Skip to main content

Azure Virtual Desktop MSIX App Attach – Pt2

Welcome to the part two of the MSIX App attach


So, in our previous blog, we discussed how to create the MSIX package from the packaging tool. Now it's time for us to deploy the MSIX to our AVD solution.

Before we proceed there are a few things that you need to know, you need to have a storage account and a file share inside that is integrated without AD and with the relevant permission. Please follow the below steps from Microsoft to configure the required permissions for your MSIX app attach container.

https://docs.microsoft.com/en-us/azure/virtual-desktop/app-attach-file-share

Having said that I have already setup my file share,

Okay let’s get down to the business. :D

Since we have the package ready, we need to create VHD to extract the data.

I’m using the below script to create a VHD in host environment or you can simply attach a VHD to your packaging environment.

New-VHD -SizeBytes 500MB -Path c:\temp\vscode2.vhd -Dynamic -Confirm:$false

$vhdObject = Mount-VHD c:\temp\vscode2.vhd -Passthru

$disk = Initialize-Disk -Passthru -Number $vhdObject.Number

$partition = New-Partition -AssignDriveLetter -UseMaximumSize -DiskNumber $disk.Number


Once our VHD is ready, we need to extract our MSIX to the VHD

To expand the MSIX image:

  1. Download the msixmgr tool and save the .zip.
  2. Unzip the msixmgr tool .zip folder.
  3. Run the following cmdlet to unpack the MSIX into the VHD you created in the previous section.

.\msixmgr.exe -Unpack -packagePath “C:\temp\vscode_1.0.0.0_x64__rbh2ag737t0tm.msix” -destination "G:\vscode" -applyacls

once done, we need to upload this to the storage account we prepared by giving the required permissions earlier



Once it's uploaded, it's just a matter of adding the MSIX package to the AVD environment.

So, there are two ways that we can achieve this,

Using the portal, we can simply add the application to the user’s workspace.

Follow the below step

Head down to Azure Virtual desktop and select the host pool, go to MSIX Packages And also before you add please do note you need at least 1 host server in your host pool for this to work

Click add and provide the MSIX VHD path from the storage account

Fill in the details and set the state to Active

Once done you can create an application group and provide msix app name to give permissions to the users. If you follow this path users will see the application in their AVD Workspace as a remote application. You'll need to do this for both desktop and remote app application groups. If you don’t add the MSIX app to the Virtual Desktop Group ( by default hostpool-DAG). Application won't display inside the host

And if you just want users to access outside the host session then you can create a new app group and assign the application. So the application will be visible in the workspace.





Hope this helps someone 😊


Comments

  1. […] Danidu has written his second post in a series of posts he is doing around MSIX App Attach. In this post he goes through the steps to create a VHD and extract the MSIX onto the VHD, ready to be uploaded to the file share. You can view his blog post here – Azure Virtual Desktop MSIX App Attach – Pt2 – Blog of Danidu (dckloud.com) […]

    ReplyDelete

Post a Comment

Popular posts from this blog

Updating Azure VM Data Disk Sizes

Summary Hope you are doing great, this time I came up with a simple azure DevOps solution for updating VM disk sizes. The current project that I'm in has a bunch of virtual machines. So, we need a way to update the VM disk with minimal administrative effort and changes.  In this scenario, we have used Bicep as the IAC language Azure DevOps pipelines YAML variable files  Here is the high-level workflow for a particular VM in the solution YAML Pipeline file got two workflows, firstly the VM build pipeline, and the second is the disk update one. If you focus on the green arrow and the purple arrow, basically I'm modifying the same bicep module file and passing the same set of variables. You may wonder why we cannot use the same flow to build the VM and update the disk later, that's because for the disk updates VM needs to be in a shutdown state, and other components in the 1st flow need the VM up and running especially the extension modules YAML Variable Files I have decided t

Deploying an Automation Account with a Runbook and Schedule Using Bicep

Introduction Automation is a key component in many organizations' cloud strategy. Azure Automation allows you to automate the creation, deployment, and management of resources in your Azure environment. In this post, we will walk through the process of deploying an Automation Account with a Runbook and Schedule using Bicep, a new domain-specific language for deploying Azure resources. Intention My intention at the  end is to run a PowerShell  script to start and shutdown Azure VMs based on tag values. PowerShell  script that I have used is from below l ink.  And two  of me   collogue s ( Michael Turnley   and Saudh Mohomad helped to modify the  PowerShell  script. Prerequisites Before we begin, you will need the following: An Azure subscription The Azure CLI installed on your machine. The Azure Bicep extension for the Azure CLI Creating the Automation Account The first step in deploying an Automation Account with a Runbook and Schedule is to create the Aut

Securing Azure Services with Fetian FIDO

Hey Folks  Here again with another security topic with Fetian Fido. And once again Fetian devices proved their excellent quality and stability. For this I choose Fetian K33 -  AllinPass FIDO Security Key – FEITIAN (ftsafe.com) and  K39 -  Single-button FIDO Security Keys | FEITIAN (ftsafe.com) Use case  In an organization following changes needs to be implemented.  1. Update the password policy 2. Update the user session time out to 30 minutes Once these changes being implemented, the following issues need to be addressed 1. Users' complaint new passwords need to be so long 2. Users complain sessions time out makes them work so much slower with the longer passwords 3. Etc... Solution  One of my friends reached out to me to help solve this problem. All I could think of was using passwordless auth with FIDO devices. We have decided to use Fido2 keys for better security and flexibility for the users. The FIDO (Fast IDentity Online) Alliance helps to promote open authentication stand