Configure Nerdio Manager for Unified Application Management

Unified Application Management simplifies the process of deploying applications to your AVD desktops.

The Unified Application Manager supports the following installation repository sources:

• WinGet community, Intune, or Shell Apps repository: See Link a WinGet community or Intune repository below.

• Private WinGet repositories: See Create a new private WinGet repository below.

Link a WinGet community or Intune repository

Nerdio Manager allows you to link a WinGet community or Intune repository.

To link a WinGet community or Intune repository:

1. In Nerdio Manager, do the following:

   • Classic UI: Navigate to Settings > Nerdio environment.

   • New UI: Navigate to Settings > Environment > Nerdio.

2. In the Unified Application Management tile, select Link.

3. Enter the following information:

   • Repository type: From the drop-down list, select WinGet.

   • Friendly Name: Specify a friendly name for the repository to be used in Nerdio Manager.

   • Location: Provide the URL address of the WinGet repository.

4. Once you have entered all the desired information, select OK.

   The application repository is linked to Nerdio Manager.

Create a new private WinGet repository

Nerdio Manager allows you to create a new private WinGet repository.

To create a new private WinGet repository:

1. In Nerdio Manager, do the following:

   • Classic UI: Navigate to Settings > Nerdio environment.

   • New UI: Navigate to Settings > Environment > Nerdio.

2. In the Unified Application Management tile, select Add.

3. Enter the following information:

   • Display Name: Enter a friendly name for this repository to be used in Nerdio Manager.

   • Resource group: From the drop-down list, select the resource group where the WinGet resources should be created.

   • Storage account: From the drop-down list, select an existing storage account. Optionally, enter the name for a new storage account.

   • Log Analytics Workspace: From the drop-down list, select an existing workspace.

     Note: If a new workspace is required, leave this section blank and provide details in Custom resource names below.

   • App Service Plan: From the drop-down list, select the App Service Plan where the App Service is placed.

   • Configure Private Endpoints: Select this option to configure private endpoints.

     Notes:

     • When private endpoints are enabled, the function app is configured with public access enabled by default to support physical client access to the service. Disabling public access prevents devices without access to the VNet from accessing the service and installing Winget applications.

     • Private endpoints create the following additional resources:

       • Storage Account: 4 private endpoints (blob, file, queue, table)

       • Key Vault: 1 private endpoint (vault)

       • Cosmos DB: 1 private endpoint (Sql)

       • Function App: 1 private endpoint (sites)

     • Private endpoints create the following additional settings:

       • Key Vault: PublicNetworkAccess = Disabled

       • Cosmos DB: PublicNetworkAccess = Disabled (+ Azure service IPs allowed )

       • Storage Account: PublicNetworkAccess = Disabled

       • Function App: VNet integration enabled (to the same subnet as on the NME's App Service)

       • Function App: IsVnetContentShareEnabled = true (Function App stores data in Storage Account. This setting is required to use vNet integration to access this account)

     • Subnet for Web App: Type the subnet for the web app.

     • Subnet for Private Endpoints: Type the subnet for the private endpoints.

   • Customize resources names: Optionally, enter the naming prefixes for the new resources.

     Note: These names are post-fixed with a random string.

   • Customize resource tags: Optionally, enter the Name and Value of the Azure tags to apply to the repository.

4. Once you have entered all the desired information, select OK.

The application repository is added.

Intune group management (customized group names)

When you create an Intune group in Nerdio Manager, it is automatically assigned a GUID in Azure that is creating using a string of random characters. This means it can make it harder to identify what the groups purpose is.

In Nerdio Manager you can customize the Intune group names to be more friendly and more meaningful as to the purpose of the group based on your own naming conventions. These group names act as a virtual name, and although the friendly name is displayed in Nerdio Manager, the original name will still be displayed in the Azure portal.

To enable custom group names:

1. Sign in to your Azure portal.

2. Select your site, and navigate to Settings > Environment variables.

3. Select the App settings tab, and in the search box, enter Features:Naming.

4. Select Features:Naming:UamIntuneGroupNameTemplate.

5. On the Add/Edit application setting page, in the Value box, use any preferred static naming elements in combination with the following variables:

   • %POLICYNAME%: Policy name using alphanumeric symbols a-z, A-Z, 0-9 and a dash (-). Invalid characters will be removed from the policy name.

   • %TIMESTAMP%: Adds a UTC time stamp in the format yyyyMMddHHmmss.

   • %RAND4%: Adds 4 random alphanumeric characters.

   • %NUM4%: Adds 4 random numerals.

     

For example, if you created a policy called Intune-Custom-Name, and using the above template setting, the Intune group would be called Nerdio-Intune-Custom-Name-WXYZ.

Related topics:

• UAM: Manage deployment policies

• UAM: Manage applications