Deploy VMware Horizon View (Part 2)

KB ID 0001609

Back in part one we setup SQL and our Composer server, now we will deploy our VMware Horizon View Connection Server(s).

Install VMware Horizon View Connection Server

On a domain joined Windows server, download and launch the Connection Server installer.

Accept the EULA > Next > Acept or change the install location > Next > Select Horizon ‘Standard’  Server > Next > Set a data recovery password > Next.

Select configure the Windows Firewall > Next > Type in a domain account, (I typically use the domain administrator, you may wish to use another account > Next > Untick the  UEIP > Next  > Next > Finish.

Deploying Additional Horizon Connection Servers

Repeat the install on any additional connection servers BUT this time choose Horizon Replica Server, and specify your first connection server as the ‘Source Server’.

Note: I don’t Deploy Horizon Security Servers any more, it’s much easier to deploy a UAG.

VMware Unified Access Gateway: Horizon Deployment

To access the Horizon Administrator console you will need Flash, this is not normally enabled on Windows Server. To enable it follow this article.

You can now login to Horizon Administrator.

Configuring VMware Horizon Connection Server(s)

First you need to enter your Horizon Licence > View Configuration > Product Licensing and Usage > Edit Licence > Paste yours in > OK.

Vire Configuration > Servers. >vCenter Servers > Add > Type in your vCenter details > Next.

If using Horizon Composer, enter the server details > Next.

Add in your domain details > OK > Next.

Accept the defaults > Next.

Finish.

Horizon Connection Server Certificates

Over on the main dashboard at this point you may see some certificate errors. You can either import certificates from your own CA. But Im going to use a wildcard certificate published by a public CA.

I have my wildcard certificate in PFX format, so I can simply double click it and import it like so. (Note: Remember to I port if to local machine).

Finish the import wizard.

On the connection server settings you will need to change the URLs to match your certificate. (Note: You will disable this later, if you are also deploying UAG appliances).

Now to swap to the newly imported certificate> Start > mmc.exe > Add/Remove  Snap-In > Certificates > Add.

Computer account > Local computer > OK.

Navigate to Certificates > Personal > Certificates > Locate the certificate that has the friendly name vdm and change its friendly name to vdm-backup.

Now locate your publicly signed certificate and change its friendly name to vdm.

Restart the VMware Horizon View Connection Server service to make the swap.

Configure Horizon Event Database

Back in part one we created the database for this, now we just need to enter the details.

View Configuration > Event Configuration > Edit > Enter you SQL Event Database details,  as shown below, if you have a Named SQL instance it will be on a different port number.

That is your infrastructure setup. Now you simply need to create an image, and deploy that image with a pool, and grant a user entitlement to that pool. Creating an Image is quite a lengthy process, and there is always a much better and up to date guide on doing that on VMWare’s website, so I’m not going to cover it here.

Just remember to make sure you put your image in Audit mode, and always install an agent that is the same version as the connection server, and get the latest version of VMWare Tools on there as well! 

Related Articles, References, Credits, or External Links

NA

Horizon Client ‘Install Failed’

KB ID 0001594

Problem

When attempting to install the VMware Horizon client you see ‘Install Failed’;

Well that’s very descriptive and helpful?

Horizon Client ‘Install Failed’

Firstly make sure you  are NOT trying to install the client software on a Horizon Connection Server, or a Horizon Security Server! If you are not, then the easiest way to get it to install, is to ‘extract’ the .msi installation files, and manually run them. 

In PowerShell navigate to the folder that you download the client .exe file to, and extract its contents with the following command;

[box].\VMware-Horizon-Client-{version-and-build-number}.exe /x[/box]

It looks like nothing has happened, but the files get put in the ‘Temp‘ folder in YOUR user profile, Navigate to C:\Users\{Your-Username}\AppData\Local\Temp

In this location you will find a folder containing the individual install files you require.

From here you can launch the one you want, In my case (VMware Horizon View Client (x64).msi).

Still Not working ‘Install Failed’?

  1. Install the latest C++ VisualRuntime Library
  2. Ensure you have disabled your AV Software, especially if you’re running WebRoot, or Symantec Endpoint Protection, (or at least ensure your AV is not stopping access to c:\windows\system32\drivers\etc\hosts
  3. Grant ‘Full control’ to the c:\windows\system32\drivers\etc\hosts file

Related Articles, References, Credits, or External Links

NA

Locate Your Azure AD Connect Server

KB ID 0001558

Problem

Either you know you are using Azure AD Connect, but don’t know what server it’s running on, or you just want to see if someone has installed it! Here’s how to find which server it’s running on.

Solution

In ‘Active Directory Users and Computers’ > Search for MSOL > This should display the GSMA (Group Managed Service Account) that is used to run the service* > In the account properties > on the Description attribute, scroll to the right and you should see the Computer/Server that the service was installed on.

*Note: Unless someone chose a different account when they installed Azure AD Connect, with custom settings, (see below).

Related Articles, References, Credits, or External Links

NA

VMware: Server Certificate Subject Name Does Not Match

KB ID 0001504

Problem

If you replace the self signed certificate on your Horizon Connection servers, (so that they have a certificate with your ‘public’ address), you will see this error;

Status: Servers’s certificate subject name does not match the server’s External URL.
Server’s certificates is not trusted.

SSL Certificate: Invalid

Solution

At first I thought this was simply a DNS problem, and I needed to setup split DNS. But that’s not the case, you need to change the the connection servers name(s) to the public name(s) in the connection server properties in Horizon Administrator.

After a few minutes the error will disappear.

Related Articles, References, Credits, or External Links

NA

Deploying VMware View 5 – Part 1: Configure Active Directory and Deploy VMware Connection Server

KB ID 0000594

Problem

Note: This is an old post for VMware view version 5, you might want to read Deploying VMware Horizon View instead.

VMware View is a big product, deploying it can be daunting, and if you’re not sure what you’re doing it’s pretty easy to deploy ‘misconfigured’, or at the very least not configured as well as it should. I’m going to run though most requirements, but it would seem sensible to break this up into a few different articles.

Solution

Configuring Windows Active Directory for VMware View

1. Before you start, on your domain controller open active directory users and computers (dsa.msc). Create an OU for your View Desktops, also to make administration easier create a separate OU for any linked clones you are going to deploy. In the example below I’ve nested one inside the other to keep my AD neat and tidy.

2. Also whilst in AD users and computers, create some groups, one for ViewUsers, and one for ViewAdministrators. Add in your users to the groups as required.

Note: You can call the groups whatever you like, and have as many different groups as you like.

3. Now connect to your Virtual Center Server, and add the domain ViewAdministrators group to the LOCAL Administrators group on that server.

Installing and configuring VMware View 5

4. Run the installer for VMware Connection Server (there is a x32 and an x64 version, make sure you download the correct one as VMware call the x64 bit version VMware-viewconnectionserver-x86_64-5.0.1-640055.exe, which at first glance looks like a x32 bit file). Accept all the defaults until you see the following screen, and select View Standard Server.

View Standard Server: Select if this is the first Connection Server you are deploying. View Replica Server: Select this if you already have a connection server and you want to copy the configuration from that server, once in operation it just becomes a standard replica server. View Security Server: Usually placed on an edge network or in a DMZ to broker connection requests. View Transfer Server: Only required if your clients are going to use ‘Local Mode’ for their View desktops..

5. Accept all the defaults and finish the installation.

6. Connect to the VMware View administrator console, this is a web connection to https://{Connection-server-name/admin Note: Adobe Flash is required for it to work.

7. The first time you connect it will take you straight to View Configuration > Product Licencing and Usage > Select “Edit Licence” and type/paste in your licence key.

8. To point the connection server to your virtual center server, select View Configuration > Servers > vCenter Server section > Add.

9. Give it the vCenter server name, and a username and password for a user who is a member of your ViewAdministrators group.

Note: If your vCenter server has VMware composer installed this is where you would enable it. At this time I do not, but I will return here later after I’ve installed it when I cover VMware Composer and ‘linked clones’.

Related Articles, References, Credits, or External Links

Deploying VMware View 5 – Part 2: Configure Windows 7 to be a VMware View Desktop

Deploying VMware View 5 – Part 3: Creating a ‘Manual Pool’ and Connecting a View Client

KB ID 0000598

Problem

Note: This is an old post for VMware view version 5, you might want to read Deploying VMware Horizon View instead.

In Part 2 we got our machine ready to be delivered via VMware View. Now we need to create a ‘Pool’, grant users access to that pool, and finally connect to it from a VMware View Client.

Solution

VMware View – Creating a Manual Pool

1. Open a connection to your VMware View Administrator console (https://{connection-server-name}admin). Log in and navigate to Inventory > Pools > Add.

2. We are going to create a manual pool (Note: An automated pool will create machines dynamically as required).

3. I’m selecting dedicated (the machine will get allocated to the first user that connects to it, and remains theirs). With a floating Pool machines are returned to the pool after they are finished with to be given to the next user that requires a machine.

4. My machine is in vCenter.

5. And there’s my vCenter

6. Give the new pool a sensible name.

7. Change the settings for the pool as required, I pretty much accept the defaults, but I allow the users to “reset” their desktop.

8. Select the machine(s) you are going to add to the pool, and complete the wizard.

9. Now you have a new pool, you need to grant users/groups an ‘entitlement’ to use it.

10. Simply add in the users or groups from Active Directory as required.

VMware View – Installing the VMware View Client

11. You will find that there are x32 and x64 bit VMware client software installs. There are available in two flavours, (with local mode, or without local mode).

Note: Local Mode: This is a mechanism where users can ‘check out’ their virtual machines and work on them remotely, then ‘sync’ them back to the network when they return, it requires a VMware Transport Server (use the connection server install media and change the server type to Transport Server).

12. During setup it will ask you the name of your connection server.

13. Normally you would tick “Set default option to login as current user”. If not you will see the login option in step 16 below.

14. When you launch the software, you may want to change the certificate options. The Connection server will have installed with a ‘self signed’ certificate, (which is fine) but you might want to change the ‘Configure SSL” options.

15. Here I’ve set them to allow, it says not secure – but its still encrypted, it should really say ‘least secure’.

16. If you didn’t tick the box in step 13 above you will need to login again.

17. Now you will see all the pools you have an entitlement to, select as appropriate and click connect.

18. All being well the desktop will connect and dynamically resize to fit.

19. Whist connected you will can control your connection with the menu on the view client bar at the top of the screen, also here you will see options for connecting USB Devices (Note: USB will only be available if you had it selected when you installed the client, it IS selected by default).

Related Articles, References, Credits, or External Links

VMware View 5 – Part 4 Installing and Configuring SQL 2008 R2 and VMware Composer

Set Up the VMware View 5 (and Horizon View) Event Database

KB ID 0000856

Problem

Below I’ll configure SQL 2008 R2, insofar as I will setup a new database for the View Events, create a user for that database, then finally connect the View 5 Horizon View Connection Server to that database.

Solution

1. Firstly, I’m assuming you have a SQL Server setup and ready to create database on, If you do not rather than reinvent the when follow my instructions in the article below.

Deploying VMware View 5 -Part 4 Installing and Configuring SQL 2008 R2

Note: Complete ONLY Steps 1 to 6 then return here.

2. Login to the SQL Management Studio > Databases > New Database.

3. Call it View5Events (Note: You can call it ‘Aunty Mary’s Canary’ if you want to).

4. Options section > change the recovery mode to ‘Simple’ > OK.

5. Expand Security > Logins > New Login.

6. Give the user a name i.e. view5events > Tick ‘SQL Authentication’ > Type and re-type a password > Untick ‘Enforce password policy’.

7. User Mapping tab > Tick the View5Events Database > Tick db_owner > OK > Close the SQL Management Studio.

8. Login to the Connection Server (Flash Required) > View Configuration > Event Configuration > Edit,

Database Server: The name of the Server Running SQL.
Port: 1433 (Standard SQL Port make sure it it NOT blocked by a firewall).
Database Name: View5Events
User name: view5events
Password: {You set above}
Table prefix: _vdi

9. To see if it is working > Monitoring > Events > (It may be empty for a while don’t panic).

 

Related Articles, References, Credits, or External Links

NA