Windows 10 and Windows 11 contain many applications, services, and background tasks that are not optimized for use in virtual desktop environments. You can improve the user experience and decrease virtual machine boot times, sign-in times, and application start-up times by running the Microsoft Virtual Desktop Optimization Toolkit (VDOT) on your Golden Image.
To start VDOT:
Sign in to Parallels DaaS Management Portal.
Select the Golden Image category.
Click the Edit button to start the virtual machine. Once the Golden Image virtual machine starts, open a browser in the VM and go tohttps://github.com/The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool
4. Click the Code menu and select Download ZIP.
Create a folder (ex. "C:\VDOT").
Unblock the downloaded .zip file, either manually using File > Properties, or using the Unblock-File PowerShell command.
Extract the VDOT download to the folder you created (ex. "C:\VDOT").
Start an elevated PowerShell prompt.
In PowerShell, change the directory to the folder that contains scripts (ex. "C:\VDOT").
Run the following PowerShell commands:
This allows PowerShell script execution but only as long as the app is open.
This will run every VDOT optimization with verbose output, automatically accept the EULA, and restart the device.
Once the machine reboots, reconnect and save your Golden Image.
You can find the full documentation and advanced parameters at https://github.com/The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool?tab=readme-ov-file
You can enable multi-factor authentication (MFA) in Parallels DaaS using Microsoft Entra ID (Azure AD). When users sign up to Parallels DaaS User Portal, they will be prompted to complete MFA. For additional security, Parallels DaaS assigns users to virtual machines “just in time”, thus preventing unauthorized access.
Note: Conditional access requires a Microsoft Azure P1 license. For most organizations, this will be included in your Microsoft 365 E3 or Microsoft Business premium licenses.
To enable MFA in Microsoft Entra ID:
Navigate to the Microsoft Azure portal at https://portal.azure.com.
Go to Microsoft Entra Conditional Access.
Select Create new policy.
Specify a name and assign the policy to a group of users. Its recommended to test the effects of the policies on a limited set of users before enabling it for all users.
Set Target resources to include your Parallels DaaS app registration (or all cloud apps) and exclude Azure Windows VM Sign-In.
Go to Grant, and select Grant Access.
Enable Require multifactor authentication.
Choose Select.
Enable the policy and click Create.
Depending on your organization's preferences, policies can be tailored to your specific needs.
