microsoft.XboxGameOverlay", "Microsoft.XboxGamingOverlay", "Microsoft.XboxIdentityProvider", "Microsoft.XboxSpeechToTextOverlay", "Microsoft.YourPhone", "Microsoft.ZuneMusic", "Microsoft.ZuneVideo", "Microsoft.XboxApp"

10. Search for Powershell in the Start Menu. Right click on Windows Powershell ISE-Run as Administrator.

11. Change the directory to C:\Users\avdadmin\Downloads\Virtual-Desktop-Optimization-Tool-main\Virtual-Desktop-Optimization-Tool-main

12.  Run the following command: Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser

Click Yes to All.

13. Run the following command: .\Windows_VDOT.ps1 -Optimizations AppxPackages -AcceptEULA

Click Run Once.

7. Delete the files from Browser, Downloads, Temp folder and Recycle Bin :

1. Before you reboot the machine, delete the Edge browser history, downloads folder, temp folder.

2. Delete all the possible files and folders inside Temp folder.

3. Empty the Recycle Bin.

8. Install the Latest Windows Update :

1. Click on Start Menu. Go to Settings-Windows Update. Click on Install All.

9. Restart :

1. You can restart the system either from the VM or from the Azure Portal. Both works.

2. Once the Image VM is up and running, take a Snapshot again and if the deployment is successful without any errors you may delete the old snapshot.

10. System Preparation (Sysprep):

1. Go to C:\Windows\System32\Sysprep

2. Right click on Sysprep and Run as Administrator.

3. Select Generalize tab. 

4. Under the Shutdown options dropdown menu select Shutdown

5. Click Ok.

6. If the sysprep is successful, the RDP connection would be terminated and the Image VM would be shutdown automatically.

7. If the Sysprep is not successful you may get the below error:

8. You need to then go to the Panther folder and open the setupact log file

9. Mostly the error message would be related to some Appxpackage with the following kind of error message: 

SYSPRP Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6 was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.

10. You can run the below PowerShell command 

Remove-AppxPackage -allusers -Package <Package Name>

E.g. Remove-AppxPackage -allusers -Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6

11. Run the Sysprep tool again.

11. Capture the Image:

1. Once the VM is shutdown, go to the Azure Portal. Search for the Image VM. Click on Stop.

2. The status of the VM should be Stopped (Deallocated)

3. Click on Capture-> Image

4. Select the Resource group where you wish to place the Image.

5. Under Share Image to Azure Compute Gallery you can either select Yes or No. For now we are selecting No, capture only a managed image.

6.Select the Automatically delete this virtual machine option.

7. Give a suitable name for the image as per Customer's naming convention.

8. Give the tags if any.

9. Click on Review +Create.

10. Click Create and the Managed Image would be created.