Merge pull request #136 from Azure/TestUAI1

Test UAI1 merge into 'main'
2021-11-04 15:23:44 -04:00 · 2021-11-04 15:23:44 -04:00 · 72cc3b45d2
--- a/Blueprint/Artifacts/Mgmtvm.json
+++ b/Blueprint/Artifacts/Mgmtvm.json
--- a/Blueprint/Artifacts/addsDAUser.json
+++ b/Blueprint/Artifacts/addsDAUser.json
@ -28,6 +28,9 @@
          "script_executionUserResourceID": {
            "type": "string"
          },
          "key-vault-name": {
            "type": "string"
          },
          "ad_usernameUPN": {
            "type": "string",
            "metadata": {
@ -75,7 +78,6 @@
        },
        "variables": {
          "deployment-prefix": "[concat(parameters('resourcePrefix'), '-sharedsvcs')]",
          "key-vault-name": "[concat(variables('deployment-prefix'), '-kv')]",
          "username": "[first(split(parameters('ad_usernameUPN'), '@'))]",
          "domainadmin_secret_value": "[concat(toUpper(uniqueString(parameters('secret-unique-value1'))), uniqueString(parameters('secret-unique-value2')), toLower(uniqueString(parameters('secret-unique-value3'))), '!')]",
          "domainadmin_group": "AAD DC Administrators",
@ -84,12 +86,12 @@
        "resources": [
          {
            "type": "Microsoft.KeyVault/vaults/secrets",
-            "name": "[concat(variables('key-vault-name'), '/', variables('username'))]",
+            "name": "[concat(parameters('key-vault-name'), '/', variables('username'))]",
            "apiVersion": "2019-09-01",
            "properties": {
              "value": "[variables('domainadmin_secret_value')]",
              "dependsOn": [
-                "[resourceId('Microsoft.KeyVault/vaults', variables('key-vault-name'))]"
+                "[resourceId('Microsoft.KeyVault/vaults', parameters('key-vault-name'))]"
              ]
            }
          },
@ -99,7 +101,7 @@
            "name": "createDAUser",
            "location": "[resourceGroup().location]",
            "dependsOn": [
-              "[resourceId('Microsoft.KeyVault/vaults/secrets', variables('key-vault-name'), variables('username'))]"
+              "[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('key-vault-name'), variables('username'))]"
            ],
            "kind": "AzurePowerShell",
            "identity": {
@ -111,7 +113,7 @@
            "properties": {
              "forceUpdateTag": "[parameters('utcValue')]",
              "azPowerShellVersion": "5.4",
-              "arguments": "[concat('-displayName', ' ', variables('username'), ' ', '-userPrincipalName', ' ', parameters('ad_usernameUPN'), ' ', '-keyvault', ' ', variables('key-vault-name'), ' ','-forcePasswordChange', ' ', variables('forcePasswordChange'))]",
+              "arguments": "[concat('-displayName', ' ', variables('username'), ' ', '-userPrincipalName', ' ', parameters('ad_usernameUPN'), ' ', '-keyvault', ' ', parameters('key-vault-name'), ' ','-forcePasswordChange', ' ', variables('forcePasswordChange'))]",
              "primaryScriptUri": "[parameters('addADUserScriptURI')]",
              "timeout": "PT4H",
              "cleanupPreference": "OnSuccess",
@ -152,6 +154,9 @@
        "resourcePrefix": {
          "value": "[parameters('resourcePrefix')]"
        },
        "key-vault-name": {
          "value": "[parameters('key-vault-name')]"
        },
        "addADUserScriptURI": {
          "value": "[concat(parameters('scriptURI'),'/addADuser.ps1')]"
        },
--- a/Blueprint/Artifacts/avdDeploy.json
+++ b/Blueprint/Artifacts/avdDeploy.json
@ -20,10 +20,13 @@
                      "displayName": "Resource Prefix"
                  }
              },
              "key-vault-name": {
                "type": "string"
              },
              "baseTime":{
                  "type":"string",
                  "defaultValue": "[utcNow('u')]"
-                },
+              },
              "nestedTemplatesLocation": {
                  "type": "string",
                  "metadata": {
@ -506,13 +509,12 @@
          },
          "variables": {
              "deployment-prefix": "[concat(parameters('resourcePrefix'), '-sharedsvcs')]",
              "key-vault-name": "[concat(variables('deployment-prefix'), '-kv')]",
              "createVMs": "[greater(parameters('avdHostPool_vmNumberOfInstances'),0)]",
              "rdshManagedDisks": "[if(equals(parameters('vmImageType'), 'CustomVHD'), parameters('vmUseManagedDisks'), bool('true'))]",
              "rdshPrefix": "[parameters('vmNamePrefix')]",
              "avSetSKU": "[if(variables('rdshManagedDisks'), 'Aligned', 'Classic')]",
              "existingDomainUsername": "[first(split(parameters('administratorAccountUsername'), '@'))]",
-              "key-vault-resourceID": "[resourceId('Microsoft.KeyVault/vaults', variables('key-vault-name'))]",
+              "key-vault-resourceID": "[resourceId('Microsoft.KeyVault/vaults', parameters('key-vault-name'))]",
              "vhds": "[concat('vhds','/', variables('rdshPrefix'))]",
              "subnet-id": "[resourceId(parameters('virtualNetworkResourceGroupName'),'Microsoft.Network/virtualNetworks/subnets',parameters('existingVnetName'), parameters('existingSubnetName'))]",
              "resourceGroup": "[resourceGroup().name]",
@ -694,7 +696,7 @@
                          "administratorAccountPassword": {
                              "reference": {
                                "keyVault": {
-                                  "id": "[resourceId('Microsoft.KeyVault/vaults', variables('key-vault-name'))]"
+                                  "id": "[resourceId('Microsoft.KeyVault/vaults', parameters('key-vault-name'))]"
                                },
                                "secretName": "[variables('existingDomainUsername')]"
                              }
@ -771,7 +773,10 @@
      "parameters": {
          "resourcePrefix": {
              "value": "[parameters('resourcePrefix')]"
-            },
+          },
          "key-vault-name": {
              "value": "[parameters('key-vault-name')]"
          },
          "artifactsLocation": {
              "value": "https://wvdportalstorageblob.blob.core.windows.net/galleryartifacts/Configuration_7-20-2020.zip"
          },
--- a/Blueprint/Artifacts/avdUsers.json
+++ b/Blueprint/Artifacts/avdUsers.json
@ -18,11 +18,14 @@
              "displayName": "Resource Group and Resource identifier. String to be used as prefix to all Resource Group and Resource names."
            }
          },
          "key-vault-name": {
            "type": "string"
          },
          "aad_avduserGroup": {
            "type": "string",
            "metadata": {
                "displayName": "AAD AVD Test Users Group"
-            },
+          },
            "defaultValue": "AVD Users"
          },
          "createAVDUserScriptURI": {
@ -94,7 +97,7 @@
        },
        "variables": {
          "deployment-prefix": "[concat(parameters('resourcePrefix'), '-sharedsvcs')]",
-          "key-vault-name": "[concat(variables('deployment-prefix'), '-kv')]",
+          "key-vault-name": "[parameters('key-vault-name')]",
          "hostpoolName": "[replace(parameters('hostpoolName'),'\"','')]",
          "pw_secret_value": "[concat(toUpper(uniqueString(parameters('secret-unique-value1'))), uniqueString(parameters('secret-unique-value2')), toLower(uniqueString(parameters('secret-unique-value3'))), '!')]",
          "forcePasswordChange": true,
@ -155,6 +158,9 @@
        "resourcePrefix": {
          "value": "[parameters('resourcePrefix')]"
        },
        "key-vault-name": {
          "value": "[parameters('key-vault-name')]"
        },
        "domainName": {
          "value": "[parameters('adds_domainName')]"
        },
--- a/Blueprint/Artifacts/keyvault.json
+++ b/Blueprint/Artifacts/keyvault.json
@ -18,6 +18,9 @@
            "displayName": "Resource Group and Resource identifier. String to be used as prefix to all Resource Group and Resource names."
          }
        },
        "key-vault-name": {
          "type": "string"
        },
        "keyvault_ownerUserObjectID": {
          "type": "string",
          "metadata": {
@ -85,7 +88,7 @@
      },
      "variables": {
        "deployment-prefix": "[concat(parameters('resourcePrefix'), '-sharedsvcs')]",
-        "key-vault-name": "[concat(variables('deployment-prefix'), '-kv')]",
+        "key-vault-name": "[parameters('key-vault-name')]",
        "enable-vault-for-deployment": true,
        "enable-vault-for-templateDeployment": true,
        "enable-vault-for-diskEncryption": true,
@ -229,6 +232,9 @@
      "resourcePrefix": {
        "value": "[parameters('resourcePrefix')]"
      },
      "key-vault-name": {
        "value": "[parameters('key-vault-name')]"
      },
      "keyvault_ownerUserObjectID": {
        "value": "[parameters('keyvault_ownerUserObjectID')]"
      },
--- a/Blueprint/Blueprint.json
+++ b/Blueprint/Blueprint.json
@ -1,470 +1,456 @@
-{
+{
-  "type": "Microsoft.Blueprint/blueprints",
+  "type": "Microsoft.Blueprint/blueprints",
-  "name": "AVD Blueprint",
+  "name": "AVD Blueprint",
-  "properties": {
+  "properties": {
-    "targetScope": "subscription",
+    "targetScope": "subscription",
-    "parameters": {
+    "parameters": {
-      "avdUsers_userPrefix": {
+      "avdUsers_userPrefix": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "Test User prefix",
+          "displayName": "Test User prefix",
-          "description": "Username prefix. A number will be added to the end of this value."
+          "description": "Username prefix. A number will be added to the end of this value."
-        },
+        },
-        "defaultValue": "user"
+        "defaultValue": "user"
-      },
+      },
-      "avdUsers_userCount": {
+      "avdUsers_userCount": {
-        "type": "int",
+        "type": "int",
-        "metadata": {
+        "metadata": {
-          "displayName": "Total AVD users to create.",
+          "displayName": "Total AVD users to create.",
-          "description": "Total Number of AVD users to create."
+          "description": "Total Number of AVD users to create."
-        },
+        },
-        "defaultValue": 10
+        "defaultValue": 10
-      },
+      },
-      "avdHostPool_vmNumberOfInstances": {
+      "avdHostPool_vmNumberOfInstances": {
-        "type": "int",
+        "type": "int",
-        "metadata": {
+        "metadata": {
-          "displayName": "AVD VMs to create.",
+          "displayName": "AVD VMs to create.",
-          "description": "Total Number of AVD virtual machines to create."
+          "description": "Total Number of AVD virtual machines to create."
-        },
+        },
-        "defaultValue": 2
+        "defaultValue": 2
-      },
+      },
-      "avdHostPool_vmSize": {
+      "avdHostPool_vmSize": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "Azure VM size of the session host(s).",
+          "displayName": "Azure VM size of the session host(s).",
-          "description": "The size of the Azure VM used when session hosts are created."
+          "description": "The size of the Azure VM used when session hosts are created."
-        },
+        },
-        "defaultValue": "Standard_D4s_v3"
+        "defaultValue": "Standard_D4s_v3"
-      },
+      },
-      "avdHostPool_loadBalancerType": {
+      "avdHostPool_loadBalancerType": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "The host pool session balancing method.",
+          "displayName": "The host pool session balancing method.",
-          "description": "The method of balancing user session load on session hosts, in the host pool (wide vs. deep)"
+          "description": "The method of balancing user session load on session hosts, in the host pool (wide vs. deep)"
-          },
+          },
-          "AllowedValues": [
+          "AllowedValues": [
-            "DepthFirst",
+            "DepthFirst",
-            "BreadthFirst",
+            "BreadthFirst",
-            "Persistent"
+            "Persistent"
-          ],
+          ],
-          "defaultValue": "BreadthFirst"
+          "defaultValue": "BreadthFirst"
-      },
+      },
-      "avdHostPool_HostPoolType": {
+      "avdHostPool_HostPoolType": {
-        "type": "string",
+        "type": "string",
-        "allowedValues": [
+        "allowedValues": [
-            "Personal",
+            "Personal",
-            "Pooled"
+            "Pooled"
-        ],
+        ],
-        "metadata": {
+        "metadata": {
-            "description": "Set this parameter to Personal if you would like to enable Persistent Desktop experience. Defaults to false."
+            "description": "Set this parameter to Personal if you would like to enable Persistent Desktop experience. Defaults to false."
-        },
+        },
-        "defaultValue": "Pooled"
+        "defaultValue": "Pooled"
-      },
+      },
-      "avdHostPool_maxSessionLimit": {
+      "avdHostPool_maxSessionLimit": {
-        "type": "int",
+        "type": "int",
-        "metadata": {
+        "metadata": {
-          "displayName": "User session limit per session host, in the host pool",
+          "displayName": "User session limit per session host, in the host pool",
-          "description": "The maximum number of user sessions per session host in the host pool"
+          "description": "The maximum number of user sessions per session host in the host pool"
-          },
+          },
-          "defaultValue": 40
+          "defaultValue": 40
-      },
+      },
-      "adds_domainName": {
+      "adds_domainName": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "Azure ADDS Domain"
+          "displayName": "Azure ADDS Domain"
-        }
+        }
-      },
+      },
-      "adds_vnetName": {
+      "adds_vnetName": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "Azure ADDS vNet"
+          "displayName": "Azure ADDS vNet"
-        },
+        },
-        "defaultValue": "[concat(parameters('resourcePrefix'), '-sharedsvcs-vnet')]",
+        "defaultValue": "[concat(parameters('resourcePrefix'), '-sharedsvcs-vnet')]",
-        "allowedValues": []
+        "allowedValues": []
-      },
+      },
-      "script_executionUserResourceID": {
+      "key-vault-name": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "defaultValue": "[concat(parameters('resourcePrefix'),uniqueString(subscription().id))]"
-          "displayName": "Deployment Script Managed Identity Resource ID",
+      },
-          "description": "Resource ID for the Managed Identity that will execute embedded deployment scripts."
+      "script_executionUserResourceID": {
-        }
+        "type": "string",
-      },
+        "metadata": {
-      "scriptExecutionUserObjectID": {
+          "displayName": "Deployment Script Managed Identity Resource ID",
-        "type": "string",
+          "description": "Resource ID for the Managed Identity that will execute embedded deployment scripts."
-        "metadata": {
+        }
-          "displayName": "Deployment Script Managed Identity Object ID",
+      },
-          "description": "Object ID for the Managed Identity that will execute embedded deployment scripts."
+      "scriptExecutionUserObjectID": {
-        }
+        "type": "string",
-      },
+        "metadata": {
-      "keyvault_ownerUserObjectID": {
+          "displayName": "Deployment Script Managed Identity Object ID",
-        "type": "string",
+          "description": "Object ID for the Managed Identity that will execute embedded deployment scripts."
-        "metadata": {
+        }
-          "displayName": "Keyvault Owner User Object ID",
+      },
-          "description": "Object ID of the Global Administrator account used to initiate this blueprint assignment"
+      "keyvault_ownerUserObjectID": {
-        }
+        "type": "string",
-      },
+        "metadata": {
-      "resourcePrefix": {
+          "displayName": "Keyvault Owner User Object ID",
-        "type": "string",
+          "description": "Object ID of the Global Administrator account used to initiate this blueprint assignment"
-        "metadata": {
+        }
-          "displayName": "Resource Prefix"
+      },
-        },
+      "resourcePrefix": {
-        "defaultValue": "AVD"
+        "type": "string",
-      },
+        "metadata": {
-      "scriptURI": {
+          "displayName": "Resource Prefix"
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "AVD"
-          "displayName": "Script URI",
+      },
-          "description": "URI where Powershell scripts executed by the blueprint are located."
+      "scriptURI": {
-        },
+        "type": "string",
-        "defaultValue": "https://raw.githubusercontent.com/Azure/AVDBlueprint/main/scripts"
+        "metadata": {
-      },
+          "displayName": "Script URI",
-      "AzureEnvironmentName": {
+          "description": "URI where Powershell scripts executed by the blueprint are located."
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "https://raw.githubusercontent.com/Azure/AVDBlueprint/main/scripts"
-          "displayName": "Azure Environment Name",
+      },
-          "description": "URI where Powershell scripts executed by the blueprint are located."
+      "AzureEnvironmentName": {
-        },
+        "type": "string",
-        "defaultValue": "AzureCloud",
+        "metadata": {
-        "allowedValues": ["AzureCloud", "AzureUSGovernment"]
+          "displayName": "Azure Environment Name",
-      },
+          "description": "URI where Powershell scripts executed by the blueprint are located."
-      "AzureStorageFQDN": {
+        },
-        "type": "string",
+        "defaultValue": "AzureCloud",
-        "metadata": {
+        "allowedValues": ["AzureCloud", "AzureUSGovernment"]
-          "displayName": "Azure Files public endpoint",
+      },
-          "description": "URI where Powershell scripts executed by the blueprint are located."
+      "AzureStorageFQDN": {
-        },
+        "type": "string",
-        "defaultValue": "file.core.windows.net",
+        "metadata": {
-        "allowedValues": ["file.core.windows.net", "file.core.usgovcloudapi.net"]
+          "displayName": "Azure Files public endpoint",
-      },
+          "description": "URI where Powershell scripts executed by the blueprint are located."
-      "managementVMOSSku": {
+        },
-        "type": "string",
+        "defaultValue": "file.core.windows.net",
-        "metadata": {
+        "allowedValues": ["file.core.windows.net", "file.core.usgovcloudapi.net"]
-          "displayName": "Management VM OS Sku",
+      },
-          "description": "The Windows Sku of the VM used to manage AAD DS"
+      "managementVMOSSku": {
-        },
+        "type": "string",
-        "defaultValue": "2022-datacenter",
+        "metadata": {
-      },
+          "displayName": "Management VM OS Sku",
-      "avdHostPool_CreateAvailabilitySet": {
+          "description": "The Windows Sku of the VM used to manage AAD DS"
-        "type": "bool",
+        },
-        "metadata": {
+        "defaultValue": "2022-datacenter"
-          "displayName": "Create VM Availability Set",
+      },
-          "description": "Yes/No to create an availability set for the session host VMs"
+      "avdHostPool_CreateAvailabilitySet": {
-        },
+        "type": "bool",
-        "defaultValue": true,
+        "metadata": {
-        "allowedValues": [
+          "displayName": "Create VM Availability Set",
-          true,
+          "description": "Yes/No to create an availability set for the session host VMs"
-          false
+        },
-        ]
+        "defaultValue": true,
-      },
+        "allowedValues": [
-      "availabilityOption": {
+          true,
-        "type": "string",
+          false
-        "metadata": {
+        ]
-            "description": "Select the availability options for the VMs."
+      },
-        },
+      "availabilityOption": {
-        "defaultValue": "AvailabilitySet",
+        "type": "string",
-        "allowedValues": [
+        "metadata": {
-            "None", "AvailabilitySet", "AvailabilityZone"
+            "description": "Select the availability options for the VMs."
-        ]
+        },
-      },
+        "defaultValue": "AvailabilitySet",
-      "availabilitySetName": {
+        "allowedValues": [
-        "type": "string",
+            "None", "AvailabilitySet", "AvailabilityZone"
-        "metadata": {
+        ]
-            "description": "The name of availability set to be used when creating the VMs."
+      },
-        },
+      "availabilitySetName": {
-        "defaultValue": "[concat(parameters('resourcePrefix'), '-AvailabilitySet')]"
+        "type": "string",
-      },
+        "metadata": {
-      "availabilitySetUpdateDomainCount": {
+            "description": "The name of availability set to be used when creating the VMs."
-        "type": "int",
+        },
-        "metadata": {
+        "defaultValue": "[concat(parameters('resourcePrefix'), '-AvailabilitySet')]"
-            "description": "The platform update domain count of availability set to be created."
+      },
-        },
+      "availabilitySetUpdateDomainCount": {
-        "defaultValue": 5,
+        "type": "int",
-        "allowedValues": [
+        "metadata": {
-            1,
+            "description": "The platform update domain count of availability set to be created."
-            2,
+        },
-            3,
+        "defaultValue": 5,
-            4,
+        "allowedValues": [
-            5,
+            1,
-            6,
+            2,
-            7,
+            3,
-            8,
+            4,
-            9,
+            5,
-            10,
+            6,
-            11,
+            7,
-            12,
+            8,
-            13,
+            9,
-            14,
+            10,
-            15,
+            11,
-            16,
+            12,
-            17,
+            13,
-            18,
+            14,
-            19,
+            15,
-            20
+            16,
-        ]
+            17,
-      },
+            18,
-      "availabilitySetFaultDomainCount": {
+            19,
-        "type": "int",
+            20
-        "metadata": {
+        ]
-            "description": "The platform fault domain count of availability set to be created."
+      },
-        },
+      "availabilitySetFaultDomainCount": {
-        "defaultValue": 2,
+        "type": "int",
-        "allowedValues": [
+        "metadata": {
-            1,
+            "description": "The platform fault domain count of availability set to be created."
-            2,
+        },
-            3
+        "defaultValue": 2,
-        ]
+        "allowedValues": [
-    },
+            1,
-      "log-analytics_service-tier": {
+            2,
-        "type": "string",
+            3
-        "metadata": {
+        ]
-          "displayName": "Service tier",
+      },
-          "description": "Log Analytics Service tier: Free, Standalone, PerNode or PerGB2018."
+      "log-analytics_service-tier": {
-        },
+        "type": "string",
-        "defaultValue": "PerNode",
+        "metadata": {
-        "allowedValues": ["Free", "Standalone", "PerNode", "PerGB2018"]
+          "displayName": "Service tier",
-      },
+          "description": "Log Analytics Service tier: Free, Standalone, PerNode or PerGB2018."
-      "log-analytics_data-retention": {
+        },
-        "type": "int",
+        "defaultValue": "PerNode",
-        "metadata": {
+        "allowedValues": ["Free", "Standalone", "PerNode", "PerGB2018"]
-          "displayName": "Log retention in days",
+      },
-          "description": "Number of days data will be retained."
+      "log-analytics_data-retention": {
-        },
+        "type": "int",
-        "defaultValue": 365,
+        "metadata": {
-        "allowedValues": []
+          "displayName": "Log retention in days",
-      },
+          "description": "Number of days data will be retained."
-      "logsRetentionInDays": {
+        },
-        "type": "int",
+        "defaultValue": 365,
-        "defaultValue": 365,
+        "allowedValues": []
-        "minValue": 0,
+      },
-        "maxValue": 365,
+      "logsRetentionInDays": {
-        "metadata": {
+        "type": "int",
-          "displayName": "Log retention in days",
+        "defaultValue": 365,
-          "description": "Specifies the number of days (0-365) that logs will be kept. A value of '0' will retain logs indefinitely"
+        "minValue": 0,
-        }
+        "maxValue": 365,
-      },
+        "metadata": {
-      "vnet_vnet-address-prefix": {
+          "displayName": "Log retention in days",
-        "type": "string",
+          "description": "Specifies the number of days (0-365) that logs will be kept. A value of '0' will retain logs indefinitely"
-        "metadata": {
+        }
-          "displayName": "Address prefix of the vnet created by the AVD Blueprint."
+      },
-        },
+      "vnet_vnet-address-prefix": {
-        "defaultValue": "10.0.0.0/16",
+        "type": "string",
-        "allowedValues": []
+        "metadata": {
-      },
+          "displayName": "Address prefix of the vnet created by the AVD Blueprint."
-      "vnetEnableDdosProtection": {
+        },
-        "type": "Bool",
+        "defaultValue": "10.0.0.0/16",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "Enable Virtual Network DDoS protection",
+      },
-          "description": "Determines whether or not DDoS Protection is enabled in the Virtual Network."
+      "vnetEnableDdosProtection": {
-        },
+        "type": "Bool",
-        "defaultValue": false
+        "metadata": {
-      },
+          "displayName": "Enable Virtual Network DDoS protection",
-      "vnet_sharedsvcs-subnet-address-prefix": {
+          "description": "Determines whether or not DDoS Protection is enabled in the Virtual Network."
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": false
-          "displayName": "Shared services subnet address prefix",
+      },
-          "description": "Shared services subnet address prefix."
+      "vnet_sharedsvcs-subnet-address-prefix": {
-        },
+        "type": "string",
-        "defaultValue": "10.0.0.0/24",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "Shared services subnet address prefix",
-      },
+          "description": "Shared services subnet address prefix."
-      "vnet_adds-subnet-address-prefix": {
+        },
-        "type": "string",
+        "defaultValue": "10.0.0.0/24",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "Azure ADDS subnet address prefix",
+      },
-          "description": "Subnet for Azure ADDS."
+      "vnet_adds-subnet-address-prefix": {
-        },
+        "type": "string",
-        "defaultValue": "10.0.6.0/24",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "Azure ADDS subnet address prefix",
-      },
+          "description": "Subnet for Azure ADDS."
-      "daUser_AdminUser": {
+        },
-        "type": "string",
+        "defaultValue": "10.0.6.0/24",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "Admin User UPN",
+      },
-          "description": "This account will be a member of AAD DC Administrators and local admin on deployed VMs."
+      "daUser_AdminUser": {
-        },
+        "type": "string",
-        "defaultValue": "[concat( 'domainadmin@', parameters('adds_domainName'))]"
+        "metadata": {
-      },
+          "displayName": "Admin User UPN",
-      "avdHostPool_hostpoolname": {
+          "description": "This account will be a member of AAD DC Administrators and local admin on deployed VMs."
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "[concat( 'domainadmin@', parameters('adds_domainName'))]"
-          "displayName": "AVD Hostpool Name"
+      },
-        },
+      "avdHostPool_hostpoolname": {
-        "defaultValue": "[concat(parameters('resourcePrefix'), '-avd-hp')]"
+        "type": "string",
-      },
+        "metadata": {
-      "avdHostPool_workspaceName": {
+          "displayName": "AVD Hostpool Name"
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "[concat(parameters('resourcePrefix'), '-avd-hp')]"
-          "displayName": "AVD Workspace Name"
+      },
-        },
+      "avdHostPool_workspaceName": {
-        "defaultValue": "[concat(parameters('resourcePrefix'), '-avd-ws')]"
+        "type": "string",
-      },
+        "metadata": {
-      "avdHostPool_hostpoolDescription": {
+          "displayName": "AVD Workspace Name"
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "[concat(parameters('resourcePrefix'), '-avd-ws')]"
-          "displayName": "AVD Hostpool Description"
+      },
-        },
+      "avdHostPool_hostpoolDescription": {
-        "defaultValue": "A collection of session hosts, running as virtual machines in Azure, and registered to the Azure Virtual Desktop service"
+        "type": "string",
-      },
+        "metadata": {
-      "avdHostPool_vmNamePrefix": {
+          "displayName": "AVD Hostpool Description"
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "A collection of session hosts, running as virtual machines in Azure, and registered to the Azure Virtual Desktop service"
-          "displayName": "VM Prefix",
+      },
-          "description": "Prefix added to each AVD session host name."
+      "avdHostPool_vmNamePrefix": {
-        },
+        "type": "string",
-        "defaultValue": "[concat(parameters('resourcePrefix'), 'VM')]"
+        "metadata": {
-      },
+          "displayName": "VM Prefix",
-      "avdHostPool_vmGalleryImageOffer": {
+          "description": "Prefix added to each AVD session host name."
-        "type": "string",
+        },
-        "allowedValues": [
+        "defaultValue": "[concat(parameters('resourcePrefix'), 'VM')]"
-           "windows-10",
+      },
-           "office-365"
+      "avdHostPool_vmGalleryImageOffer": {
-          ],
+        "type": "string",
-        "metadata": {
+        "allowedValues": [
-          "displayName": "Gallery Image Offer"
+           "windows-10",
-        },
+           "office-365"
-        "defaultValue": "office-365"
+          ],
-      },
+        "metadata": {
-      "avdHostPool_vmGalleryImagePublisher": {
+          "displayName": "Gallery Image Offer"
-        "type": "string",
+        },
-        "metadata": {
+        "defaultValue": "office-365"
-          "displayName": "Gallery Image Publisher"
+      },
-        },
+      "avdHostPool_vmGalleryImagePublisher": {
-        "defaultValue": "MicrosoftWindowsDesktop"
+        "type": "string",
-      },
+        "metadata": {
-      "avdHostPool_vmGalleryImageSKU": {
+          "displayName": "Gallery Image Publisher"
-        "type": "string",
+        },
-        "allowedValues": [
+        "defaultValue": "MicrosoftWindowsDesktop"
-          "19h2-evd-o365pp",
+      },
-          "19h2-evd-o365pp-g2",
+      "avdHostPool_vmGalleryImageSKU": {
-          "20h1-evd-o365pp",
+        "type": "string",
-          "20h1-evd-o365pp-g2",
+        "metadata": {
-          "20h2-evd-o365pp",
+          "displayName": "AVD session host Gallery OS image SKU",
-          "20h2-evd-o365pp-g2",
+          "description": "The Windows version that will be used to create the AVD session hosts"
-          "21h1-evd-o365pp",
+        },
-          "21h1-evd-o365pp-g2",
+        "defaultValue": "21h1-evd-o365pp"
-          "19h2-evd",
+      },
-          "19h2-evd-g2",
+      "avdHostPool_vmImageType": {
-          "20h1-evd",
+        "type": "string",
-          "20h1-evd-g2",
+        "metadata": {
-          "20h2-evd",
+          "description": "Select the image source for the session host vms. VMs from a Gallery image will be created with Managed Disks."
-          "20h2-evd-g2",
+        },
-          "21h1-evd",
+        "defaultValue": "Gallery",
-          "21h1-evd-g2"
+        "allowedValues": [
-      ],
+          "CustomVHD",
-        "metadata": {
+          "CustomImage",
-          "displayName": "Azure Gallery image SKU",
+          "Gallery",
-          "description": "20h1=2004, 20h2=2009, 21h1=21h1"
+          "Disk"
-        },
+        ]
-        "defaultValue": "21h1-evd-o365pp"
+      },
-      },
+      "avdHostPool_vmDiskType": {
-      "avdHostPool_vmImageType": {
+        "type": "string",
-        "type": "string",
+        "metadata": {
-        "metadata": {
+          "displayName": "VM Image Type"
-          "description": "Select the image source for the session host vms. VMs from a Gallery image will be created with Managed Disks."
+        },
-        },
+        "defaultValue": "StandardSSD_LRS"
-        "defaultValue": "Gallery",
+      },
-        "allowedValues": [
+      "avdHostPool_vmUseManagedDisks": {
-          "CustomVHD",
+        "type": "bool",
-          "CustomImage",
+        "metadata": {
-          "Gallery",
+          "displayName": "Use Managed Disks"
-          "Disk"
+        },
-        ]
+        "defaultValue": true
-      },
+      },
-      "avdHostPool_vmDiskType": {
+      "avdHostPool_allApplicationGroupReferences": {
-        "type": "string",
+        "type": "string",
-        "metadata": {
+        "metadata": {
-          "displayName": "VM Image Type"
+          "displayName": "allApplicationGroupReferences (AVDHostpool)",
-        },
+          "description": "The existing app groups references of the workspace selected."
-        "defaultValue": "StandardSSD_LRS"
+        },
-      },
+        "defaultValue": "",
-      "avdHostPool_vmUseManagedDisks": {
+        "allowedValues": []
-        "type": "bool",
+      },
-        "metadata": {
+      "avdHostPool_vmImageVhdUri": {
-          "displayName": "Use Managed Disks"
+        "type": "string",
-        },
+        "metadata": {
-        "defaultValue": true
+          "displayName": "vmImageVhdUri (AVDHostpool)",
-      },
+          "description": "(Required when vmImageType = CustomVHD) URI of the sysprepped image vhd file to be used to create the session host VMs. For example, https://rdsstorage.blob.core.windows.net/vhds/sessionhostimage.vhd"
-      "avdHostPool_allApplicationGroupReferences": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "allApplicationGroupReferences (AVDHostpool)",
+      },
-          "description": "The existing app groups references of the workspace selected."
+      "avdHostPool_vmCustomImageSourceId": {
-        },
+        "type": "string",
-        "defaultValue": "",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "vmCustomImageSourceId (AVDHostpool)",
-      },
+          "description": "(Required when vmImageType = CustomImage) Resource ID of the image."
-      "avdHostPool_vmImageVhdUri": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "vmImageVhdUri (AVDHostpool)",
+      },
-          "description": "(Required when vmImageType = CustomVHD) URI of the sysprepped image vhd file to be used to create the session host VMs. For example, https://rdsstorage.blob.core.windows.net/vhds/sessionhostimage.vhd"
+      "avdHostPool_networkSecurityGroupId": {
-        },
+        "type": "string",
-        "defaultValue": "",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "networkSecurityGroupId (AVDHostpool)",
-      },
+          "description": "The resource ID of an existing network security group."
-      "avdHostPool_vmCustomImageSourceId": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "vmCustomImageSourceId (AVDHostpool)",
+      },
-          "description": "(Required when vmImageType = CustomImage) Resource ID of the image."
+      "avdHostPool_personalDesktopAssignmentType": {
-        },
+        "type": "string",
-        "defaultValue": "",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "personalDesktopAssignmentType (AVDHostpool)",
-      },
+          "description": "Set the type of assignment for a Personal hostpool type"
-      "avdHostPool_networkSecurityGroupId": {
+        },
-        "type": "string",
+        "defaultValue": "Automatic",
-        "metadata": {
+        "allowedValues": ["Automatic", "Direct", ""]
-          "displayName": "networkSecurityGroupId (AVDHostpool)",
+      },
-          "description": "The resource ID of an existing network security group."
+      "avdHostPool_customRdpProperty": {
-        },
+        "type": "string",
-        "defaultValue": "",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "customRdpProperty (AVDHostpool)",
-      },
+          "description": "Hostpool RDP properties."
-      "avdHostPool_personalDesktopAssignmentType": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "personalDesktopAssignmentType (AVDHostpool)",
+      },
-          "description": "Set the type of assignment for a Personal hostpool type"
+      "avdHostPool_deploymentId": {
-        },
+        "type": "string",
-        "defaultValue": "Automatic",
+        "metadata": {
-        "allowedValues": ["Automatic", "Direct", ""]
+          "displayName": "deploymentId (AVDHostpool)",
-      },
+          "description": "GUID for the deployment"
-      "avdHostPool_customRdpProperty": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "customRdpProperty (AVDHostpool)",
+      },
-          "description": "Hostpool RDP properties."
+      "avdHostPool_ouPath": {
-        },
+        "type": "string",
-        "defaultValue": "",
+        "metadata": {
-        "allowedValues": []
+          "displayName": "ouPath (AVDHostpool)",
-      },
+          "description": "OUPath for the domain join"
-      "avdHostPool_deploymentId": {
+        },
-        "type": "string",
+        "defaultValue": "",
-        "metadata": {
+        "allowedValues": []
-          "displayName": "deploymentId (AVDHostpool)",
+      }
-          "description": "GUID for the deployment"
+    },
-        },
+    "resourceGroups": {
-        "defaultValue": "",
+      "ResourceGroup": {
-        "allowedValues": []
+        "name": "[concat(parameters('resourcePrefix'),'-sharedsvcs-rg')]",
-      },
+        "metadata": {
-      "avdHostPool_ouPath": {
+          "displayName": "Shared Services resource group"
-        "type": "string",
+        },
-        "metadata": {
+        "dependsOn": []
-          "displayName": "ouPath (AVDHostpool)",
+      }
-          "description": "OUPath for the domain join"
+    }
-        },
+  }
-        "defaultValue": "",
+}
        "allowedValues": []
      }
    },
    "resourceGroups": {
      "ResourceGroup": {
        "name": "[concat(parameters('resourcePrefix'),'-sharedsvcs-rg')]",
        "metadata": {
          "displayName": "Shared Services resource group"
        },
        "dependsOn": []
      }
    }
  }
 }
--- a/Script/AVDBPParameters.json
+++ b/Script/AVDBPParameters.json
@ -2,15 +2,15 @@
    "AzureSubscriptionID": "",
    "AzureTenantID": "",
    "AADDSDomainName": "",
-    "BlueprintResourcePrefix": "Please delete this text and enter a 6-8 character random string of text",
+    "BlueprintResourcePrefix": "",
-    
+
    "PromptForSessionHostOSSku": true,
    "PromptForManagementVMOSSku": false,
    "avdHostPool_vmGalleryImageSKU": "21h1-evd-o365pp",
    "avdHostPool_vmSize": "Standard_B4ms",
    "avdHostPool_vmNumberOfInstances": 2,
    "avdHostPool_maxSessionLimit": 16,
    "avdUsers_userCount": 30,
    "BlueprintGlobalResourceGroupName": "AVD_Blueprint_Global_RG",
    "UserAssignedIdentityName": "UAI1",
    "BlueprintName": "AVDBlueprint",
--- a/Script/AssignAVDBlueprint.ps1
+++ b/Script/AssignAVDBlueprint.ps1
@ -53,7 +53,7 @@ $BPScriptParams
 - TITLE:          AVD Blueprint Configuration and Deployment script
 - AUTHORED BY:    Robert M. Smith
 - AUTHORED DATE:  01 September 2021
- CONTRIBUTORS:   Tim Muessig, Jason Masten, Dennis Payne
+- CONTRIBUTORS:   Tim Muessig, Jason Masten, Dennis Payne, Chris Rutledge
 - LAST UPDATED:   30 September 2021
 - PURPOSE:        A single PowerShell script to perform everything necessary to deploy Azure Virtual Desktop (AVD)
                  into an Azure Subscription
@ -113,29 +113,39 @@ $BPScriptParams
 ######################################################################################################################################>
 #region Checking for the required parameters, and if not set, exit script
 Write-Host "Checking PowerShell installed modules..." -ForegroundColor Cyan
 #region Checking for the first two required parameters, and if not set, exit script
 if (-not($AADDSDomainName)) {
-    Write-Host "`n    Azure Active Directory Domain Services name is null
+    Write-Host "`n    Azure Active Directory Domain Services name is not found
    AAD DS name must be specified in the parameter file 'AVDBPParameters.json'
    Your AAD DS prefix name must be 15 characters or less in the format 'domain.contoso.com'
-    This script will now exit." -ForegroundColor Cyan
+    This script will now exit." -ForegroundColor Red
    Return
 }
 if (-not($AzureTenantID)) {
    Write-Host "`n    Azure Tenant ID is missing.
    The destination Azure Tenant ID must be present in the  file'AVDBPParameters.json'.
-    This script will now exit." -ForegroundColor Cyan
+    This script will now exit." -ForegroundColor Red
    Return
 }
 if (-not($AzureSubscriptionID)) {
    Write-Host "`n    Azure Subscription ID is missing.
    The destination Azure Subscription ID must be present in the  file'AVDBPParameters.json'.
-    This script will now exit." -ForegroundColor Cyan
+    This script will now exit." -ForegroundColor Red
    Return
 }
 if (-not($BlueprintResourcePrefix)) {
    Write-Host "`n    'BlueprintResourcePrefix' parameter value is missing in the parameter file 'AVDBPParameters.json'
    Please enter a 4-8 character value to be used for the blueprint deployment prefix.
    This prefix is used in naming some objects during the blueprint deployment, including computer names.
    Prefixes longer than 8 or 9 characters start to limit number of session hosts VMs that can get created because of name length.
    This script will now exit." -ForegroundColor Red
    Return
 }
 #endregion
 #region Make sure required Az modules are installed
@ -148,6 +158,8 @@ if (-not($AzureSubscriptionID)) {
    #  - Az.Resources
    #  - AzureAD
    Write-Host "Checking PowerShell installed modules..." -ForegroundColor Cyan
    $AzModuleGalleryMessage = "You may be prompted to install from the PowerShell Gallery`n
    If the Az PowerShell modules were not previously installed you may be prompted to install 'Nuget'.`n
    If your policies allow those items to be installed, click 'Yes to All' when prompted."
@ -268,14 +280,6 @@ $AzureEnvironment = Get-AzContext
 $AzureStorageEnvironment = ($AzureEnvironment).Environment.StorageEndpointSuffix
 $AzureStorageFileEnv = 'file.' + $AzureStorageEnvironment
 # Set the correct value for 'avdHostPool_vmGalleryImageOffer' based on the VM type being installed'
 if ($avdHostPool_vmGalleryImageSKU -like '*o365pp*')
 {
    $avdHostPool_vmGalleryImageOffer = "office-365"
 } else {
    $avdHostPool_vmGalleryImageOffer = "windows-10"
 }
 Write-Host "`n    Enumerating list of locations in your environment, that offer the AVD service..." -ForegroundColor Cyan
 $AzureLocations = (Get-AzResourceProvider -ListAvailable | Where-Object {($_.ProviderNamespace -EQ "Microsoft.DesktopVirtualization" -and $_.RegistrationState -EQ "Registered")}).Locations.ToLower() -replace '\s',''
@ -345,7 +349,7 @@ if ($result -eq [System.Windows.Forms.DialogResult]::OK)
 #region If management VM Sku prompt set true, query and display available Skus
 if ($PromptForManagementVMOSSku){
 Write-Host "`n    Gathering list of available Server Windows Skus..." -ForegroundColor Cyan
-$ServerSkus = Get-AzVMImageSku -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsServer' -Offer 'WindowsServer'  | Where-Object {$_.Skus -like "20??-datacenter*"}| foreach { $_.Skus}
+$ServerSkus = Get-AzVMImageSku -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsServer' -Offer 'WindowsServer'  | Where-Object {$_.Skus -like "20??-datacenter*" -and $_.Skus -notlike "*core*" -and $_.Skus -notlike "*smalldisk*" -and $_.Skus -notlike "*containers*"} | Select-object -Expandproperty Skus
 # Present a pop-up form to select management VM OS Sku to build from
 Add-Type -AssemblyName System.Windows.Forms
@ -415,12 +419,97 @@ $managementVMOSSku = '2022-datacenter'
 }
 #endregion
 #region If AVD session host prompt set true, query and display available Skus
 if ($PromptForSessionHostOSSku){
 Write-Host "`n    Gathering list of available Windows session host SKUs..." -ForegroundColor Cyan
 $AVDSHvmsku = Get-AzVMImageSku -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -offer 'windows-10' | Where-Object ({$_.Skus -like "*evd*" -and $_.Skus -notlike "*rs5*" -or $_.Skus -like "*avd*"})| Select-Object -ExpandProperty Skus
 $AVDSHvmsku += Get-AzVMImageSku -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -offer 'office-365' | Where-Object ({$_.Skus -like "*evd*" -and $_.Skus -notlike "*rs5*" -or $_.Skus -like "*avd*"})| Select-Object -ExpandProperty Skus
 $AVDSHvmsku += Get-AzVMImageSku -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -offer 'windows-11' | Where-Object ({$_.Skus -like "*evd*" -and $_.Skus -notlike "*rs5*" -or $_.Skus -like "*avd*"})| Select-Object -ExpandProperty Skus
 # Present a pop-up form to select management VM OS Sku to build from
 Add-Type -AssemblyName System.Windows.Forms
 Add-Type -AssemblyName System.Drawing
 $form = New-Object System.Windows.Forms.Form
 $form.Text = 'AVD OS Sku'
 $form.Size = New-Object System.Drawing.Size(300,200)
 $form.StartPosition = 'CenterScreen'
 $okButton = New-Object System.Windows.Forms.Button
 $okButton.Location = New-Object System.Drawing.Point(75,120)
 $okButton.Size = New-Object System.Drawing.Size(75,23)
 $okButton.Text = 'OK'
 $okButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
 $form.AcceptButton = $okButton
 $form.Controls.Add($okButton)
 $cancelButton = New-Object System.Windows.Forms.Button
 $cancelButton.Location = New-Object System.Drawing.Point(150,120)
 $cancelButton.Size = New-Object System.Drawing.Size(75,23)
 $cancelButton.Text = 'Cancel'
 $cancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel
 $form.CancelButton = $cancelButton
 $form.Controls.Add($cancelButton)
 $label = New-Object System.Windows.Forms.Label
 $label.Location = New-Object System.Drawing.Point(10,20)
 $label.Size = New-Object System.Drawing.Size(280,20)
 $label.Text = 'Please select AVD OS Sku:'
 $form.Controls.Add($label)
 $listBox = New-Object System.Windows.Forms.ListBox
 $listBox.Location = New-Object System.Drawing.Point(10,40)
 $listBox.Size = New-Object System.Drawing.Size(260,20)
 $listBox.Height = 80
 ForEach ($A in $AVDSHvmsku){
 Write-Output $A | ForEach-Object {[void] $listBox.Items.Add($_)}
 }
 $form.Controls.Add($listBox)
 $form.Topmost = $true
 $result = $form.ShowDialog()
 if ($result -eq [System.Windows.Forms.DialogResult]::CANCEL)
 {
    Write-Host "The 'Cancel' button was pressed. The script will now exit." -ForegroundColor Red
    Return
 }
 if ($null -eq $listBox.SelectedItem)
 {
    Write-Host "    A Windows Server OS Sku was not selected.
    Please re-run this script and select a Windows OS Sku in the pop-up pick-list" -ForegroundColor Red
    Return
 }
 if ($result -eq [System.Windows.Forms.DialogResult]::OK)
 {
    $avdHostPool_vmGalleryImageSKU = $listBox.SelectedItem
    # Set the correct 'ImageOffer' based on the image selected
 if (Get-AzVMImage -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -Offer 'windows-10' -Sku $avdHostPool_vmGalleryImageSKU -ErrorAction SilentlyContinue) {
    $avdHostPool_vmGalleryImageOffer = 'windows-10'
    } elseif (Get-AzVMImage -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -Offer 'windows-11' -Sku $avdHostPool_vmGalleryImageSKU -ErrorAction SilentlyContinue) {
    $avdHostPool_vmGalleryImageOffer = 'windows-11'
    } elseif (Get-AzVMImage -Location $ChosenAzureLocation -PublisherName 'MicrosoftWindowsDesktop' -Offer 'office-365' -Sku $avdHostPool_vmGalleryImageSKU -ErrorAction SilentlyContinue) {
    $avdHostPool_vmGalleryImageOffer = 'office-365'
 }
    Write-Host "Your chosen Windows session host OS Sku is '$avdHostPool_vmGalleryImageSKU'"
 }
 } else {
 $avdHostPool_vmGalleryImageSKU = '21h1-evd-o365pp'
 }
 #endregion
 Write-Host "`nThe following parameters will be used, based on the login information provided:
 Azure Tenant ID:                  $AzureTenantID
 Azure Subscription ID:            $AzureSubscriptionID
 Azure Cloud Instance:             $AzureEnvironmentName
-Azure Location:                   $ChosenAzureLocation`n" -ForegroundColor Cyan
+Azure Location:                   $ChosenAzureLocation
 `n" -ForegroundColor Cyan
 $UserPrincipalName = (Get-AzContext).Account.Id
 #Internal Account
@ -459,13 +548,20 @@ Connect-AzureAD -AzureEnvironmentName $AzureEnvironmentName -TenantId $AzureTena
 $ManagedIdentityCheck = Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName -ErrorAction SilentlyContinue
 Write-Host "`nCreating user-assigned managed identity account, that will be the context of the AVD assignment" -ForegroundColor Cyan
    If (-not($ManagedIdentityCheck)){
 $UserAssignedIdentity = Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName -ErrorAction SilentlyContinue
 Write-Host "`nCreating user-assigned managed identity account, which will be the context of the AVD assignment" -ForegroundColor Cyan
 }
    If (-not($UserAssignedIdentity)){
        Write-Host "        Managed identity '$UserAssignedIdentityName' does not currently exist.
        Now creating managed identity '$UserAssignedIdentityName' in resource group '$BlueprintGlobalResourceGroupName'" -ForegroundColor Cyan
        $UserAssignedIdentity = New-AzUserAssignedIdentity -ResourceGroupName $BlueprintGlobalResourceGroupName -Name $UserAssignedIdentityName -Location $ChosenAzureLocation
        $UserAssignedIdentity
        } else {
        Write-Host "`nUser Assigned Identity '$UserAssignedIdentityName' already exists`n" -ForegroundColor Cyan
        $UserAssignedIdentity = $ManagedIdentityCheck
        $ManagedIdentityCheck
-        $UserAssignedIdentity = Get-AzUserAssignedIdentity -ResourceGroupName $BlueprintGlobalResourceGroupName -Name $UserAssignedIdentityName
+        Write-Host "`nUser Assigned Identity '$UserAssignedIdentityName' already exists" -ForegroundColor Cyan
        $UserAssignedIdentity
    }
    $UserAssignedIdentityId = $UserAssignedIdentity.Id
    $ScriptExecutionUserObjectID = $UserAssignedIdentity.PrincipalId
@ -486,33 +582,23 @@ if (-not($UAMIOwnerSubRoleCheck)){
    Write-Host "User assigned identity '$UserAssignedIdentityName' already has 'Owner' role assigned at the subscription level" -ForegroundColor Cyan
    $UAMIOwnerSubRoleCheck
 }
 #endregion
-#region Grant the 'Blueprint Operator' subscription level role to the managed identity
+#region Register the Azure Blueprint provider to the subscription, if not already registered
-Write-Host "Now checking if user assigned identity '$UserAssignedIdentityName' has 'Blueprint Operator' subscription level role assignment" -ForegroundColor Cyan
+Write-Host "Now checking the 'Microsoft.Blueprint' provider, and registering if needed" -ForegroundColor Cyan
-if (-not(Get-AzRoleAssignment -ResourceGroupName $BlueprintGlobalResourceGroupName -ObjectID ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator')) {
+$BlueprintProviderRegistration = Get-AzResourceProvider -ListAvailable | Where-Object {($_.ProviderNamespace -EQ "Microsoft.Blueprint" -and $_.RegistrationState -EQ "Registered")}
-    Write-Host "`User assigned identity '$UserAssignedIdentityName' does not currently have 'Blueprint Operator' subscription level role assignment" -ForegroundColor Cyan
+if (-not($BlueprintProviderRegistration)) {
-    Write-Host "Now assigning 'Blueprint Operator' role to '$UserAssignedIdentityName'" -ForegroundColor Cyan
+    Write-Host "The 'Microsoft.Blueprint' provider is not currently registered. Now registering..." -ForegroundColor Cyan
-    New-AzRoleAssignment -ObjectId ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator' -Scope "/subscriptions/$AzureSubscriptionID"
+    Register-AzResourceProvider -ProviderNamespace 'Microsoft.Blueprint'
    # adding a pause here until the 'Blueprint' provider is in the actual 'Registered' state
    Do {
        Write-Host "Pausing to ensure 'Blueprint' provider is in the 'registered' state. waiting 3 seconds..." -ForegroundColor Cyan
        Start-Sleep -Seconds 3
        } until (Get-AzResourceProvider -ListAvailable | Where-Object {($_.ProviderNamespace -EQ "Microsoft.Blueprint" -and $_.RegistrationState -EQ "Registered")} -ErrorAction SilentlyContinue)
    Get-AzResourceProvider -ListAvailable | Where-Object {($_.ProviderNamespace -EQ "Microsoft.Blueprint" -and $_.RegistrationState -EQ "Registered")}
 } else {
-    Write-Host "User assigned identity '$UserAssignedIdentityName' already has 'Blueprint Operator' role assigned at the subscription level" -ForegroundColor Cyan
+    Write-Host "The 'Microsoft.Blueprint' provider is already registered" -ForegroundColor Cyan
-    Get-AzRoleAssignment -ResourceGroupName $BlueprintGlobalResourceGroupName -ObjectID ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator' -ErrorAction SilentlyContinue
+    $BlueprintProviderRegistration
 }
 #endregion
 #region Assign Azure AD role 'Global Administrator' to the managed identity, to allow creation of AD objects during assignment, if not already assigned
 $AADGlobalAdminRoleInfo = Get-AzureADMSRoleDefinition -Filter "displayName eq 'Global Administrator'"
 $AADGlobalAdminRoleInfoId = $AADGlobalAdminRoleInfo.Id
 $AADGlobalAdminRoleDisplayName = $AADGlobalAdminRoleInfo.displayName
 Write-Host "`Assigning Azure AD role 'Global Administrator' to the managed identity" -ForegroundColor Cyan
 if (-not(Get-AzureADMSRoleAssignment -Filter "principalID eq '$ScriptExecutionUserObjectID' and roleDefinitionId eq '$AADGlobalAdminRoleInfoId'")){
    Write-Host "User assigned identity"$UserAssignedIdentity.name"does not have the"$AADGlobalAdminRoleInfo.displayName"role currently assigned." -ForegroundColor Cyan
    Write-Host "Now assigning role to managed identity." -ForegroundColor Cyan
    New-AzureADMSRoleAssignment -RoleDefinitionId $AADGlobalAdminRoleInfoId -PrincipalId $ScriptExecutionUserObjectID -DirectoryScopeId '/' -ErrorAction SilentlyContinue
 } else {
    Write-Host "User assigned identity '$UserAssignedIdentityName' already has the '$AADGlobalAdminRoleDisplayName' role assigned." -ForegroundColor Cyan
    Get-AzureADMSRoleAssignment -Filter "principalID eq '$ScriptExecutionUserObjectID' and roleDefinitionId eq '$AADGlobalAdminRoleInfoId'"
 }
 #endregion
@ -529,6 +615,52 @@ if (-not($BlueprintProviderList)) {
 }
 #endregion
 #region Grant the 'Blueprint Operator' subscription level role to the managed identity
 Write-Host "Now checking if user assigned identity '$UserAssignedIdentityName' has 'Blueprint Operator' subscription level role assignment" -ForegroundColor Cyan
 $UAMIBlueprintOperatorRoleCheck = Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName
 if (-not($UAMIBlueprintOperatorRoleCheck)) {
    Do {
    Write-Host "User assigned identity '$UserAssignedIdentityName' is not currently available, waiting 3 seconds..." -ForegroundColor Cyan
    Start-Sleep -Seconds 3
    } until (Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName -ErrorAction SilentlyContinue)
    Write-Host "User Assigned Managed Identity '$UserAssignedIdentityName' is now available..." -ForegroundColor Cyan
 }   
 $UAMIBlueprintOperatorRoleCheck2 = Get-AzRoleAssignment -ResourceGroupName $BlueprintGlobalResourceGroupName -ObjectID ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator'
 if (-not($UAMIBlueprintOperatorRoleCheck2)){
    Write-Host "Now checking if 'Blueprint Operator' role is currently assigned to '$UserAssignedIdentityName'" -ForegroundColor Cyan
    Get-AzRoleAssignment -ResourceGroupName $BlueprintGlobalResourceGroupName -ObjectID ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator'
    New-AzRoleAssignment -ObjectId ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator' -Scope "/subscriptions/$AzureSubscriptionID"
 } else {    
    Write-Host "User assigned identity '$UserAssignedIdentityName' already has 'Blueprint Operator' role assigned at the subscription level" -ForegroundColor Cyan
    Get-AzRoleAssignment -ResourceGroupName $BlueprintGlobalResourceGroupName -ObjectID ($UserAssignedIdentity).PrincipalId -RoleDefinitionName 'Blueprint Operator' -ErrorAction SilentlyContinue
 }
 #endregion
 #region Assign Azure AD role 'Global Administrator' to the managed identity, to allow creation of AD objects during assignment, if not already assigned
 $AADGlobalAdminRoleInfo = Get-AzureADMSRoleDefinition -Filter "displayName eq 'Global Administrator'"
 $AADGlobalAdminRoleInfoId = $AADGlobalAdminRoleInfo.Id
 $AADGlobalAdminRoleDisplayName = $AADGlobalAdminRoleInfo.displayName
 Write-Host "`Assigning Azure AD role 'Global Administrator' to the managed identity" -ForegroundColor Cyan
 $UAMIOwnerSubRoleCheck = Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName -ErrorAction SilentlyContinue
 if (-not($UAMIOwnerSubRoleCheck)){
    Do {
    Write-Host "Waiting 3 seconds for user assigned managed identity '$UserAssignedIdentityName' to become available for next operation..." -ForegroundColor Cyan
    Start-Sleep -Seconds 3
    } until (Get-AzUserAssignedIdentity -Name $UserAssignedIdentityName -ResourceGroupName $BlueprintGlobalResourceGroupName -ErrorAction SilentlyContinue)
 }
 if (-not(Get-AzureADMSRoleAssignment -Filter "principalID eq '$ScriptExecutionUserObjectID' and roleDefinitionId eq '$AADGlobalAdminRoleInfoId'")){
    Write-Host "User assigned identity"$UserAssignedIdentity.name"does not have the"$AADGlobalAdminRoleInfo.displayName"role currently assigned." -ForegroundColor Cyan
    Write-Host "Now assigning role to managed identity." -ForegroundColor Cyan
    New-AzureADMSRoleAssignment -RoleDefinitionId $AADGlobalAdminRoleInfoId -PrincipalId $ScriptExecutionUserObjectID -DirectoryScopeId '/' -ErrorAction SilentlyContinue
 } else {
    Write-Host "User assigned identity '$UserAssignedIdentityName' already has the '$AADGlobalAdminRoleDisplayName' role assigned." -ForegroundColor Cyan
    Get-AzureADMSRoleAssignment -Filter "principalID eq '$ScriptExecutionUserObjectID' and roleDefinitionId eq '$AADGlobalAdminRoleInfoId'"
 }
 #endregion
 #region Register the 'Microsoft.AAD' provider to the subscription, if not already registered
 Write-Host "Now checking the 'Microsoft.AAD' provider, and registering if needed" -ForegroundColor Cyan
 $MicrosoftAADProviderCheck = Get-AzResourceProvider -ListAvailable | Where-Object {($_.ProviderNamespace -EQ "Microsoft.AAD" -and $_.RegistrationState -EQ "Registered")}
--- a/Samples/Remove-AzAvdBpDeployment.ps1
+++ b/Samples/Remove-AzAvdBpDeployment.ps1
@ -54,27 +54,48 @@ Param(
    [switch] $PurgeKeyVault
 )
 #Trying to work around an issue where the modules were previously installed but don't report that way to PowerShell
 Write-Verbose "Checking PowerShell modules needed to run this script"
 if (-not(Get-Module -Name 'Az.Keyvault')) {
    Import-Module -Name 'Az.Keyvault' -Force
    }
    if (-not(Get-Module -Name 'Az.Keyvault')) {
    Install-Module 'Az.Keyvault' -Force
    Import-Module -Name 'Az.Keyvault' -Force
 }
 if (-not(Get-Module -Name 'Az.Storage')) {
    Import-Module -Name 'Az.Storage' -Force
    }
    if (-not(Get-Module -Name 'Az.Storage')) {
    Install-Module 'Az.Storage' -Force
    Import-Module -Name 'Az.Storage' -Force
 }
 if (-not(Get-Module -Name 'Az.Resources')) {
    Import-Module -Name 'Az.Resources' -Force
    }
    if (-not(Get-Module -Name 'Az.Resources')) {
    Install-Module 'Az.Resources' -Force
    Import-Module -Name 'Az.Resources' -Force
 }
 if (-not(Get-Module -Name 'Az.OperationalInsights')) {
    Import-Module -Name 'Az.OperationalInsights' -Force
    }
    if (-not(Get-Module -Name 'Az.OperationalInsights')) {
    Install-Module 'Az.OperationalInsights' -Force
    Import-Module -Name 'Az.OperationalInsights' -Force
 }
 if (-not(Get-Module -Name 'AzureAD')) {
    Import-Module -Name 'AzureAD' -Force
    }
    if (-not(Get-Module -Name 'AzureAD')) {
    Install-Module 'AzureAD' -Force
    Import-Module -Name 'AzureAD' -Force
 }
 if (-not(Get-Module -Name 'Az.DesktopVirtualization')) {
    Import-Module 'Az.DesktopVirtualization' -Force
    }
    if (-not(Get-Module -Name 'Az.DesktopVirtualization')) {
    Install-Module 'Az.DesktopVirtualization' -Force
    Import-Module 'Az.DesktopVirtualization' -Force
 }
--- a/README.md
+++ b/README.md
@ -21,7 +21,7 @@ The AVD Blueprints are meant to deploy an entire environment, including Azure Ac
  * Locate the .zip file downloaded from Github.com
  * Right-click the .zip file, and then click **'Properties'**
  * In the bottom section labeled **'Security'**, if the text is present: 'This file came from another computer and might be blocked to help protect this computer', click the **'Unblock'** check-box, then click **'Apply'**, and then click **'OK'**.  
- 
+
 * **Extract the downloaded .zip file** to any folder on your device (Example. 'C:\AVDBlueprint')  
  * You can double-click the .zip file in Windows File Explorer.
  * Double-click the top-level folder in the zip, which should be named **'AVDBlueprint-main'**.
--- a/scripts/CreateAADDSFileShare_ConfigureGP.ps1
+++ b/scripts/CreateAADDSFileShare_ConfigureGP.ps1
@ -19,8 +19,10 @@ Param(
    [string] $evdvm_name_prefix,
    [Parameter(Mandatory=$true)]
-    [string] $vmNumberOfInstances
+    [string] $vmNumberOfInstances,
-    
+
    [Parameter(Mandatory=$true)]
    [string] $keyvaultname
 )
 #region Install RSAT-AD Tools, GP Tools, setup working folders, and install 'Az' PowerShell modules
 Install-WindowsFeature -name GPMC
@ -51,8 +53,10 @@ $Scriptblock = {
    [string] $evdvm_name_prefix,
    [Parameter(Mandatory=$true,Position=6)]
-    [string] $vmNumberOfInstances
+    [string] $vmNumberOfInstances,
    [Parameter(Mandatory=$true,Position=7)]
    [string] $keyvaultname
    )
    Start-Transcript -OutputDirectory C:\Windows\Temp
@ -150,7 +154,7 @@ Connect-AzAccount -Identity -Environment $AzureEnvironmentName
 # Download AVD post-install group policy settings zip file, and expand it
 $CTempPath = 'C:\Temp'
-New-Item -ItemType Directory -Path "$CTempPath" -ErrorAction SilentlyContinue
+New-Item -ItemType Directory -Path $CTempPath -ErrorAction SilentlyContinue
 New-Item -ItemType Directory -Path "$CTempPath\Software" -ErrorAction SilentlyContinue
 $AVDPostInstallGPSettingsZip = "$CTempPath\AVD_PostInstall_GP_Settings.zip"
 $ZipFileURI = "$ScriptURI/AVD_PostInstall_GP_Settings.zip"
@ -211,7 +215,7 @@ $AVDComputersOU = New-ADOrganizationalUnit -Name 'AVD Computers' -DisplayName 'A
 New-GPLink -Target $AVDComputersOU.DistinguishedName -Name $AVDPolicy.DisplayName -LinkEnabled Yes
 # Get credentials and use those to move AVD session hosts to their new OU
-$KeyVault = Get-AzKeyVault -VaultName "*-sharedsvcs-kv"
+$KeyVault = Get-AzKeyVault -VaultName $keyvaultname
 $DAUserUPN = (Get-AzADGroup -DisplayName "AAD DC Administrators" | Get-AzADGroupMember).UserPrincipalName
 $DAUserName = $DAUserUPN.Split('@')[0]
 $DAPass = (Get-AzKeyVaultSecret -VaultName $keyvault.VaultName -name $DAUserName).SecretValue
@ -270,7 +274,7 @@ for ($i = 1; $i -le $vmNumberOfInstances ; $i++) {
    $s = New-PSSession -ComputerName $VMComputerName
    Invoke-Command -Session $s -ScriptBlock {
            gpupdate /force
-            shutdown /r /f /t 15
+            shutdown /r /f /t 60
        }
    Remove-PSSession -Session $s
 }
@ -287,7 +291,7 @@ for ($i = 1; $i -le $vmNumberOfInstances ; $i++) {
 Connect-AzAccount -Identity -Environment $AzureEnvironmentName
 #Create a DAuser context, using password from Key Vault
-$KeyVault = Get-AzKeyVault -VaultName "*-sharedsvcs-kv"
+$KeyVault = Get-AzKeyVault -VaultName $keyvaultname
 $DAUserUPN = (Get-AzADGroup -DisplayName "AAD DC Administrators" | Get-AzADGroupMember).UserPrincipalName
 $DAUserName = $DAUserUPN.Split('@')[0]
 $DAPass = (Get-AzKeyVaultSecret -VaultName $keyvault.VaultName -name $DAUserName).SecretValue
@ -311,7 +315,7 @@ Get-AzContext | Out-File -append c:\windows\temp\outercontext.txt
 klist tickets | Out-File -append c:\windows\temp\outercontext.txt
 #Run the $scriptblock in the DAuser context
-Invoke-Command -ConfigurationName DASessionConf -ComputerName $env:COMPUTERNAME -ScriptBlock $Scriptblock -ArgumentList $ResourceGroupName,$StorageAccountName,$ScriptURI,$AzureEnvironmentName,$AzureStorageFQDN,$evdvm_name_prefix,$vmNumberOfInstances
+Invoke-Command -ConfigurationName DASessionConf -ComputerName $env:COMPUTERNAME -ScriptBlock $Scriptblock -ArgumentList $ResourceGroupName,$StorageAccountName,$ScriptURI,$AzureEnvironmentName,$AzureStorageFQDN,$evdvm_name_prefix,$vmNumberOfInstances,$keyvaultname
 #Clean up DAuser context
 Unregister-PSSessionConfiguration -Name DASessionConf -Force