Azure Migrate Physical Discovery Checklist
Requirements Overview
| Requirement | Learn More | |
|---|---|---|
| ✅ | A user with Contributor or Owner permissions over the Subscription | Learn More |
| ✅ | A user with Application Developer or Higher in Entra ID | Learn More |
| ✅ | Prepare Azure Migrate appliance, ensure RDP and authenticate. | Learn More |
| ✅ | All required Public or Private endpoint URLs are enabled. | Learn More |
| ✅ | All required Ports are allowed through required Firewalls/Proxies. | Learn More |
| ✅ | All required credentials are in place, validated and tested. | Learn More |
| ✅ | Environment scope is understood and agreed. | Learn More |
Physical Discovery Data Flow Diagram
Data Collection Organizational Workflow
- Customer meets all requirements
- A meeting has been hosted to configure and review Azure Migrate
- Any troubleshooting sessions have been undertaken if necessary
- Once data collection has been started, Dr Migrate can be deployed
Physical Discovery Reference
Microsoft provides detailed reference documentation for deploying Azure Migrate against your Physical estate. Please see here for more information.
Physical Discovery Checklist
Minimum Software Requirements
- The appliance can be deployed on to existing hypervisor infrastructure, alongside other discovery appliances.
- Inbound connections on WinRM port 5985 (HTTP) for discovery of Windows servers.
- Inbound connections on WinRM port 22 (HTTP) for discovery of Linux servers.
- All Windows and Linux operating system versions are supported.
- SQL Server 2008 or later is supported for instance and database discovery, and PaaS pricing.
- Windows servers being discovered must have PowerShell version 2.0 or later installed.
- All Windows and Linux operating system versions are supported; however, dependency analysis is limited to these operating systems.
Minimum Appliance System Requirements
- 16-GB RAM
- 8 vCPUs
- 80 GB disk
- Windows Server 2019 or later
- A static or dynamic IP address, with internet access, either directly or through a proxy.
Minimum Azure Permissions
In order to successfully deploy Azure Migrate, you will need:
- At the Subscription level, a User with Contributor or Owner permissions.
- Entra apps: Ability to register an Application: Application Developer role or higher.
If you are familiar with Azure Migrate and want to connect the discovery appliance in advance of the joint configuration meeting, be sure to:
- Choose defaults for the Azure Migrate project; make no changes in Advanced options.
- Connect all appliances to the same project.
Required URLs
Public Endpoint Deployment
- Allow Public URLs using TCP 443.
- Turn on SSL bypass.
Private Endpoint Deployment
- Allow Private URLs using TCP 443.
- Turn on SSL bypass.
Minimum Port Requirements
For successful Azure Migrate data collection, the following ports need to be open between the Azure Migrate Appliance and the devices being scanned:
| Source | Destination | Port |
|---|---|---|
| Appliance | Azure URLs | TCP 443 |
| Appliance | Windows Server targets | TCP 5985 |
| Appliance | SQL Servers | TCP 1433 |
| Appliance | Linux Servers | TCP 22 |
Appliance Download Options
Option 1 – PowerShell Script
The Physical discovery stack can also be installed using a PowerShell Script on your VM that you provision.
3,1,1,Y.
Credentials
Required Server Credentials
To scan endpoints with Azure Migrate, the below credentials are required:
| Scenario | Details |
|---|---|
| Windows Servers | Local Admin access on Windows devices you want to scan. |
| Linux Servers | For Linux machines, create a user account with sudo privileges or least-privileged access account |
| SQL Server Access | Azure Migrate requires a Windows user account that is member of the sysadmin server role or least-privileged account |
Environment Considerations
- The Azure Migrate appliance can discover up to 1,000 physical servers.
- You can create multiple projects in an Azure subscription. In addition to physical servers, a project can include servers on VMware and on Hyper-V, up to the assessment limits for each.
1 Azure Migrate project can perform dependency data collection concurrently for 1000 servers per appliance.
If you have more then 1000 devices being discovered, it is recommended to evenly spread the discovery of the estate across additional appliances, ensuring that no more then 1000 devices are being discovered by 1 appliance.
Adjusting Discovery Scope
You can provide the appliance the FQDN’s of the devices you want to discover.
It is recommended to perform a complete discovery of a device estate. Assessment scope can be decided using Dr Migrate, as part of a Rapid or Advanced Assessment.