In the previous versions of Horizon DaaS, you had to change DNS via the interfaces file and the resolv.conf file. Since VMware upgraded the OS of the Horizon DaaS appliances to Ubuntu 18.04 LTS these changes must be done via netplan. Below I will explain how to use netplan.
Continue Reading
Until Horizon DaaS 9.1.2 only Identity Manager connector 19.03.0.1 could be used to access the Virtual Apps Collections however Identity Manager connector 19.03.0.1 has been out of general support since 2022-08-31. As of September 27th Workspace ONE Access connector 22.09 has been released (release notes). This version supports Virtual Apps Collections on Horizon DaaS 9.1.4 (released October 2022). Horizon DaaS 9.1.4 and Workspace ONE Access connector 22.09 will create a supported environment again.
In this post, I will show you the steps on how to migrate from the (legacy) connector 19.03.0.1 to Workspace ONE Access connector 22.09.
Migration steps.
Continue Reading
VMware has released new a critical security advisory, VMSA-2021-0028. This advisory is for multiple VMware products that use the popular open-source log4j Java logging component, which was discovered to have a critical vulnerability in it (CVE-2021-44228)
This needs your immediate attention, not just at the VMware product level, but also for all other software in your environment. The log4j component is used by many vendors and software packages. For more information about the VMware products please visit https://www.vmware.com/security/advisories/VMSA-2021-0028.html
For Horizon DaaS 9.0.x and Horizon DaaS 9.1.x. a workaround is provided in the form of a hotfix. The hotfix should be applied to remediate the CVE-2021-44228.
Continue Reading
For Horizon DaaS the Tenant environment needs 2 types of domain service accounts. A domain bind account that is used to perform lookups in your AD domain and a domain join account that is used for joining computer accounts to the domain and performing Sysprep operations.
The domain bind account is rather simpel. Just create a normal user account, provide a password and if the CISO allows you, set the password to never expire.
The domain join account is a little bit different. If you you want to do it quick and dirty you can make the account domain admin and set the password to never expire and you’re done. This however is not recommended. So we need to do delegation of control on the OU where the computer accounts will be created. The following “allow” permissions are needed for Horizon DaaS 9.1 tenants:
Continue Reading
With the release of Horizon DaaS 9, VMware introduced two new appliances the Horizon Version Manager (HVM) and the Horizon Air Link (HAL). The HVM is the automation appliance, based on Rundeck automation. The HAL is the resource manager for the management appliances. With the release of a new version of Horizon DaaS 9, these two appliances must be replaced if a new version is available. Because VMware is always innovating they are adding new features, scripts, and codebases to every new version it would be advised that if you are in the process of installing a new version of Horizon DaaS to make sure you are using the correct version. Check if an updated version of the HVM and HAL is available at my VMware.
Below I will explain how to replace the appliances and assign it to the Horizon DaaS environment.
Continue Reading
An instant-clone desktop pool is an automated desktop pool created from a golden image using the vmFork technology (called instant clone API) in vCenter Server.
Instant clone technology replaces View Composer linked clone as the process for creating non-persistent desktops in Horizon. In addition to using the instant clone API from vCenter Server, Horizon also creates several types of internal VMs (Internal Template, Replica VM, and Parent VM) to manage these clones in a more scalable way.
Sometimes it happens that when an Instant-Clone desktop and image is removed the internal VMs are not removed completely. From Horizon 7.11 and newer VMware introduced a tool called IcCleanup.cmd which is located in the C:\Program Files\VMware\VMware View\Server\tools\bin directory. This utility can be used to unprotect and delete some or all of the internal VMs created by instant clones. Below I will explain how to use the utility to delete some of the internal VMs left behind.
With latest major version of VMware Horizon, VMware introduced Instant-Clone Smart Provisioning. Horizon automatically chooses to provision instant clones directly from the replicaVM without creating any parentVM. This is a big advantage with the older Instant-Clone.
Continue Reading
This week Horizon DaaS 9.0.1 hotfix has been released. With this release, Horizon DaaS is a step closer to aligning with Horizon Cloud 20.2.0. The hotfix is available for download on My VMware. This version includes the following:
Full release notes can be found here: Horizon DaaS 9.0.x Release Notes
In this post I will explain how to install this hotfix using the HVM (Horizon Version Manager) appliance.
Continue ReadingCustomizing the Horizon DaaS User portal with a custom logo is not an easy job. Below you will find the instruction to change the default logo and background for a custom one.
Continue ReadingLately, we see a lot of customers adding GPU cards to their ESXi hosts to support GPU-accelerated VDI’s. In this blog, I will explain how the GPU enabled cluster is added step by step to VMware Horizon DaaS.
Continue ReadingThe VMware Unified Access Gateway (UAG) is a virtual appliance primarily used to allow secure external access to your organization’s applications. These application can be native windows applications, software as a service (SaaS) applications, and desktops. VMware UAG is typically deployed in a DMZ. For more information see: https://docs.vmware.com/en/Unified-Access-Gateway/index.html
A while ago a customer had an issue with deploying the VMware Unified Access Gateway. The customer imported the OVA and did the necessary config to deploy the OVA. Once installed the OVA didn’t start and came back with a strange error message:
Cannot initialize property ‘gateway2’. Network ‘DAAS-01_BE’ has no associated network protocol profile.