When set to True, guest users are visible in the Nerdio Manager console.

For more information on external identities and AVD, see the Microsoft Learn article Provide host pool access to external identities.

When set to True, Entra ID groups are skipped when building AAD cache for user and group assignment management. This setting is useful in environments with tens or hundreds of thousands Entra ID groups in AVD Classic deployments.

Note: This is not recommended for AVD ARM deployments, where Group entitlement is preferred.

Controls the batch size for assessing VM right size operations. It is recommended to start with a value of 100 and gradually increase in 100 VM increments to a maximum of 500.

Controls the caching behavior of announcements in Nerdio Manager. By default, announcements are downloaded from Nerdio service every 180 minutes. Setting this value to 0 causes announcements to not be cached and always downloaded on page refresh.

This setting controls the maximum number of UAM application groups that may be added to a UAM policy. Note: the linked setting "AppManagement:PolicyAppLimit" must also be modified if more than 20 total applications are required in a single policy.

This setting controls the total maximum number of UAM applications that may be added to a UAM policy.

Controls the discovery process of installed applications on host pools with FSLogix. Discovered apps can be used in Installed Apps Management to create rule set and selectively assign apps to users/groups.

Controls if a new app auto-discovery is to be performed. If the existing list of apps has been generated more than X days ago, a new discovery is performed.

Controls the frequency of the background app auto-discovery service. It wakes up every X minutes to check if a new auto-discovery is necessary.

This is a threshold value for switching to Azure Resource Graph when querying host pools. If there are more host pools in the subscription than the specified threshold, then NME queries the host pools using Azure Resource Graph. The recommended value is 50.

If set to Local, this setting forces Nerdio Manager to use deployment scripts for image and VM deployment from a local storage account with the following tag: NWM_OBJECT_TYPE=CUSTOM_SCRIPTS_STORAGE_ACCOUNT.

These scripts are included in the Nerdio Manager installation package from 6.2 onwards.

Note: For versions prior to v6.2 that have been upgraded to the latest version, this setting is not present by default and must be manually added if required.

For more details, see Manage VM Extensions with Nerdio Manager.

Adding this setting with a value of TRUE enables a UI element on the auto-scale page of all pools to specify a custom auto-scale assessment interval, up to 120 minutes. The default value for this setting is 5 minutes.

By default, auto-scale tries to build the required number of hosts first (base capacity). After the base capacity is achieved, auto-scale starts to the manage host's power state. When 'Re-image used hosts' option is ON, this may lead to capacity issues. Setting this to TRUE prioritizes user capacity over re-image tasks

Nerdio Manager combines auto-scale executions into batches (10 pools max per batch). Tasks are created using a single request to resource graph.

Controls the number of Cleanup attempts after an automated auto-scale task fails.

When set to False, the background auto-scale operations do not run. Auto-scale can still be triggered by selecting Force start in the Host Pool Auto-scale menu.

If a "running" and "stopped" disk type has been configured, adding this value changes the disk type to running/stopped on VM start/stop operations, even if the host pool auto-scale configuration is disabled.

Controls the number of simultaneous auto-scale processes. Each auto-scale process runs every 5 minutes (default) for each host pool where auto-scaling is enabled. Changing this value increases or decreases the concurrent number of such processes.

Controls the maximum number of base and burst capacity session host VMs on the auto-scale configuration screen.

Controls the frequency of the auto-scale background task that checks for current state of the environment and executes auto-scale operations, as needed. It is not recommended to decrease this value below 5 minutes. Increasing this value can help mitigate Azure API rate limits in very large environments.

Controls the number of Restart attempts after an automated auto-scale task fails. Increasing this value recovers from Azure-side issues, such as API rate limits, but may increase the time "wasted" on retries if the underlying issue isn't automatically resolved.

Controls behavior of the browser authentication cookie expiration. By default, sessions expire after 60 minutes of inactivity. If Cookie:ExpireOnIdle is False (default) the cookie is automatically refreshed if the app is open in the browser. Otherwise, it requires user to sign in again.

Controls behavior of the browser authentication cookie. When set to False (default), cookie is automatically refreshed (if Entra ID CA policy allows) as long as the Nerdio Manager app is open in the browser.

Controls behavior of the browser session cookie. True = persistent | False = session.

When set to True, use of an authentication cookie from another client device with a different source IP address is prevented. This is useful to protect from authentication cookie theft.

Controls the negotiated Azure discount applied to all Azure pricing calculations. Possible value range: [0-1], 0 means no discount and 1 means 100% discount.

When configured, this setting enables you to configure custom permissions for the NME service principal in a least-privileged approach versus using the built-in roles. This disables checking for specific built-in roles so that you can use custom roles and understand permissions for that role

Enter the roles to exclude separated by a comma, or a pipe. For example:

Owner

Owner,User Access Administrator

Owner|User Access Administrator

Allows users with an AVD Admin RBAC role to unhide all AVD workspaces, even those not assigned to them. This allows all workspaces to be assigned and managed. Setting this option to False, prevents AVD Admins from unhiding workspaces that they are not assigned to by the workspace creator.

Enable this setting to allow Nerdio Manager to clean up Entra ID Intune device records during delete and rebuild operations. Ensure that the required permissions are in place as described in Intune: AVD Device Record Removal.

When enabled, the cumulative RBAC functionality is available for Nerdio Manager v6.4 or later.

When configured, this sets the duration (in minutes) that cached items remain valid for. We recommend that you increase this value if you observe API exhaustion errors such as "Too many requests" messages. For guidance, see Intune Dashboards: troubleshoot "TooManyRequests" API error in large environments.

A comma-separated list of policy IDs to exclude from caching in Nerdio Manager. Policies assigned to more than 20000 devices may permanently fail discovery, leading to errors in the console. We therefore recommend that these policies be excluded from caching by Nerdio Manager at this time. Nerdio Manager will no longer attempt to refresh cached data for policies added to this list, and data for these policies will either not display in dashboards or may be out of date. A fix is planned for this limitation.

When configured, allows users to specify naming conventions for the Intune groups that are created.

Default (False) setting enables SSL certificate validation, ensuring the Prism Central instance’s certificate is verified during integration. When set to True, disables SSL certificate validation when integrating with a Nutanix Prism Central instance.

When set to False, the requirement to have FSLogix Cloud Cache enabled in DR configurations will not be enforced.

This setting allows for the creation and management of standalone line-of-business (LOB) applications, enabling you to deploy custom or non-Microsoft apps to devices.

Controls GitHub repository synchronization.

Maximum size of GitHub repository file to download.

Repeat interval of automatic GitHub repository synchronization tasks.

Enables resource graph for virtual machines requests to optimize the loading of VMs on the hosts page, particularly for large environments.

Controls the frequency (in minutes) with which Nerdio Manager checks for policy updates when automatic backups are configured.

Values between 10 and 2440.

Controls the page size of API requests for Intune user experience analytics device score history.

Values between 100 and 10000.

Controls the frequency with which API requests for Intune user experience analytics device score history are made. The minimum value is 60; we recommend setting to 1440 (every 24 hours/once per day) for large environments.

Set to false to disable all Intune UX history collection. Values will not be populated.

Controls the client IP recorded on the logs entry for tasks triggered interactively. If using a proxy (for example, Application Gateway) and want to record the originating client's IP, set to X-Forwarded-For.

Disables the inclusion of optional usage information when reporting details to Nerdio. This optional information helps us to improve our services for customers and we kindly request that this option is not enabled unless dictated by a specific business requirement. When enabled, this option restricts reporting to only the below items:

• Azure Tenant,

• Subscription ID

• Summary Usage Information

Globally controls the maximum number of concurrent Add host VM tasks that can be added by automation. Increasing this number may increase the error rate due to Azure API limits. Reducing this number reduces the error rate but increases the time to provision new capacity in very large environments.

Controls the number of Cleanup attempts after a NON-auto-scale task fails (auto-scale is controlled by a different value).

Controls the number of Restart attempts after a NON-auto-scale task fails (auto-scale is controlled by a different value). Increasing this value recovers from Azure-side issues, such as API rate limits, but may increase the time "wasted" on retries if the underlying issue isn't automatically resolved.

Controls the number of concurrent jobs that can run per job type. When this limit is reached, additional jobs are automatically queued until capacity becomes available.

When this setting is added, administrators can specify a suffix for images created within the Nerdio Manager environment. This setting supports the use of "" for a blank value, meaning the resource name is the same as its parent desktop. Without this setting defined, the default suffix is -image.

When this setting is added, administrators can specify a suffix for network interfaces (NICs) created by as part of AVD desktop creation. This setting supports the use of "" for a blank value, meaning the resource name is the same as its parent desktop. Without this setting defined, the default suffix is -nic.

When this setting is added, administrators can specify a suffix for OS disks created by as part of AVD desktop creation. This setting supports the use of "" for a blank value, meaning the resource name is the same as its parent desktop. Without this setting defined, the default suffix is -osdisk.

When using the Discover Apps extension to search for applications, this setting excludes legacy programs and packages from the search, significantly reducing discovery times in complex environments.

In scenarios where SCCM application packages are stored on a network share, CredSSP functionality may be enabled to resolve any 'Access Denied' error messages observed when Nerdio Manager connects to the share.

This setting informs the SCCM application inport service to use elevated permissions for the service account when using a proxy server. Use this setting in scenarios where applications binaries are stored on a network share.

Controls the frequency of the storage auto-scale background task that checks for current state of the storage environment and executes auto-scale operations, as needed. It is not recommended to decrease this value below 5 minutes. Increasing this value may be more efficient in large environments encountering Azure API limits. Auto-scale configuration should be adjusted to account for the reduced frequency.

When set to False, session host VMs in stopped, but not deallocated, state are left alone. When set to True, session host VMs in stopped, but not deallocated, state are deallocated automatically. This background process runs on an interval specified by VmDeallocator:RepeatIntervalInMinutes.

When VmDeallocator:Enabled is True, this value controls the frequency of checking for VMs in stopped, but not deallocated, state. Session host VMsfound in this state are automatically deallocated.

Setting the value to AfterWVD performs the AAD join operation after the AVD agent is fully installed. Default behavior is to join AAD first and then install AVD agent at the end of sequence. This option does not affect AD Join behavior, only AAD join.

This value determines the time interval during which the VM provisioning tasks pause after the Nvidia GPU driver is installed, allowing the VM time to reboot.

Set to True to retain OS and data disks of VMs deleted or re-imaged. Default behavior is to clean up disks when the VM is deleted.

Note: Setting this value to True increases costs for Azure managed disks. Ensure disks are properly handled to avoid unnecessary Azure expenses.

When set to "Immediate", the selected scripted actions are run as the first tasks after VM creation. To enable default behavior, set this setting to "Default" or remove the setting.

When configured, Nerdio Manager filters the metadata results returned by the SCCM server in line with the regular expression defined.

When set to False, the requirement to have FSLogix enabled in DR configurations will not be enforced.

This setting manually creates the SCCM ‘CMSiteDrive’ if not found during server discovery. This setting should be empty or False unless the error 'CMSite disk was not found' is observed when linking an SCCM server.

Globally controls the availability of the 'shadow session' option. Set the value to FALSE to globally remove this option.

Controls the way the application searches for Host Pool VMs. DbStrict in combination with ByPool (HostPoolVmsConfig:RequestBehaviour) is recommended for large VM environments where the session host VMs are split across resource groups.

Controls the way application requests the power state of each VM (PerEachVM) or for all VMs at the same time (ForAllVMs).

Note: ForAllVMs may be more efficient in large environments encountering Azure API limits.

Controls the way application requests VM information from the UI. When set to Default, all VMs are requested at once. When set to ByPool, information is only requested for the current pool that the user is viewing. ByPool may be more efficient in large environments encountering Azure API limits. Default results in a smoother management experience in Nerdio Manager.

When enabled, this setting restores the legacy end user portal. This setting also re-enables the legacy RBAC End user role. This setting should be used for Standard edition environments where the legacy end-user portal was in use prior to the introduction of the new end-user portal, which is a Premium feature.