Check access to required FQDNs and endpoints for Azure Virtual Desktop
In order to deploy Azure Virtual Desktop, you must allow specific FQDNs and endpoints. You can find the list of FQDNs and endpoints in Required FQDNs and endpoints.
Available as part of the Azure Virtual Desktop Agent (RDAgent) on each session host, the Azure Virtual Desktop Agent URL Tool enables you to quickly and easily validate whether your session hosts can access each FQDN and endpoint. If not it can't, the tool lists any required FQDNs and endpoints it can't access so you can unblock them and retest, if needed.
Note
The Azure Virtual Desktop Agent URL Tool doesn't verify that you've allowed access to wildcard entries we specify for FQDNs, only specific entries within those wildcards that depend on the session host location, so make sure the wildcard entries are allowed before you run the tool.
You need the following things to use the Azure Virtual Desktop Agent URL Tool:
A session host VM.
Your session host must have .NET 4.6.2 framework installed.
RDAgent version 1.0.2944.400 or higher on your session host. The executable for the Azure Virtual Desktop Agent URL Tool is
WVDAgentUrlTool.exe
and is included in the same installation folder as the RDAgent, for exampleC:\Program Files\Microsoft RDInfra\RDAgent_1.0.2944.1200
.The
WVDAgentUrlTool.exe
file must be in the same folder as theWVDAgentUrlTool.config
file.
To use the Azure Virtual Desktop Agent URL Tool:
Open PowerShell as an administrator on a session host.
Run the following commands to change the directory to the same folder as the latest RDAgent installed on your session host:
$RDAgent = Get-WmiObject -Class Win32_Product | ? Name -eq "Remote Desktop Services Infrastructure Agent" | Sort-Object Version -Descending $path = ($RDAgent[0]).InstallSource + "RDAgent_" + ($RDAgent[0]).Version cd $path
Run the following command to run the Azure Virtual Desktop Agent URL Tool:
.\WVDAgentUrlTool.exe
Once you run the file, you see a list of accessible and inaccessible FQDNs and endpoints.
For example, the following screenshot shows a scenario where you'd need to unblock two required FQDNs:
Here's what the output should look like when all required FQDNs and endpoints are accessible. The Azure Virtual Desktop Agent URL Tool doesn't verify that you allowed access to wildcard entries we specify for FQDNs.
You can repeat these steps on your other session host, particularly if they are in a different Azure region or use a different virtual network.
Review the list of the Required FQDNs and endpoints for Azure Virtual Desktop.
To learn how to unblock these FQDNs and endpoints in Azure Firewall, see Use Azure Firewall to protect Azure Virtual Desktop.
For more information about network connectivity, see Understanding Azure Virtual Desktop network connectivity