Unified Azure Virtual Desktop (AVD) Integration: Prerequisites

In order for Parallels RAS to be able to configure and use Azure Virtual Desktop there are some prerequisites:

1. An Azure Tenant ID.
2. An Azure subscription with sufficient credit.
3. Active Directory: 
   • A Server Active Directory environment or Azure AD Domain Services (Azure AD DS). See https://azure.microsoft.com/services/active-directory-ds/. 
   • Azure AD Connect — AD must be in sync with your Azure AD, so users can be associated between the two. 
   • The user must be sourced from the same Active Directory that's connected to Azure AD. Azure Virtual Desktop does not support B2B or MSA accounts. 
   • The user configured in the Parallels RAS client with access to Azure Virtual Desktop resources must exist in the Active Directory domain the session host it is joined to. 
4. The necessary Microsoft Azure resource providers must be enabled, including Microsoft.ResourceGraph, Microsoft.Resources, Microsoft.Compute, Microsoft.Network, Microsoft.DesktopVirtualization.
5. Create a Azure AD Application: Go to Azure Portal-> Azure Active Directory-> App registration-> New registration.

• Go to Certificates and secrets-> Add New client secret. Do not forget to save the client secret;

• Give the Application read and write access to resources:
  • Contributor Role in Resource group;
    
  • (optional) read access to other resource groups or Subscription (to read all VMs in Subscription).
• Give the Application User management rights:
  • Assign 'User Access Administrator' permissions for application at Subscription -> Access Control (IAM).

• Give application the following API permissions: Go to Azure Portal-> Azure Active Directory-> App Registration-> API permissions-> Add a permission:
  • Microsoft.Graph (application permissions):
    • Group.Read.All
    • User.Read.All

For configuration please use the following article: Unified Azure Virtual Desktop (AVD) Integration: Configuration.