Getting Started: Provisioning Microsoft Entra-Joined Cloud PCs in a Microsoft Hosted Network

 1. Prerequisites:

1. Licenses: For the end users to access Cloud PC, the users must have licenses for Windows E3, Intune, Microsoft Entra ID P1, and Windows 365 to use their Cloud PC. 
In our scenario, we have purchased 2 licenses:
Microsoft 365 Business Premium since it includes Intune and Entra ID P1 in it.
Windows 365 Enterprise 2 vCPU, 8 GB, 128 GB to use Cloud PC


2. Access: Two Roles have been assigned to the admin user. Intune Administrator and the License Administrator.
Intune Administrator is required to work on Intune Portal and provision a Cloud PC.
License Administrator is required to assign license to the end users from the Admin Portal.

2. Create a Security Group to add users:

1. Go to the Intune Portal https://intune.microsoft.com/ and login with the credentials that has the Intune license and the required access (Intune and License Administrator)

2. Click on Groups.

3. Click on New Group.


4. Select the group type as Security.

5. Give a suitable Group Name.

6. Give a description if needed.

7. Select assigned as Membership type.

8. You can select owners for this group if needed; I haven't selected any.

9. I have added members in this group for whom we would provision a Cloud PC.

10. Click on Create.

3. Assign license to the Security Group:

1. Login to the Admin Portal https://admin.microsoft.com/ 

2. Under Billing, click on Licenses.

3. Click on each license one at a time.

4. Click on Groups. Click on +Assign Licenses. Select the group we created. 

5. Do the same process for other group as well.


4. Create Provisioning Policy:

1. Get back to the Intune Portal.

2. Click on Devices on the left hand menu.

3. Under Device Onboarding, click on Windows 365

4. Click on Provisioning policies and then click on +Create Policy.

5. Under General tab, give a suitable name and description.

6. Select the License type as Enterprise.

7. Select Join type as Microsoft Entra Join

8. Select Network as Microsoft hosted network.

9. Select the required Geography.

10. For region select Automatic (Recommended)

11. You can check the box for Single Sign-On, but make sure it is already configured. Even if it is not configured, you can still check the box; it won’t cause any issues.

12. Click Next.
    
13. Select the Image type as Gallery Image and select the appropriate Windows 10/11 Image depending on the license you have.

14. Click Next.


15. Under Configuration tab, select the required language.

16. Under Cloud PC naming, please leave the default option unchecked. If you wish to assign your own name to the Cloud PC, check the box and provide a suitable name as needed.

17. Under Additional Services, you can select either Windows Autopatch or None. If Windows Autopatch is selected, it should be pre-configured. We will dive deeper into all these options in the upcoming blogs.

18. Click Next.

19. Leave the Scope tags at default.

20. Click Next.


21. Under assignments tab, click on +Add Groups and select the group.

22. Click Next.


23. Click Create.

24. Under All Cloud PCs you can see the provisioning status. It would approximately take 1 hour to provision a Cloud PC for the user.

25. Once the provisioning is successful, the status shows as Provisioned.
    

5. Access Cloud PC:

1. Via Browser:
Navigate to https://windows365.microsoft.com/ to access Cloud PC. You can click on Open in Browser.


2. You can play with the required settings and click on Connect.
    

3. Say Yes.

4. And there you have the Cloud PC ready.

5. Via Windows App: You may download the Windows App from the Store

6.  Open the Windows App. Click on Sign In.

7. Enter the username and password.


8. You can click on Connect

9. You can now start using the Cloud PC.


No comments