Applies to: Nerdio Manager for MSP (NMM) v2.0+
Watch these short videos to see the below steps live
In this article, we will go over how you can get your users up and running with cloud PCs starting from scratch.
Overview
Windows 365 Enterprise has been created to deliver Windows in the Cloud via Microsoft Endpoint Manager, without requiring extensive Azure or VDI knowledge. Windows 365 Enterprise helps you create Azure AD joined Cloud PCs. With this key feature, you no longer need to have an Azure subscription nor do you need to even have an on-premises Active Directory. Let us first understand how to set up a Cloud PC and later focus on creating Azure AD joined Cloud PCs.
Setting up Cloud PCs
There are five major steps in setting up cloud PC for your customer:
- Create a new account with cloud PC or enable cloud PC in an existing AVD based account
- Create a network connection
- Create a cloud PC ready desktop image
- Create a provisioning policy and assign cloud PC to users via Groups
- Assign a cloud PC license to a user
Step 1
As a first step, you must either create a new account with cloud PC as the desktop deployment model or take one of your existing accounts in NMM and enable cloud PC.
New account
Follow the steps in this KB article to create a new account with the cloud PC desktop deployment model.
Existing account
From the Accounts screen click the Manage button for the account you want to enable cloud PC desktop deployment model. Next, navigate to Settings > Integrations. On the Desktop deployment model tile, check the box Cloud PC MEM-managed. Confirm your selection when prompted.
Step 2
Cloud PCs require a network connection, a way for Microsoft to know how to AD-join the cloud PCs.
New account
When you create a new account, you provide AD credentials. NMM will use that information to create a new Network connection. You can create additional Network connections from the Settings > Cloud PC screen. Follow the steps below to create additional Network connections.
Existing account
Navigate to Settings > Windows 365. Look for the tile Network connections and click the Add link.
Enter details about your AD network and click Save. You will now see a new Network connection on the tile.
Step 3
Microsoft requires an image, a template of sorts, to create cloud PCs from. This is done by creating a desktop image that is cloud PC-ready. Follow the steps in this article to enable cloud PC for a desktop image or create a desktop image from scratch that is cloud PC is ready.
Step 4
A Provisioning policy brings a Network connection and Desktop image together so that Microsoft knows how to AD-join the cloud PC it's creating from the image. Further, you indicate which AD users are assigned a cloud PC by adding an AD group or groups to a Provisioning policy. The group members of the groups are the users that are assigned a cloud PC. In Nerdio Manager, there are two ways to manage Provisioning policies and assign groups:
Settings
Navigate to Settings > Windows 365. Look for the tile Provisioning Policies and click the Add link.
Enter all details and click OK to save the Provisioning policy. Note that assigning groups is optional. You can create a Provisioning policy without assigning a group for now and then subsequently come back to Settings > Windows 365, edit the provisioning policy, and add groups in the future.
Groups
From the main menu, navigate to Groups and search for the group you want to add to a Provisioning policy. From the action, menu select Manage cloud PC desktops.
Select the Desktop image and Network connection and click Confirm. Nerdio Manager will create a new provisioning policy.
Step 5
Microsoft will provision a cloud PC only for group members that have a Microsoft 365 license that entitles them to a cloud PC.
From the main menu, navigate to Users and search for the user you want to assign a Microsoft 365 license. From the action menu select Microsoft 365. On the subsequent screen select the right cloud PC license and click Confirm. A task will be initiated to provision a cloud PC for the user.
Once the task completes, the user will see a new desktop listed in their Remote Desktop feed.
Note that user may need to refresh the feed. Alternatively, user can navigate to https://cloudpc.microsoft.com to log in to their cloud PC.
Creating Azure AD joined Cloud PCs
Starting with version 3.0, NMM supports Azure AD join (AADJ) for Enterprise Cloud PCs. NMM portal provides the ability to create a provisioning policy using AADJ network rather than On-premises AD network connection. Let us look at how you can create AADJ networks and provisioning policies on NMM portal:
1.Enable Desktop deployment model = Windows 365 Enterprise Cloud PC (MEM-managed):
2.Create a new network connection (say testspnetwrk) with AD Configuration = AAD as shown below:
3.Add a new provisioning policy or edit an existing provisioning policy (say testsp1) with ADDJoined Network Connection (say "testnetwrk") and a Cloud PC desktop image (say testCloudPCIm..):
Note: We have assigned this provisioning policy to "All users" group but you can select a specific group.
4. Assign Cloud PC license to a user (say sptest1):
Optionally, you can review the changes Microsoft Endpoint Manager admin center, navigate to Windows 365> On-premises network connection blade. You will find that the network "testspnetwrk" is AAD joined:
Navigate to Provisioning policies blade and locate "testsp1". You can see that the provisioning policy "testsp1" is also AAD joined:
Comments
Please sign in to leave a comment.