When deploying AVD Session Hosts from a Generalized Image with AVD-Join or from a Specialized Image with AVD-Turbo, it may be necessary to apply post deployment tasks or optimizations to the VM that cannot be included in the Master Image.
This may include deployment of applications that require a unique security ID and therefore cannot easily be deployed in a Master Image, or a preferred configuration that may be reset by generalizing the Master Image.
Following the deployment of the Remote Desktop Agents, AVD-Join or AVD-Turbo will restart the VM. However before restarting, they will check for the existence of C:\Scripts\AVD-Config.ps1. If it exists, the script is called before restarting.
Add functions and commands to C:\Scripts\AVD-Config.ps1 to complete the deployment.
Add the following command to the top of AVD-Config.ps1 to prevent users connecting via RDP while commands are running
# Disable Logons - we don't want users logging on until after the reboot
stop-service RDAgentBootLoader
Examples
Windows Pagefile is reset to default values after running Sysprep.
Add the following function to C:\Scripts\AVD-Config.ps1.
# Set page File to Memory Size on D:\
function SetPageFile{
if (Get-Volume -DriveLetter D) {
$MemMB = (Get-CimInstance Win32_PhysicalMemory | Measure-Object -Property Capacity -Sum).Sum / 1MB
$pf = Get-WmiObject -Query "Select * From Win32_PageFileSetting";
$pf.name=$pf.name
$pf.caption=$pf.caption
$pf.InitialSize = $MemMB;
$pf.MaximumSize = $MemMB;
$pf.Put();
}
}
# SetPageFile # UnComment to enable
Group Membership is reset to default values after running Sysprep.
Add Local Administrators to the FS Logix Exclude groups to prevent admins having FSLogix or ODFC profiles.
if (Get-LocalGroup -Name "FSLogix ODFC Exclude List" -ErrorAction SilentlyContinue)
{Add-LocalGroupMember -Group "FSLogix ODFC Exclude List" -Member "NT Authority\Local account and member of Administrators group" -ErrorAction SilentlyContinue}
if (Get-LocalGroup -Name "FSLogix Profile Exclude List" -ErrorAction SilentlyContinue)
{Add-LocalGroupMember -Group "FSLogix Profile Exclude List" -Member "NT Authority\Local account and member of Administrators group" -ErrorAction SilentlyContinue}
All Network Bindings are applied to the new Network Card that is detected during deployment.
The following function removes all network bindings except for TCP/IP.
# Disable Network Bindings - Disables IPv6, LLDP Protocols
$nics=Get-NetAdapter -Name *Ethernet*
foreach ($nic in $nics) { Disable-NetAdapterBinding -Name $nic.name -ComponentID ms_lltdio,ms_tcpip6,ms_lldp,ms_rspndr -ErrorAction SilentlyContinue}
Install an Application
$media="C:\Source\MSIFile.msi"
$proc="msiexec.exe"
$arg="/i $media ALLUSERS=1 REBOOT=ReallySuppress /qb- /l*v C:\temp\MSIFileName.log"
Start-Process -FilePath $proc -ArgumentList $arg -wait
Do not add any restart commands to AVD-Config.ps1 and suppress restarts where necessary. The VM will restart when AVD-Config.ps1 has completed.
|
.
