Windows Architecture Intune Public cloud Enterprise mobility

Hands on Windows 365

by Niklas Tinner 6 min read

A Microsoft cloud PC, that is persistent, licensed per user and manageable through the Endpoint Manager admin center. That's Windows 365. In my last post, I did write about the product part of Windows 365. Now I want to focus on the technical part and give a review of how I set up and used Windows 365.

Buy a license

Specification of the cloud pc makes the price. More power means a higher price per month per user. See the price list (in CHF):
buy-pricelist

I did go for 2vCPU, 4GB RAM and 64GB storage, so keep that in mind for further performance rating. Of course this is a rather thin spec, but I wanted to know what's the most acceptable for the price. This one costs 30CHF/user/month or 360CHF per year - and that's quite something in my opinion.

Assign the license

The next step is to assign the license to a user:
assign-license

How does the user access his machine?

Windows 365 is either reachable through windows365.microsoft.com or through the apps in the Office 365 portal.
portal-office-w365-1

The first time, the users accesses the Windows 365 site, the cloud PC starts to enroll. And at this time I was a little bit astonished, because I did not take any enrollment policies in the Endpoint Manager. So this product works without any configuration.
setting-up-cloud-pc

Then it took about 25 minutes to get ready. The user can't work with the PC during this first-time enrollment, but I will do everything automatic in the background. As soon as the PC is ready, you can connect to it. There are also few options to take for the user:
ready-cloud-pc-1

Connect to Windows 365

At this time, there are two possible options to connect you to your cloud PC:

  • Web every browser should be capable of launching Windows 365. Click on "Open in browser". Host connections (input and output devices) can be configured by the user.

local-resources

Then you need to authenticate with your user. And this is only single-factor, further access controls should be taken before, when using Windows 365 as an app in: for example Conditional access. The familiar Windows lock screen sign-in should happen:
sign-in-browser-2

  • App Remotedesktop is the other (preferred) method. You can download it from this portal for Windows, Mac, iOS and Android OS. It's an MSI file, so silent installation should be quite easy.

download-remote-desktop-apps

Windows

In the installed application you initially sign-in through a login.microsoftonline.com tab, that should able to be secured with the well-known IAM security products. Next your cloud PC is also visible at the start page of the app. When connecting, you need to fulfill a Windows security authentication tab.
windows-rdp-sign-in

The PC opens in a remote desktop (RDP) app.

iOS

Is the iOS mobile version any good? Surprisingly I would say definitely! I have seen some similar products from the industry, and those where worse. To use it, download the app from the App Store and add a subscription ID (click the + at the top right), that normally is: https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery.
ios-add-sub

This will trigger an authentication flow and will try to open the Microsoft Authenticator. Here you choose your desired work or school account.
ios-authenticator

The cloud PC should also show up here, and the establish the connection, again the password is needed in single-factor.
ios-sign-in-w365

The display will subsequently switch to horizontal view. Utilization does work with moving the mouse alike a joy-stick and clicking does respond on the whole display. This is very fluent and usable. The only downside is the display size, that could stop you from being productive.
20211028_090213000_iOS

Presenting: Windows 365

After the login, you will see Windows 365:
performance-1

Whats pre-installed?

Office and a browser are pre-installed on every machine template. (You could customize that). Here is a list of all installed apps by default:
apps-installed-default

Update state

When you search for Windows updates on the machine, there will be a few minor updates. The version was Win 21H1 for me.
updates

Performance

A look at the task manager reveals the server hardware CPU. And in my spec also a very high workload for all resources. During my work this was also the normal case, CPU and RAM both between 60-100%. Graphics power is also disappointing - YouTube may play videos, but only with 10-20 frames per second. Gaming or graphics intense workloads are impossible.

Internet speed and cloud PC location

A speedtest through ookla reveals the Internet connection speed. This also leaks the test-server is a Microsoft server. The speed is throughout adequate. My IP stayed for two days on the same and tells me, that my machine is located in England - even my org settings and billing account are set to Switzerland. This Microsoft docs article describes, that the PC's location is based of the location of the billing address country of your organization. I guess Windows 365 is not available in swiss data centers yet. (November 2021)
speedtest

Networking

So, without any configurations you will get a private IP network with /16 size. The gateway is the lowest address (default) and DHCP and DNS is the same server with a 168.xxx IP address, that is no giving are response through ping.
network-settings

(Azure) AD join

One more thing is the enterprise join type. In my case, it is only AzureAD joined. (further hybrid options are described later in this post).
enterprise-join

Intune - Endpoint Manager admin center

So it's clear this product is technically Windows virtual desktop. But the aspect, that it has user affinity and can be fully managed through the Endpoint Manager admin center, makes it special. There the PC shows up in Intune:
intune-w365-pc

Unfortunately, I was not able to create an provisioning policy, due the page was not functional in my tenant. I assume, this was a license problem.
intune-w365-provisioning

If you want to learn about Intune, check out my page on Endpoint Management. Here you can see a setup of Windows 365 provisoning.

Hybrid options

Let's imagine a Hybrid Azure AD scenario. We presume an ADDS installed in a local domain. To interact with on-premises services, Windows 365 also provides an connection through Azure. This will need an Azure subscription and deliver much more benefits, because you are in your corporate network.

Conclusion

In the end, a user must benefit from a solution and the profit must increase to justify it's costs. That's simple economics. The price calculated over a year is very high; high specs are astronomic. On the opposite, a datacenter (private cloud) is also. The difference is the effort, and you pay the effort. Internally as well as externally, the time range is the only sticking point. Windows 365 is a very personalized product, so I would only assign internal users a machine. Azure virtual desktop with a pool of machines (consumption based) might be the better solution for some uses. Although I think that Windows 365 is a modern, integrated, easy to use and high capability product of Microsoft.

Read more posts by this author

Niklas Tinner

The link has been copied!
You’ve successfully subscribed to Oceanleaf
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.