- Microsoft is sunsetting Azure Classic "(not Azure Virtual Desktop (AVD)); - Microsoft Article
- NFA sunset occurs February 20th, 2023
- Only new NFA account creation will be unavailable on November 30th 2021
- NFA will be fully supported until the official sunset - email@example.com
- We encourage all partners to watch this video, read all of our supporting KB's and consider preparing for migrations in 2022. The entire Nerdio team is here to support and guide all of our amazing partners during this transition.
NFA to NMM Migration Guidance is spread across multiple Help Center articles. We recommend reading in the order below.
- [Read First] - Planning for a Successful Migration
- MSP Considerations
- New to NMM?
- Migration Part 1 - Add RDS Account in NMM
- Migration Part 2 - Customizing the Account in NMM
- Migration Part 3 - Completing the Migration
- [Read Last] - Post Migration Cleanup Guidance
- Prerequisite - Provisioning NMM into your MSP tenant
- Review our steps for NFA Discovery Planning
- A new FSLogix profile must be created for each user.
- NFA RDS included SMS based MFA which doesn't migrate to AVD. Please consider Microsoft’s Best Practices for MFA in AVD.
- Please review this diagram comparing NFA(RDS) to NMM(AVD).
This migration document follows the path of least change to ensure a simple and fast migration
Other modifications shouldn't be considered until after this migration is completed
- (Moving from FS01 to Azure Files) - Documentation coming Q1 2023
- (Moving from AD_DS to AAD_DS) - Documentation coming Q1 2023
New to NMM?
Part 1 - Add RDS account to NMM
Video Guide - Part One - Add Account
To add your customer's account, you will need an Azure login with Global Administrator and Subscription owner permissions. Follow the guide for adding an account. Since you're connecting to an existing NFA account, keep the following steps in mind:
Step 1 - Link to Customer's Azure AD Tenant
Select Use Existing Active Directory Setup
Step 2 - Networking
Provide details of your current NFA RDS account here.
Specifically, select the region of the existing NFA account, and the LAN subnet of the existing VNET. This will be the default subnet for new hosts.
We recommend creating a new resource group for the NMM host VMs to keep them separate from the NFA resources. but it is acceptable to select the existing RG here if you will not be creating a new one for the NMM resources.
We will connect to the existing NFA resource group in a later step, but it is acceptable to select the existing RG here.
Step 3 - Active Directory
Provide details regarding the current AD_DS in NFA RDS
Step 4 - FSLogix Storage
Nerdio Note - (MSP Choice below)
1) CREATE NEW “Premium” AZ Files share (Nerdio Recommended)
2) Provide Existing FS01 UNC share path from NFA RDS. This will be used for storage of new FSL Profiles
Recommended Reading - FSLogix Share Permissions
*Reminder that all AVD users will need new FSLogix profiles created during migration
Example of creating new AZ Files Storage
Part 2 - Customizing the Account in NMM
Step 1 - Configure Integrations and link Network/RG
Video Guide - Step Two - Configure Settings and Integrations
If you did not specify the existing NFA resource group when connecting to the NFA account, go to Settings -> Azure Environment in the left menu, and click Link under Linked resource groups
From the Account Screen, select "Settings" and "Azure Environment".
Select your existing NFA resource group. This will allow you to see an manage the VMs in the NFA resource group from NMM.
Also in the Azure environment page, link to the existing DMZ subnet by clicking Link under Linked Networks
Step 2 - Create new Desktop Image(s)
Video Guide - Step Three - Create a Desktop Image
Recommended Reading - Overview of Desktop Images
Recommended Reading - Troubleshooting Desktop Image Sysprep Errors
To create a brand new image for use with NMM, click the Add from Azure Library button and select an Azure image such as Windows 10 EVD.
Nerdio Tip! - Don't forget to create and document the local administrator account!
Example of Desktop Images After Completion
Step 3 - Create first/test pool and assign users via a security group (new or existing)
Video Guide - Step Four - Create a Host Pool
Recommended Reading - Overview of Host Pools
Please read the above Overview of Host Pools prior to completing this step. Understanding the four different desktop experiences is crucial to the success of this step.
Nerdio Note - Multi-user desktop (pooled) is similar to RDS Collections as it hosts "many to one"
Step 4 - Configure Autoscale
Recommended Reading - Auto-Scale-Settings-for-Host-Pools-in-NMM
You will be prompted to configure AutoScale once the Pool creation is completed. We recommend setting it to off until you read the above guide and determine how you want to configure Autoscale
Leave the toggle to OFF
Step 5 - Install local Windows Desktop Client on client workstations
Nerdio Note - This may be a new install for your clients assuming all users were only on RDS prior
Video Guide - Step Five - Setup AVD Client and Test
Recommended Reading - Download AVD Clients [external Microsoft]
Part 3 - Completing the Migration
Step 1 - Remove SafeDNS
Recommended Reading -Setting up and gaining access to the SafeDNS portal
SafeDNS was an inclusive feature of NFA and isn't included in NMM. Partners will need modify current DNS settings and consider what DNS service they will use going forward.
Steps to remove SafeDNS
- From DC01, open up the DNS Manager and right-click "DC01", then select properties.
- From the "Forwarders" tab, click Edit and add an IP address to a public DNS server such as Google (184.108.40.206, 220.127.116.11) or CloudFlare (18.104.22.168)
- From your account in the Nerdio Admin Portal, expand the Network tab on the left and select Firewall.
- Click "Add Rule"
- Allow outbound traffic from any source using port 53 to the IP you used for the new forwarder.
- Ensure that the priority is above the existing system rule titled "Allow DNS to SafeDNS" (use a number lower than 501)
- Save the rule and confirm that DNS is functioning as expected.
Step 2 - Have all users log in once to create their new FSLogix Profile Container
Video Guide - Step Five - Setup AVD Client and Test
Recommended Reading - FSLogix Configuration Options
Recommended Reading - Troubleshooting FSLogix Profile Mount Errors
Step 3 - Copy existing “redirected” items from FS01 location into new FSL Profile (Desktop, Documents, Pictures)
Step 4 - Begin cutover or staged user migration(s) and breaking down NFA resources
Step 5 - Remove User Assignment(s) in NFA
Step 6 - Disable auto-scale on NFA host pools
In NFA portal, navigate to Servers, find your host pool and select Manage Auto Scale from the drop down menu
- Shut down all old host pools in NFA portal
- Disable auto-scale on all servers / personal desktops (in NFA portal)
- Configure auto-scale on servers in NMM portal
Step 7 - Remove RDS Resources in NFA.
- RDGW01 – RDS Gateway Server
- RDSH0”X” – RDS Session Hosts
- RDS Collections
- RDSCB0"X" - Collection Brokers
- PRX01 (if Domain is only Managed)
- Any Dedicated Desktops that weren’t migrated
Step 8 - Remove any remaining resources in NFA and Destroy Account
Recommended Reading - NFA Post Migration Clean-Up
Step One - Add Account
Step Two - Configure Settings and Integrations
Step Three - Create a Desktop Image
Step Four - Create a Host Pool
Step Five - Setup AVD Client and Test