Changelog
2025-04-02: Changed recommended deployment resource group to germanywestcentral
We previously recommended westeurope as the default deployment location for AVD resources. However, due to frequent capacity issues in that region, we now recommend deploying to germanywestcentral instead.
Before updating the deployment location in the AVD Addon, ensure that your image definition is available in germanywestcentral.
We strongly recommend rebuilding your images in the new region. Alternatively, you can replicate your existing image versions to germanywestcentral, but keep in mind that all future image versions must also be replicated; otherwise, deployments will fail.
2025-03-31: Fix AVD pooling issue
Up until the 0.11.x deployment templates, AVD would allocate students to the same VM.
Although it was configured to use Breath-first load balancing, AVD distributed the students randomly, instead of evenly.
This new release (0.12.0) forces AVD to allocate exactly one VM per student.
2025-03-26: Explicit access to proxy VMs via SSH
Up until the 0.10.x deployment templates, access to the proxy VMs was controlled solely by setting the proxyRSAPublicKey variable, if this variable was set, access to the proxy VM was enabled.
Starting with the 0.11.0 template, enabling access to the proxy VMs requires explicitly setting both the proxyRSAPublicKey and enableProxySsh variables. This change was made to separate concerns, ensuring that key management and SSH access control are handled independently.
2025-03-20: Fix bug which allowed access to non-SY AVD hostpools
There was a bug in our proxying configuration that allowed specific sessionhosts to access non-SY-related hostpools during an exam. This was fixed for Windows and Mac clients in the 0.10.2 release.
Please update to the latest deployment template to stay up to date.
2025-03-10: Individual Virtual Machine deployments
We revamped the way we deploy resources to allow for more fault tolerance during exam deployments. We split our single deployment template into 2 templates:
- Main deployment template -> Handles the deployment of the peripheral resources, like the AVD Hostpool and the proxy servers.
- Individual VM deployment template -> Handles the deployment of each Virtual Machine individually
Before this change, a single vm deployment failure would cause the entire deployment to be considered a failure requiring the deployment to be restarted manually.
With this change, we are able to detect and handle failures per individual VM. The Exam Orchestrator automatically rotates failed VMs during deployment, resulting in a significantly higher success rate for large scale exam.
You will still only have to upload a single deployment template as you’re used to. The second embedded VM deployment template is linked in the main template. In order to use this feature you simply have to upgrade to the latest deployment template.
You can read more on the implementation on the Exam Orchestrator page:
Exam Orchestrator
2025-01-24: Abillity to connect exams to internal services
We updated both our avdcli and deployment template to allow customers to connect to internal services from within the
exam sessionhost VMs.
What does this mean ?
You can now build images with applications that require an internal connection like License Servers.
You can find a full guide on how to do so in the Internal Services section in the sidebar.
Update to the latest avdcli and deployment template to use this feature by following the Practical Image Building Guide:
Image Building Guide
2025-01-22: No more EntraID Groups
Up until now, Schoolyear AVD required extensive permissions in EntraId to manage groups and group members.
Schoolyear AVD created a user group for each exam and added the students as members.
EntraId has no option for scoping these permissions so Schoolyear AVD required
Group.Create, Group.ReadWrite.All and GroupMember.ReadWrite.All.
Some customers, rightfully, had doubts about giving an internal party these permissions,
and we didn’t like having such extensive permissions either.
We’re happy to announce Schoolyear AVD no longer requires these permissions to work. This change is available in production to all customers starting today.
Instead of creating a group, assigning roles to that group and then adding students to that group, the Exam Orchestrator will now add these roles directly to each individual student.
What changed
- The exam orchestrator now checks if your deployment template has a
groupIdparameter. If it does, it will create a group and add students to that group. If not, it will expect the newappGroupIdoutput parameters to be returned from the deployment template. Schoolyear AVD will add students to this AVD Application Group instead of adding them to an Entra Group. - The new deployment template will return this
appGroupIdinstead of having agroupIdparameter.
Because the Exam Orchestrator checks if your deployment template still has the groupId parameter,
this change is backwards compatible.
However, we do advise all customers to migrate to a newer version of the deployment template.
How to migrate?
-
Update all your deployment templates to the latest version. Perform the following steps for all your images:
- Run
avdcli image package. - Take the deployment template from the resulting
./outfolder. - Search-and-replace the parameters still left in the deployment template (see the quick-start guide).
- Create a new version in the Template Spec resource that belongs to this image.
- Reconfigure the AVD Add-on to use the new Template Spec version.
- Run
-
Remove the following permissions from the Schoolyear AVD App Registration:
Group.CreateGroup.ReadWrite.AllGroupMember.ReadWrite.All
-
Test if your new deployment templates work as expected and students are able to log into the exam environment.