Changelog

2025-10-17: Best practice adoption update

Over the recent months, we have collectively gained a lot of experience with Schoolyear AVD and your implementations. Based on these experiences we are releasing a new dashboard update. The update focuses on the stability of the Schoolyear AVD service and on clarifying the different responsibilities between different user-roles.

The 4 changes are now available in the Schoolyear Beta environment and will become available in Schoolyear production environment as of 01-11-2025.

New features in this update:

1. Introduction of the Secure Apps Console.

2. Introduction of the AVD Admin role.

3. Introduction of a configurable buffer window (a time period between an app’s deployment completion and the start of an exam).

4. Introduction of a reservation time override button in the app selection screen while configuring an exam. The reservation time is the configured deployment time + buffer window.

This update might require you to act:

The update introduces an enforcement of a minimum of 1 hour for deployment times and a minimum of 2.5 x the configured deployment time for the buffer window. The update will start enforcing the minimum deployment and buffer window times from the 14th of November. Where necessary, from this date, we are automatically increasing them to the minimum values. For some institutions, this might mean exam times overlap, which might neccessate a higher quota in Azure.

Secure Apps Console

All the Schoolyear AVD settings (AVD add-on, Orchestration Jobs, Quota) move from the general Admin Console to the Secure Apps console. You can find the Secure Apps Console by following these instructions: Open the Schoolyear Dashboard > Click on your name in the top right corner > Select Secure Apps Console. The Secure Apps Console does not add any new functionality, it only allows for more granular permissions.

AVD Admin role

To edit settings in the new Secure Apps Console, users need the AVD Admin role. This enables your educational institution to set more granular permissions. General Schoolyear Admins have read-only rights in the Secure Apps Console. Any user with Coordinator or Admin rights can be assigned the AVD Admin role. Like the e-mail whitelist for AVD Support, only the Schoolyear Support team can assign the AVD Admin role. We will use the current whitelist to automatically assign the roles. Please check if you have the role on November 1st.

Buffer window and override button

gantt

    dateFormat  HH:mm
    axisFormat %H:%M
    todayMarker off
    tickInterval 60minute


    section Deployment Time
    Deployment time           :a1, 05:30, 1h

    section Buffer Window
    Buffer window          :a2, after a1, 2.5h

    section Exam
    Exam Start           :milestone, a3, 09:00, 0h

The Buffer window is a time window in which you, as an AVD Admin, can respond to any incidents. It ensures there is enough time to perform a completely new exam deployment if necessary. Guidance on what to do when responding to incidents can be found here.

The buffer window is added as a setting in the AVD Add-on for each app.

Before you could only configure a deployment time, which was used for (1) deploying the resources to Azure and (2) as the timeframe to respond to possible incidents. With this new functionality you can create a buffer window between the deployment’s completion and the start of exams.

Example

If the estimated deployment duration is 60 minutes, you can add 3 hours of buffer window. This means that 4 hours before an exam, the deployment will start. We expect the deployment to finish within 60 minutes and if that is not the case, there is a buffer window of 3 hours to investigate, resolve the issue and (possibly) redeploy so that the exam can successfully continue.

As mentioned above, the update introduces an enforcement of a minimum of 1 hour for deployment times and a minimum of 2.5 x the configured deployment time for the buffer window. The update will start enforcing the minimum deployment and buffer window times from the 14th of November. Where necessary, from this date, we are automatically increasing them to the minimum values. For some institutions, this might mean exam times overlap, which might neccessate a higher quota in Azure. Make sure you change the quota in both the Azure Portal and in the Schoolyear Dashboard.

Override button

The new Buffer window feature includes an override button. For emergency situations and for testing purposes, Admins and AVD Admins have a toggle to override the minimum reservation time (deployment time + buffer window time) in the App selection screen. Turning the toggle on will enable you to select apps any app, it will ignore the reservation time. If applicable, immediately starting an Azure deployment.

2025-10-15: Change in Remote Desktop Web client

Microsoft is deprecating their Remote Desktop PC Web client on the 17th of November. This means the Schoolyear solution needs to switch to the new version. For AVD V2.1 add-on installations, this change is automatic. From the 15th of October 2025 you can test this on the beta environment of Schoolyear. A new deployment automatically uses the new client. A production release is expected to become available around the 1st of November.

The impact on users is minimal. Changing the client mainly changes the screens behind the overlay shown during start-up. It also slightly changes the UI of the Remote Desktop overlay. (Typically unnoticed by students, the drop-down menu at the centre top of the screen. Schoolyear hides this automatically when clicked.)

Something of note is that the new client no longer has the undocumented feature to use private links, this means Azure exam workspaces will be visible in the Windows App portal outside of Schoolyear. Of course, you won’t be able to connect to an exam workspace outside of Schoolyear.

For your reference, the url changes from https://client.wvd.microsoft.com/arm/webclient/index.html to https://windows.cloud.microsoft.

2025-09-02: Managed Identity Operator role

Starting with release v2.0.60, we now assign the Managed Identity Operator role to the managed identity created during the infrastructure installation step in the AVD Addon. This change is necessary to optimize our avdcli executable and enable Azure Image Builder to download large files.

Important: If you’re using avdcli version 2.0.6 or newer without the infrastructure from avd-deployments version 2.0.60 (or newer), your image build will fail with an error indicating that the managed identity is missing.

Manual Role Assignment

To resolve this issue and use the latest version of avdcli without problems, you can manually assign the Managed Identity Operator role:

1. In the Azure Portal, navigate to Managed Identities.

2. Select the managed identity with the name you provided during infrastructure installation.

3. Navigate to the Access Control (IAM) tab.

4. Click +Add → Add role assignment.

5. Search for Managed Identity Operator, select it, and click Next.

6. Click + Select members and search for the managed identity with the name you provided.

7. Select the managed identity and click Review + assign.

After completing these steps, you should see the Managed Identity Operator role assigned to your managed identity in its Access Control tab.