Applies to: Nerdio Manager for MSP (NMM)
Nerdio Manager for MSP allows MSPs to create fully modern cloud-based environments for their customers. This guide will detail the steps necessary to migrate from Nerdio for Azure to the new NMM system.
The steps outlined in this guide are:
- Provisioning NMM into your MSP tenant
- Adding your customer's account
- Connecting to the NFA resource group
- (optional) Change FSLogix Volume Type
- Importing NFA images
- Configuring Host Pools
- Importing Personal Desktops
- Testing new account
- Adding users to new host pools
- Cutover to NMM
- Considerations for Hybrid AD Environments
- Cleanup of NFA environment (NFA account must be destroyed to stop parallel billing)
Provisioning NMM into your MSP tenant
NMM consists of an application that sits in your MSP tenant and connects from there to your customer's tenants. The first step is to install NMM into your Azure tenant. To do this, follow this written guide or this series of videos. Also review our guide regarding Azure Resource Provider Registration, prior to installing NMM.
Adding your customer's account
To manage your customer's account, you will need an Azure login with GA and subscription owner permissions. Follow the guide for adding an account. Since you're connecting to an existing NFA account, keep the following points in mind:
- In Step 1, tell NMM to Use existing Active Directory
- In Step 2, select the region of the existing NFA account, and the LAN subnet of the existing VNET. This will be the default subnet for new hosts.
We recommend creating a new resource group for the NMM host VMs to keep them separate from the NFA resources. We will connect to the existing NFA resource group in a later step, but it is acceptable to select the existing RG here.
- In Step 3 provide your existing AD domain info
- In Step 4, you can specify the UNC path to the profiles share on the existing FS01, or you can create a new Azure Files share if you'd like to decommission FS01 eventually. Using an Azure Files share will require migrating existing profiles (or recreating as new profiles).
Connecting to the NFA resource group and DMZ subnet
If you did not specify the existing NFA resource group when connecting to the NFA account, go to Settings -> Azure Environment in the left menu, and click Link under Linked resource groups.
Select your existing NFA resource group. This will allow you to see an manage the VMs in the NFA resource group from NMM.
Also in the Azure environment page, link to the existing DMZ subnet by clicking Link under Linked Networks
Select the DMZ subnet and click OK
Change FSLogix Volume Type
If your existing FSLogix profiles are using VHD as the volume type (as opposed to VHDX), you will need to configure NMM to use VHD as well. To do so, navigate to Settings -> Integrations and click on the link under FSLogix Profiles storage to bring up the FSLogix configuration option.
Change the "VolumeType" key from "vhdx" to "vhd." Also, add %username% to the FSLogix profiles path.
Importing NFA images
You can import the account's existing AVD images to be used in NMM. Note that images imported from NFA should have FSLogix uninstalled after importing them, as NMM will install FSLogix automatically when creating the hosts.
Important - Please also review SafeDNS section
Importing AVD Pool image
To import a pool image (e.g. "Pool-A00"), navigate to Desktop Images and click the Add from Azure Library button.
Give the new image a name and select your NFA image in the Azure Image dropdown menu. NOTE: check the "Do not create image object" option.
Importing AVDSH00 Image
To import the AVDSH00 image, you will need to export the OS disk using a SAS URL. Ensure the AVDSH00 VM is powered off, then find AVDSH00 in the Azure portal. Select Disks and open the OS disk.
Select Disk Export and click the Generate URL button
Copy the generated URL:
In NMM, navigate to AVD -> Desktop Images and click the Add from Azure VM button.
Give the new image a name, and paste the generated URL into the SAS URL field. Check the "Do not create image object" option. You may wish to provide custom credentials for a local administrator user on the VM.
Note: we do not suggest using the "Uninstall FSLogix app" option at this stage, because it is advisable to confirm and copy your FSLogix configuration before uninstalling the app.
Once the new image VM has been created in NMM, you will need to start it up, login to it, and uninstall FSLogix. You may wish to review any FSLogix registry settings under HKLM\Software\FSLogix in the Windows registry.
The FSLogix settings can then be re-created in NMM. To do so, navigate to Settings -> Integrations and click on the appropriate FSLogix Profile to bring up the FSLogix configuration option.
Once the FSLogix registry settings have been copied to NMM, proceed with uninstalling FSLogix from Windows. After uninstalling, ensure C:\Program Files\FSLogix and HKLM\Software\FSLogix are fully deleted.
Log out of the image VM. In NMM, navigate to Desktop Images and click Set as Image in the dropdown menu next to the image VM.
Create a new image
To create a brand new image for use with NMM, click the Add from Azure Library button and select an Azure image such as Windows 10 EVD.
Configuring New Host Pools
To create a host pool, follow the article on creating host pools in NMM. If you imported an image from NFA in the previous section, select that image when creating the new host pool. Add one or two users to the host pool to be able to verify the host pool has been created properly.
Once the host pool is created, set the Auto-scale settings to mirror the settings used in NFA. Note that there will be more options available in NMM than there were in NFA.
For more information on host pools in NMM, see the Overview of Host Pools.
Importing Personal Desktops
Personal Desktops created in NFA will have to be moved to AVD ARM manually (or you may continue operating them in AVD Classic, though NMM will not be able to see or manage them).
To migrate the personal desktops, create a new Single User Desktop (personal) pool in NMM, and set the host count to 0.
Then register the existing VMs to the new host pool, following Microsoft's documentation.
Testing new account
Connect to the new host pool (via the web client or AVD remote desktop client) with a user account you previously assigned to the host pool. Verify the new host pool has been built successfully, the applications match what was available in the NFA desktop, that the user profile is loaded correctly, etc.
Adding users to new host pools
Now that the new NMM host pool is ready, it's time to assign users and/or groups to the new host pool. Follow the Overview of Users and Overview of Groups articles to assign users and groups to the host pools.
At this point, users will have access to both the NFA desktops and the NMM desktops. When you are ready, you can un-assign them from their desktops in NFA so that they will only have the option of signing into the NMM desktops.
SafeDNS was an inclusive feature of NFA and isn't included in NMM. Partners will need modify current DNS settings and consider what DNS service they will use going forward.
Note: If you chose to import your desktop image you will need to uninstall the SAFEDNS client**
Steps to remove SAFEDNS
- From DC01, open up the DNS Manager and right-click "DC01", then select properties.
- From the "Forwarders" tab, click Edit and add an IP address to a public DNS server such as Google (220.127.116.11, 18.104.22.168) or CloudFlare (22.214.171.124)
- From your account in the Nerdio Admin Portal, expand the Network tab on the left and select Firewall.
- Click "Add Rule"
- Allow outbound traffic from any source using port 53 to the IP you used for the new forwarder.
- Ensure that the priority is above the existing system rule titled "Allow DNS to SafeDNS" (use a number lower than 501)
- Save the rule and confirm that DNS is functioning as expected.
Cutover to NMM
Now that users have been migrated to the NMM environment, you can turn down the NFA environment. The steps to do so are
- Disable auto-scale on NFA host pools (in NFA portal, navigate to Servers, find your host pool and select Manage Auto Scale from the drop down menu)
- Shut down all old host pools in NFA portal
- Disable auto-scale on all servers / personal desktops (in NFA portal)
- Configure auto-scale on servers in NMM portal
Considerations for Nerdio Hybrid AD Environments
Note: This is only for Hybrid AD Accounts
Note: You must destroy the original NFA account to stop any future user based billing charges from occurring.
Once the account has been migrated to Nerdio Manager for MSP all Hybrid AD functions can and should be managed from the member servers and DC's.
Cleanup of NFA environment
1) Destroy your NFA account
Note: Original Nerdio KB
Note: DO NOT CHECK "Empty out and delete"
- DO NOT CHECK this box - leave this box unchecked to preserve existing resources in Azure that have been migrated
- Type in AZURE to confirm your selection
- Select Keep for Office 365 resources - this will require a manual clean prior NFA service accounts used in NFA
- Type in O365 to confirm your selection
2) Remove NFA demo Users and Groups
|Prev <-- Planning for Migration||Next - Advanced Upgrades and Features (Coming Soon)|