Entra ID Join Feature

Your accounts created in Nerdio Manager must have a supported directory to join the session hosts. Nerdio Manager allows you to configure directory profiles (Entra ID, Active Directory, or Entra Domain Services) for each of your host pools.

Before we proceed further, let us briefly understand each directory profile type. Traditionally, AVD requires both Active Directory (AD), as well as Active Directory Domain Services (AD DS). AD DS is available in the following formats:

• Traditional AD DS from Windows server: The AD DS domain controllers can either be located on-premises and accessed over a site-to-site VPN or ExpressRoute. Or they can be VMs located within Azure itself, or both. All AVD needs is a network line-of-sight to a domain controller, to facilitate the VM domain join at deployment time and to perform user authentication.

• Entra Domain Services: This is a Microsoft-managed PaaS service to provide AD DS inside of Azure. Customers do not manage the virtual machines for this service. It was originally designed just for cloud-only organizations. Recently, it was updated to support trust relationships to existing on-premises AD DS.

Azure AD-joined VMs remove the need to have line-of-sight from the VM to an on-premises or virtualized Active Directory Domain Controller (DC) or to deploy Azure AD Domain services (Azure AD DS). In some cases, it can remove the need for a DC entirely, simplifying the deployment and management of the environment. This reduces your costs and complexity significantly. Entra ID-joined VMs can also be automatically enrolled in Intune for ease of management.

See Microsoft's MFA requirements for Azure AD joined VMs for more details.

Configure a Directory Profile that uses Entra ID

The first step in using the Entra ID feature is to configure a directory profile that uses Entra ID.

To configure a directory profile that uses Entra ID:

1. Navigate to Settings > Integrations.

2. In the Directory tile, select Add.

3. Enter the following information:

   • Profile name: Optionally, type the profile's friendly name that is displayed in the list.

   • Directory : In the drop-down list, select Entra ID.

     Note: When you select Azure Active Directory, the AD Domain, AD Username, and AD Password options disappear.

   • Enroll with Intune: Be sure to select this option.

     Note: If Intune is configured in your Entra ID tenant, you can choose to have the virtual machine automatically enrolled during the deployment by selecting this option.

4. Once you have entered all the desired information, select OK.

   Entra ID is now listed as an available directory profile.

Clone a Directory Profile

Nerdio Manager allows you to clone a directory profile.

To clone a directory profile:

1. Navigate to Settings > Integrations.

2. In the Directory tile, select the directory profile you wish to clone.

3. In the Configure Directory Profile window, select Clone.

4. Change the Profile name (Friendly name) and select OK.

   The cloned directory profile is now listed as an available directory profile.

Create a Host Pool with Entra ID

Once you have created a directory profile that uses Entra ID, you can use it to create a host pool.

To create a host pool that uses Entra ID:

1. Navigate to the list of host pools. (Either dynamic or static.)

2. Select Add dynamic host pool. (Or static.)

3. Enter the following information:

   • Directory: From the drop-down list, select Entra ID.

   • FSLogix: From the drop-down list, select OFF.

     Note: The Entra ID-joined VMs feature does not currently support authentication to Azure Files, Azure NetApp Files, or File Server VMs to access FSLogix profiles. However, FSLogix Cloud Cache with Azure Storage Account access keys can be used for FSLogix.

     To enable Cloud Cache on the selected FSLogix configuration profile, navigate to Settings > Integrations > FSLogix Profiles storage and select Use Cloud Cache in the profile's settings.

4. See Create Dynamic Host Pools or Create Static Host Pools Without Auto-Scaling for the full details.