Category: VMware - Page 2 - Geursen.net Geursen.net

Jun 29 / 2021
1

9.x, DaaS, EUC, Horizon, vExpert, VMware

Domain-Join account Horizon DaaS 9.x

For Horizon DaaS the Tenant environment needs 2 types of domain service accounts. A domain bind account that is used to perform lookups in your AD domain and a domain join account that is used for joining computer accounts to the domain and performing Sysprep operations.

The domain bind account is rather simpel. Just create a normal user account, provide a password and if the CISO allows you, set the password to never expire.

The domain join account is a little bit different. If you you want to do it quick and dirty you can make the account domain admin and set the password to never expire and you’re done. This however is not recommended. So we need to do delegation of control on the OU where the computer accounts will be created. The following “allow” permissions are needed for Horizon DaaS 9.1 tenants:

Feb 11 / 2021
0

DaaS, Horizon, Rundeck, VMware

Replacing the Horizon Version Manager and Horizon Air Link appliances

With the release of Horizon DaaS 9, VMware introduced two new appliances the Horizon Version Manager (HVM) and the Horizon Air Link (HAL). The HVM is the automation appliance, based on Rundeck automation. The HAL is the resource manager for the management appliances. With the release of a new version of Horizon DaaS 9, these two appliances must be replaced if a new version is available. Because VMware is always innovating they are adding new features, scripts, and codebases to every new version it would be advised that if you are in the process of installing a new version of Horizon DaaS to make sure you are using the correct version. Check if an updated version of the HVM and HAL is available at my VMware.

Below I will explain how to replace the appliances and assign it to the Horizon DaaS environment.

Jan 22 / 2021
0

DaaS, Instant-Clone, vSphere

Instant-Clone Clean-up

An instant-clone desktop pool is an automated desktop pool created from a golden image using the vmFork technology (called instant clone API) in vCenter Server.

Instant clone technology replaces View Composer linked clone as the process for creating non-persistent desktops in Horizon. In addition to using the instant clone API from vCenter Server, Horizon also creates several types of internal VMs (Internal Template, Replica VM, and Parent VM) to manage these clones in a more scalable way.

Sometimes it happens that when an Instant-Clone desktop and image is removed the internal VMs are not removed completely. From Horizon 7.11 and newer VMware introduced a tool called IcCleanup.cmd which is located in the C:\Program Files\VMware\VMware View\Server\tools\bin directory. This utility can be used to unprotect and delete some or all of the internal VMs created by instant clones. Below I will explain how to use the utility to delete some of the internal VMs left behind.

Instant-Clone Smart Provisioning

With latest major version of VMware Horizon, VMware introduced Instant-Clone Smart Provisioning. Horizon automatically chooses to provision instant clones directly from the replicaVM without creating any parentVM. This is a big advantage with the older Instant-Clone.

May 27 / 2020
1

Verify, VMware, Workspace ONE

Adding VMware Verify to VMware Workspace ONE Access

My colleague Arno Meijroos wrote a nice blog on “How to integrate Horizon DaaS 9.0 with Workspace ONE Access“. In extent on his blog, I want to explain how to add Vmware Verify for two-factor authentication (2FA).

VMware Verify

You can use the Verify app to secure login to VMware Workspace ONE and other apps. The Verify app is available for iOS, Android, and Chrome. It uses modern mobile push tokens, where users get a push notification on their mobile device that they can simply accept or deny. When the user’s device does not have cellular reception, such as in airplane mode when traveling, the user can open the Verify app and use a one-time passcode (aka soft token). Also a one-time passcode via SMS is available.

Apr 29 / 2020
0

DaaS, Horizon, Uncategorized, VMware

Customize Vmware Horizon DaaS User portal

Customizing the Horizon DaaS User portal with a custom logo is not an easy job. Below you will find the instruction to change the default logo and background for a custom one.

Oct 23 / 2019
0

DaaS, Horizon, Uncategorized, VMware

How to add GPU enabled Cluster to Horizon DaaS

Lately, we see a lot of customers adding GPU cards to their ESXi hosts to support GPU-accelerated VDI’s. In this blog, I will explain how the GPU enabled cluster is added step by step to VMware Horizon DaaS.

Jun 11 / 2019
0

Horizon, UEM, Uncategorized, VMware

VMware UEM – Unable to browse AD groups in Conditions and Condition Sets

Within VMware UEM you are able to filter out settings based on conditions. These condition can be set directly on the config or by creating a condition set and attach the condition set on the config. Some examples of conditions are Endpoint IP Address, Environment Variables, Group Membership, IP Address and a lot more.

Problem

At a customer we experienced a very strange problem. Once starting the VMware UEM Management console and changing or creating a condition or condition set. We were not able to browse the AD when selecting the condition Group Membership. The browse button was grayed out and we got the following message: Browsing for groups is only available on domain-joined computers. So the strange part is: The machine is domain joined.

May 09 / 2019
0

DaaS, DVS, UAG, VMware, vSphere

Horizon DaaS: Unable to start VMware UAG

The VMware Unified Access Gateway (UAG) is a virtual appliance primarily used to allow secure external access to your organization’s applications. These application can be native windows applications, software as a service (SaaS) applications, and desktops. VMware UAG is typically deployed in a DMZ. For more information see: https://docs.vmware.com/en/Unified-Access-Gateway/index.html

Problem

A while ago a customer had an issue with deploying the VMware Unified Access Gateway. The customer imported the OVA and did the necessary config to deploy the OVA. Once installed the OVA didn’t start and came back with a strange error message:

Cannot initialize property ‘gateway2’. Network ‘DAAS-01_BE’ has no associated network protocol profile.

Mar 06 / 2017
0

Citrix, Microsoft, Uncategorized, VMware

About me

My name is Niels Geursen and I work as an IT Architect.

I started my career in the year 2000. I learned about IT challenges from small to enterprise companies in the past years. In all these years I also got the opportunity to educate myself by following courses and doing exams for Citrix, Microsoft, and VMware. This led to the following certification: MCSE 2012, CCE-V, VCP6-DTM, and much more.

In June 2019 I was included in the vExpert program of VMware which was renewed in 2020, 2021, and 2022. I was also added to the sub-programs Cloud Providers and EUC.

My experience mainly focuses on end-user computing this could be on-premises or in the cloud.

I hope you have fun reading my Blog!

Mar 31 / 2016
0

App-V, Microsoft, UEM, VMware

Slow application start times VMware UEM and App-V

When users need to wait for 60 seconds until they can interact with the application the user experience is impacted. We encountered this behaviour at a costumer and needed to troubleshoot this.

To read more on how I found the problem by excluding antivirus and group policy settings see my guest blog post at Logit Blog

Posts Categorized / VMware

Instant-Clone Smart Provisioning

VMware Verify

Problem

Problem