9. Horizon Linux Multi-Session Farms
Linux can and has been a fundamental platform for developers to work from. From a licensing perspective, in many cases organization like to keep costs down in favour and would then consider Linux as an alternative. The Linux integration with VMware Horizon is not well documented. Like the Windows Operating system where we have both Virtual Desktop infrastructure and RDS Published applications, Linux too has a Virtual Desktop and Application based offering. In this session we will look at the RDS equivalent of Linux, that being Linux Multi-Session. One of the objectives in this guide is take you through step by step to deploy a Linux based Multi-Session Farm and then have Published Applications.
Full credit to Rahul Jha in the TECHSEALS team to bring together the underlying requirements to make this work
Part 1. Preparing an Ubuntu base for Horizon Linux Multi - Session for Site 2
We will complete the following tasks
- We domain join the Linux Master
- We configure TrueSSO for Linux Master
- We install the Horizon Agent
- On your Control Center server
- open your Site 2 Chrome Browser
- on the Favourites Bar
- select the vcenter-01a shortcut
- on the Favourites Bar
- open your Site 2 Chrome Browser
- In the VMware vSphere client area
- In the username area
- enter [email protected]
- In the password area
- enter Pa$$w0rd
-
At the bottom of the screen
- select LOGIN
- In the username area
- In the VMware vSphere client
- In the Hosts & Clusters Inventory
- select the LinuxMaster-1a virtual machine
- Note: Power on the LinuxMaster-1a if it's off
- select the LinuxMaster-1a virtual machine
- In the Virtual Machine Details area
- Next to IP Addresses (2)
- make a note of YOUR specified assigned DHCP IP address
- Note: In the example its 172.16.10.151
- make a note of YOUR specified assigned DHCP IP address
- Next to IP Addresses (2)
- Minimize your Site 1 Chrome Browser
- In the Hosts & Clusters Inventory
- On the ControlCenter server desktop
- Select and launch the Putty shortcut
- In the Putty Configuration window
- under Host Name (or IP address)
- enter Your DHCP IP address for LinuxMaster-1a
- under Saved Sessions
- enter LinuxMaster-1a
- in the Saved Sessions area under Load
- select Save
- select Open
- under Host Name (or IP address)
- In the Putty Window
- next to login as:
- enter vmware
- next to password:
- enter Pa$$w0rd
- with your keyboard
- select ENTER
- next to login as:
- In the Putty window
- enter sudo nano /etc/hosts
-
next to password for vmware:
- enter Pa$$w0rd
- In the Putty window
- verify in line 2 that we have already appended
- linuxmaster-1a.techseals.co
- linuxmaster-1a
- with your keyboard
- press CTRL + X
- verify in line 2 that we have already appended
9. In the Putty window
- enter
sudo apt-get update
- when prompted for password
- enter Pa$$w0rd
- In the Putty window
- Install the Winbind and Samba packages
- enter the following command
- Install the Winbind and Samba packages
sudo apt install samba krb5-config krb5-user winbind libpam-winbind libnss-winbind
- enter to install.
Y
- validate that winbind is already installed and its the newest version
sudo apt install tdb-tools
- In the Putty window
- enter the following command
sudo nano /etc/samba/smb.conf
- In the Putty window
- with your Keyboard,
- move your Cursor down until its two spaces
- below [global]
- move your Cursor down until its two spaces
- with your Keyboard,
- In the Putty window
- Copy the following from below
security = ads
realm = TECHSEALS.CO
workgroup = TECHSEALS.CO
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
winbind use default domain = yes
restrict anonymous = 2
kerberos method = secrets and keytab
winbind refresh tickets = true
- Paste in your Putty console
- In the Putty window
- using your keyboard,
- move your Cursor down,
- until you find workgroup = WORKGROUP
- replace WORKGROUP with TECHSEALS
- move your Cursor down,
- using your keyboard,
- In the Putty window
- To save the smb.conf
- using your keyboard,
- enter CTRL + X
- press Y
- press Enter
- using your keyboard,
- To save the smb.conf
- In the Putty window
- to restart the smbd.service
sudo systemctl restart smbd.service
- In the Putty window
- enter the following command
sudo nano /etc/krb5.conf
- In the Putty window
- In the [libdefaults] section
- using your keyboard,
- move the cursor below default_realm = TECHSEALS.CO
- paste the following
- using your keyboard,
- In the [libdefaults] section
dns_lookup_realm = true
dns_lookup_kdc = true
- In the Putty window
- using your Keyboard,
- move your cursor down
- until you find {realms}
- leave your cursor
- over the ATHENA.MIT.EDU
- move your cursor down
-
with your Keyboard
- press ENTER
- press the TAB key
- move your cursor one row up
- press the TAB key
- press ENTER
- using your Keyboard,
- In the Putty window
- above ATHENA.MIT.EDU
- type in the following
- above ATHENA.MIT.EDU
TECHSEALS.CO = {
kdc = controlcenter.techseals.co
admin_server = controlcenter.techseals.co
}
- In the Putty window
- move your Cursor down
- to {domain_realm}
- open a new row,
- between {domain_realm} and .mit.edu = ATHENA.MIT.EDU
- move your Cursor down
- In the Putty window
- Below {domain_realm}
- type the following
- Below {domain_realm}
techseals.co = TECHSEALS.CO
.techseals.co = TECHSEALS.CO
- In the Putty window
- using your keyboard,
- enter CTRL + X
- press Y
- press Enter
- enter CTRL + X
- using your keyboard,
- In the Putty window
- enter the following command
sudo nano /etc/nsswitch.conf
- In the Putty window
- change the following to
- next to:
- change the following to
passwd: files winbind
group: files winbind
shadow: files winbind
- enter CTRL + X
- press Y
- press Enter
- In the Putty window
- enter the following command
sudo kinit administrator
- with your keyboard
- press Enter
- next to Password for [email protected]:
- type Pa$$w0rd
- In the Putty window
- enter the following command
sudo klist
-
with your keyboard
- press ENTER
- In the Putty window
- enter the following command
sudo net ads keytab create -U administrator
-
next to Password for [TECHSEALS.CO\administrator]:
- type Pa$$w0rd
- In the Putty window
- enter the following command
sudo net ads join -U administrator
- next to Password for [TECHSEALS.CO\administrator]:
- type Pa$$w0rd
- In the Putty window
- enter the following command
sudo systemctl restart winbind.service
- In the Putty window
- enter the following command
wbinfo -u
-
with your keyboard
- press Enter
- In the Putty window
- enter the following command
wbinfo -g
- with your keyboard
- press Enter
- In the Putty window
- enter the following command
sudo reboot
- In the Putty window (inactive)
- select the top left corner icon
- from the drop down menu
- select Restart Session
- from the drop down menu
- select the top left corner icon
- In the Putty window
- next to login as :
- enter vmware
- with your keyboard
- press ENTER
- with your keyboard
- enter vmware
- next to password :
- enter Pa$$w0rd
- with your keyboard
- press ENTER
- with your keyboard
- enter Pa$$w0rd
- next to login as :
- On your Ubuntu desktop,
- to install the pkcs11 support package
- in the Putty session enter
- to install the pkcs11 support package
sudo apt install libpam-pkcs11
-
when prompted for password
- enter Pa$$w0rd
- On your Ubuntu desktop,
- to Install the libnss3-tools package
- In the Putty session enter
- to Install the libnss3-tools package
sudo apt install libnss3-tools
- with your keyboard
- press ENTER
- On your ControlCenter server
- select the START button
- in the menu
- select Window Administrative tools
- in the menu
- select the START button
- In the Administrative Tools area
- select Certificate Authority
- In the Certificate Authority console
- select & right-click techseals-CONTROLCENTER-CA
- in the drop menu
- select Properties
- in the drop menu
- select & right-click techseals-CONTROLCENTER-CA
- In the CONTROLCENTER-CA Properties
- select View Certificate
-
In the Certificate window
- select the Details tab
- In the Certificate > Details tab
- select Copy to File....
- In the Welcome to the Certificate Export Wizard page
- select Next
- In the Certificate Export Wizard
-
Export File Format page
- next to DER encoded X.509 (.CER)
- select the radio button
- select Next
- next to DER encoded X.509 (.CER)
-
Export File Format page
- In the Certificate Export Wizard
-
File to Export page
- select Browse..
- browse to C:\certificates\
- next to File name:
- enter certificate
- select Save
- enter certificate
- next to File name:
- browse to C:\certificates\
- select Next
- select Browse..
-
File to Export page
- In the Certificate Export Wizard
-
Completing the Certificate Export Wizard page
- select Finish
-
to close the The export was successful message and Export wizard
- select OK
-
to close the Certificate window
- select OK
- to close the techseals-CONTROLCENTER-CA Properties window
- select OK
- Close the Certsrv admin console
-
Completing the Certificate Export Wizard page
- On your ControlCenter server Taskbar
- in the search area
- enter WinSCP
- launch your WinSCP client
- in the search area
- In the WinSCP client
- below Host name:
- enter your Linux Master IP address
- below User name:
- enter vmware
- below Password
- enter Pa$$w0rd
- select Login
-
In the Warning window
- select Yes
- below Host name:
- In the WinSCP client
- select the UP arrow twice
- In the WinSCP client
- select and open the tmp folder
- On the Controlcenter server
- from the desktop, Taskbar
- open the folder Icon
- browse to C:\ > Certificates
- open the folder Icon
- from the desktop, Taskbar
- On the Controlcenter server
- from the C:\Certificates folder
- select and drag certificate.cer to WinSCP /tmp/ folder
-
in the Upload window
- select OK
- from the C:\Certificates folder
- In your Putty Ubuntu desktop session,
- to locate the root CA certificate that you downloaded,
- enter the following commands
- to locate the root CA certificate that you downloaded,
cd /tmp
ls
- you should see the certificate.cer certificate
- On your Putty Ubuntu desktop session,
- convert the CER file to . PEM format
- this will also serve to validate the file format
- in the Putty session enter the following commands
- this will also serve to validate the file format
- convert the CER file to . PEM format
sudo openssl x509 -inform der -in /tmp/certificate.cer -out /tmp/certificate.pem
- once the file is converted, run the following command to validate
ls
- On your Putty Ubuntu desktop session,
- make an /etc/pki/nssdb directory to contain the system database
sudo mkdir -p /etc/pki/nssdb
- On your Putty Ubuntu desktop session,
- to use the certutil command to install the root CA certificate to the system database/etc/pki/nssdb
- enter
- to use the certutil command to install the root CA certificate to the system database/etc/pki/nssdb
sudo certutil -A -d /etc/pki/nssdb -n "root CA cert" -t "CT,C,C" -i /tmp/certificate.pem
- On your Putty Ubuntu desktop session,
- copy the root CA certificate to the/etc/pam_pkcs11/ca certs directory.
- execute two commands one after the other
- copy the root CA certificate to the/etc/pam_pkcs11/ca certs directory.
mkdir -p /etc/pam_pkcs11/cacerts
sudo cp /tmp/certificate.pem /etc/pam_pkcs11/cacerts
- On your Putty Ubuntu desktop session,
- to create a hash link for the root CA certificate. .
- enter the following commands
- to create a hash link for the root CA certificate. .
cd /etc/pam_pkcs11/cacerts
sudo pkcs11_make_hash_link
- In the WinSCP window
- In the right pane navigate to
- next to tmp
- navigate Up one level
- from the dropdown
- select /<root>
-
in the folder heirarchy of root
- open home
- in the folder heirarchy of home
- open vmware
- in the folder heirarchy of vmware
- select Downloads
- from the dropdown
- navigate Up one level
- next to tmp
- In the right pane navigate to
- On the ControlCenter server desktop
- open the software shortcut
- open the Horizon > Linux folder
- select VMware-horizonagent-linux-x86_64-2312-8.12.0-23145208.tar.gz right-click
- select Copy
- switch back to WinSCP
- select VMware-horizonagent-linux-x86_64-2312-8.12.0-23145208.tar.gz right-click
- open the Horizon > Linux folder
- open the software shortcut
- In the WinSCP window
- In the right pane
-
select and right-click to launch the menu
- select Paste
-
In the Upload window
- select OK
-
select and right-click to launch the menu
- switch back to your Putty session
- In the right pane
- In your Putty Ubuntu desktop session,
- enter the following command:
sudo apt install open-vm-tools-desktop open-vm-tools
- with your keyboard
- press ENTER
- If necessary
- next to password for vmware:
- enter Pa$$w0rd
- from the output
- next to password for vmware:
- If necessary
- validate that open-vm-tools is installed and you have the latest version
- press ENTER
- In your Putty Ubuntu desktop session,
- with your keyboard
- type
- with your keyboard
cd /home/vmware/Downloads/
- In the /Downloads$ path
- with your keyboard
- type
ls -l
- Press ENTER
- type
tar -zxvf VMware-horizonagent-linux-x86_64-2312-8.12.0-23145208.tar.gz
Note: The above command will extract the files from the compressed agent bundle
- In your Putty Ubuntu desktop session,
-
/Downloads$
- with your keyboard
-
to list the files
- type
-
/Downloads$
ls
- type
cd VMware-horizonagent-linux-x86_64-2312-8.12.0-23145208
- press ENTER
- In your Putty Ubuntu desktop session,
- Install the Linux Agent with TrueSSO Mode and Multi-session mode enabled
- type
- Install the Linux Agent with TrueSSO Mode and Multi-session mode enabled
sudo ./install_viewagent.sh --multiple-session -T yes
-
with your keyboard
-
Press ENTER
-
if prompted [sudo] password for vmware:
-
type Pa$$w0rd
- Press ENTER
-
type Pa$$w0rd
- when prompted, Are you sure to install Linux agent (y/n)?
- type
-
if prompted [sudo] password for vmware:
-
Press ENTER
Y
- Press ENTER
Once the agent installation is complete, a message will show up
- Installation Done
- In your Putty Ubuntu desktop session,
- type
sudo nano /etc/vmware/viewagent-custom.conf
- press ENTER
- In your Putty Ubuntu desktop session,
- NANO console
- using your keyboard,
- navigate your cursor to the bottom of this window
- below
- #AppEnable=FALSE
- insert the following
- using your keyboard,
- NANO console
OfflineJoinDomain=samba
NetbiosDomain=TECHSEALS
-
using your keyboard
-
to EXIT
- press CTRL + X
- to SAVE
- press Y
- press ENTER
-
to EXIT
- On ControlCenter server desktop
- select the Software shortcut
- in the Software share
- browse to \Horizon\Linux
- in the Linux folder
- select and copy pam_pks11.conf
- in the Linux folder
- browse to \Horizon\Linux
- in the Software share
- select the Software shortcut
- On ControlCenter server
- switch to WinSCP
- In WinSCP
- from /home/vmware/Downloads
- from the dropdown
- browse UP to root
- from the dropdown
- from root
- select and open the /tmp folder
-
In the tmp folder
- paste pam_pkcs11.conf
-
in the Upload window
- select OK
- from /home/vmware/Downloads
- In WinSCP
- switch to WinSCP
- In your Putty Ubuntu desktop session,
- enter the following
cd /tmp
sudo cp pam_pkcs11.conf /etc/pam_pkcs11/
- In your Putty Ubuntu desktop session,
- modify the permission of the just copied pam_pkcs11.conf
sudo chmod 777 /etc/pam_pkcs11/pam_pkcs11.conf
ls -l /etc/pam_pkcs11/pam_pkcs11.conf
- In your Putty Ubuntu desktop session,
- set the access permissions for the /etc/krb5.conf configuration file to 644
sudo chmod 644 /etc/krb5.conf
ls -l /etc/krb5.conf
Many applications on first launch require a range of configurations. We will mitigate these challenges with the following command line functions
- In your Putty Ubuntu desktop session,
- enter
sudo -i
- with your keyboard
- press ENTER
-
if prompted for password for vmware:
- enter Pa$$w0rd
- In your Putty Ubuntu desktop session,
- enter
cd /etc/
- with your keyboard
- press ENTER
- enter
mv skel skel.bak
- with your keyboard
- press ENTER
- In your Putty Ubuntu desktop session,
- enter
cp -R /home/vmware skel
- with your keyboard
- press ENTER
- enter
ls skel
- with your keyboard
- press ENTER
- In your Putty Ubuntu desktop session,
- enter
chown root:root -R skel
- with your keyboard
- press ENTER
- enter
reboot
- with your keyboard
- press ENTER
- In the Putty window (inactive)
- select the top left corner icon
- From the drop down menu
- select Restart Session
- In your Putty Ubuntu desktop session,
- next to login as :
- enter vmware
- with your keyboard
- press ENTER
- with your keyboard
- next to password :
- enter Pa$$w0rd
- with your keyboard
- press ENTER
- with your keyboard
- enter Pa$$w0rd
- enter vmware
- next to login as :
- In your Putty Ubuntu desktop session,
- enter
sudo shutdown
-
when prompted for password
- enter
- Pa$$w0rd
- On your ControlCenter server
-
close out the following windows
- PUTTY
- WINSCP
- FILE Explorer
- Notepad++
-
close out the following windows
Part 2. Configuring Horizon to Deploy a Linux Multi-Session Farm for Site 2
Introduction. We will configure the following
- Configure the Linux Farm for Site 2
- On your ControlCenter server
- open your Site 2 Chrome Browser
- in the Favourites Bar
- select the vcenter-02a shortcut
- under Getting Started
- select LAUNCH VSPHERE CLIENT
- in the Favourites Bar
- open your Site 2 Chrome Browser
- In the vSphere client
- In the Username area
- type [email protected]
- In the Password area
- type Pa$$w0rd
- select LOGIN
- In the Username area
- In the vSphere client
-
Hosts & Clusters Inventory
-
select LinuxMaster-1a
- right-click
- In the Menu,
- select Snapshots > Take Snapshot...
-
select LinuxMaster-1a
-
Hosts & Clusters Inventory
- In the Take snapshot window
- next to Name
- type Horizon Linux Agent
- at the bottom of the window
- select CREATE
- next to Name
- On your Site 2, Chrome Browser
- In the Favourites Bar
- select the Horizon Site 2 shortcut
- In the Favourites Bar
- In the Horizon Login Console
- In the Username area
- enter administrator
- In the Password area
- enter Pa$$w0rd
- select Sign In
- In the Username area
- In the Horizon Admin Console
- expand Inventory
- select Farms
- in the Farms area
- select Add
- expand Inventory
- In the Add Farm wizard
-
Type area
- accept the default
- in the bottom right corner
- select Next
- in the bottom right corner
- accept the default
-
Type area
- In the Add Farm wizard
-
vCenter Server area
- accept the default
- in the bottom right corner
- select Next
- in the bottom right corner
- accept the default
-
vCenter Server area
- In the Add Farm wizard
-
Storage Optimization area
- accept the default
- in the bottom right corner
- select Next
- in the bottom right corner
- accept the default
-
Storage Optimization area
- In the Add Farm wizard
-
Identification and Settings area
- configure the following:-
- below *ID
- enter LinuxSEAFarm
- below *ID
- configure the following:-
-
Identification and Settings area
- In the Add Farm wizard
-
Identification and Settings area
- configure the following:-
- under Farm Settings
-
Default Display Protocol
- Blast
-
Allow Users to Choose Protocol
- No
-
Default Display Protocol
- under Pre-launch Session Timeout (Applications Only)
- select Never
- under Empty Session Timeout (Applications Only)
- select Immediate
- under When Timeout Occurs
- select Log Off
- under Logoff Disconnected Sessions
- select Immediate
- under Max Sessions Per RDS Host
- select No More Than enter 3
- under Farm Settings
- select Next
- configure the following:-
-
Identification and Settings area
- In the Add Farm wizard
-
Load Balancing Settings area
- accept the default
- in the bottom right corner
- select Next
- in the bottom right corner
- accept the default
-
Load Balancing Settings area
- In the Add Farm wizard
-
Provisioning Settings area
- configure the following:-
- under *Naming Pattern
- enter LinuxSEA-
- under *Maximum Machines
- enter 2
- select Next
- under *Naming Pattern
- configure the following:-
-
Provisioning Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *Golden Image in vCenter
- select Browse
- in the Select Golden Image window
- next to LinuxMaster-1a
- select the radio button
- next to LinuxMaster-1a
- select Submit
- under *Golden Image in vCenter
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *Snapshot
- select Browse
- in the Select Default Image window
- next to Horizon Linux Agent
- select the radio button
- select Submit
- select the radio button
- next to Horizon Linux Agent
- under *Snapshot
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *VM Folder Location
- select Browse
- in the VM Folder Location window
- select the Region01A
- select Submit
- select the Region01A
- under *VM Folder Location
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *Cluster
- select Browse
- in the Select Cluster window
- select the Seattle
- select Submit
- select the Seattle
- under *Cluster
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *Resource Pool
- select Browse
- in the Resource Pool window
- select the Bangalore
- select Submit
- select the Bangalore
- under *Resource Pool
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- configure the following:-
- under *Datastores
- select Browse
- in the Resource Pool window
- next to CorpLun01a
- select the radio button
- next to CorpLun01a
- select Submit
- in the Warning window
- select OK
- under *Datastores
- configure the following:-
-
vCenter Settings area
- In the Add Farm wizard
-
vCenter Settings area
- leave the VM Compute Profile Settings as default
- review your configurations
- in the bottom right corner
- select Next
-
vCenter Settings area
- In the Add Farm wizard
-
Guest Customization area
- configure the following:-
- under *AD Container
- select Browse
- in the AD Container window
- expand OU=Corp
- select OU=Computers, OU=Corp
- expand OU=Corp
- select Submit
- under *AD Container
- configure the following:-
-
Guest Customization area
- In the Add Farm wizard
-
Guest Customization area
- configure the following:-
- under *AD Container
- next to Allow Reuse of Existing Computer Accounts
- select the CHECKBOX
- next to Allow Reuse of Existing Computer Accounts
- under *AD Container
-
In the bottom right corner
- select Next
- configure the following:-
-
Guest Customization area
- In the Add Farm wizard
-
Ready to Complete window
- review your configuration
- select Submit
- review your configuration
-
Ready to Complete window
Wait for at least 20 minutes for the provisioning to complete
- In VMware Horizon Admin Console
- under Inventory
- select Machines
- In the Machines area
- select the RDS Hosts tab
- In the Machines area
- select Machines
- under Inventory
- In the Machines / RDS area
- scroll to the right
- wait & keep refreshing the page until the Status says Available for both servers
Part 3. Configuring Global Entitlements for the Multi-session Assignments
- On your Site 2 Browser
-
Horizon Admin Console login
- In the Username area
- enter administrator
- In the Password area
- enter Pa$$w0rd
- select Sign in
- In the Username area
-
Horizon Admin Console login
- In the Horizon Admin console
-
Menu pane
- below Inventory
- select Global Entitlements
- below Inventory
-
Menu pane
- In the Global Entitlements area
- select Add
- In the Add Global Entitlement window
- next to :
-
Type
- Next to Application entitlement a
- select the radio button
- Next to Application entitlement a
-
Type
- In the bottom right-corner
- select Next
- next to :
- In the Add Global Entitlement window
-
next to :
-
Name and Policies
- under Name
- enter Enterprise Corp Calculator
- under Display Name
- enter Calculator
- under Name
-
Name and Policies
-
next to :
- In the Add Global Entitlement window
- next to :
-
Name and Policies
- under Policies > Scope
- select the radio button
- All Sites
- select the radio button
- under Default Display Protocol
- from the dropdown
- select VMware Blast
-
below Allow Users to Choose Protocol
-
from the dropdown
- select NO
-
from the dropdown
-
next to Pre - Launch
- select the Checkbox
- from the dropdown
- In the bottom right-corner
- select Next
- under Policies > Scope
-
Name and Policies
- next to :
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
- select Add
- under Add users or groups to the global entitlement
-
Users and Groups
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Sales
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
-
Users and Groups
- select Add
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Developers
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- select Next
- In the Add Global Entitlement window
-
Ready to Complete section
- in the bottom right-corner
- select Finish
- in the bottom right-corner
-
Ready to Complete section
- In the Global Entitlements area
- select Enterprise Corp Calculator
- In the Enterprise Corp Calculator window
- select the Local Pools tab
- In the Enterprise Corp Calculator window
- In the Local Pools tab area
- select Add
- In the Local Pools tab area
- In the Assign Pools - Enterprise Corp Calculator window
- under ID
- next to Calculator
- select the checkbox
- next to Calculator
- select Add
- under ID
- In the VMware Horizon Admin console
- Note your Global Entitlement now has a local assignment
- called Calculator
- In menu pane
- under Inventory
- select Global Entitlements
- under Inventory
- Note your Global Entitlement now has a local assignment
- In the Global Entitlements area
- select Add
- In the Add Global Entitlement window
- next to :
-
Type
- Next to Application entitlement
- select the radio button
- Next to Application entitlement
-
Type
- In the bottom right-corner
- select Next
- next to :
- In the Add Global Entitlement window
- next to :
-
Name and Policies
- under Name
- enter Enterprise Corp Sudoku
- under Display Name
- enter Sudoku
- under Name
-
Name and Policies
- next to :
- In the Add Global Entitlement window
- next to :
-
Name and Policies
- under Policies > Scope
- select the radio button
- All Sites
- select the radio button
- under Default Display Protocol
- from the dropdown
- select VMware Blast
-
below Allow Users to Choose Protocol
-
from the dropdown
- select NO
-
from the dropdown
-
next to Pre - Launch
- select the Checkbox
- from the dropdown
- In the bottom right-corner
- select Next
- under Policies > Scope
-
Name and Policies
- next to :
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
- select Add
- under Add users or groups to the global entitlement
-
Users and Groups
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Sales
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
-
Users and Groups
- select Add
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Developers
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- select Next
- In the Add Global Entitlement window
-
Ready to Complete section
- in the bottom right-corner
- select Finish
- in the bottom right-corner
-
Ready to Complete section
- In the Global Entitlements window
- select Enterprise Corp Sudoku
- In the Enterprise Corp Sudoku window
- select the Local Pools tab
- In the Enterprise Corp Sudoku window
- In the Local Pools tab area
- select Add
- In the Local Pools tab area
- In the Assign Pools - Enterprise Corp Sudoku window
- under ID
- next to Sudoku
- select the checkbox
- next to Sudoku
- select Add
- under ID
- In the VMware Horizon Admin console
- Note your Global Entitlement now has a local assignment
- called Sudoku
- In menu pane
- under Inventory
- select Global Entitlements
- under Inventory
- In the Global Entitlements area
- select Add
- In the Add Global Entitlement window
- next to :
-
Type
- Next to Application entitlement
- select the radio button
- Next to Application entitlement
-
Type
- In the bottom right-corner
- select Next
- next to :
- In the Add Global Entitlement window
- next to :
-
Name and Policies
- under Name
- enter Enterprise Corp Terminal
- under Display Name
- enter Terminal
- under Name
-
Name and Policies
- next to :
- In the Add Global Entitlement window
- next to :
-
Name and Policies
- under Policies > Scope
- select the radio button
- All Sites
- select the radio button
- under Default Display Protocol
- from the dropdown
- select VMware Blast
-
below Allow Users to Choose Protocol
-
from the dropdown
- select NO
-
from the dropdown
-
next to Pre - Launch
- select the Checkbox
- from the dropdown
- In the bottom right-corner
- select Next
- under Policies > Scope
-
Name and Policies
- next to :
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
- select Add
- under Add users or groups to the global entitlement
-
Users and Groups
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Sales
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- next to :
-
Users and Groups
- under Add users or groups to the global entitlement
-
Users and Groups
- select Add
- next to :
- In the Find User or Group window
- in line with Name/User Name
- next to Starts with
- enter Developers
- next to Starts with
- under Description
- select Find
- under Name
- next to sales
- select the checkbox
- next to sales
- in the bottom right-corner
- select OK
- in line with Name/User Name
- In the Add Global Entitlement window
- select Next
- In the Add Global Entitlement window
-
Ready to Complete section
- in the bottom right-corner
- select Finish
- in the bottom right-corner
-
Ready to Complete section
- In the Global Entitlements window
- select Enterprise Corp Terminal
- In the Enterprise Corp Terminal window
- select the Local Pools tab
- In the Enterprise Corp Terminal window
- In the Local Pools tab area
- select Add
- In the Local Pools tab area
- In the Assign Pools - Enterprise Corp Terminal window
- under ID
- next to Terminal
- select the checkbox
- next to Terminal
- select Add
- under ID
- In the VMware Horizon Admin console
- Note your Global Entitlement now has a local assignment
- called Terminal
Part 4. Integrating Multi-session apps with Workspace ONE Access
- We will create Deep Links that will point to the Published Multi session Applications
- Each Web App link will then be assigned to the relevant security groups
- On your ControlCenter server
- ensure you are logged in to your Workspace ONE Cloud services console
- in the Services area
-
under Access
- enter LAUNCH
-
under Access
- in the Services area
- ensure you are logged in to your Workspace ONE Cloud services console
- In the Workspace ONE Access Console
- select Resources
- under the Resources > WEB Apps area
- select NEW
- In the New SaaS Application window
-
In the Definition area
- under Name
- enter Enterprise Corp Calculator
-
under Icon
- select SELECT FILE ...
- under Name
-
In the Definition area
- In the File Explorer > Open window
- In the Quick Access pane
- select Desktop
- in the Desktop area
- select software > Icons
-
in the Icons folder
- select calculator.png
- select Open
-
in the Icons folder
- select software > Icons
- In the Quick Access pane
- In the New SaaS Application window
- In the Definition area
- Select NEXT
- In the Definition area
- In the New SaaS Application window
- In the Configuration area
- below Authentication Type *
- from the dropdown
- select Web Application Link
- from the dropdown
- below Authentication Type *
- In the Configuration area
- In the New SaaS Application window
- In the Configuration area
- below Target URL *
- enter the following URL
- below Target URL *
- In the Configuration area
https://corp.techseals.co:5002/portal/nativeclient/Calculator?action=start-session&desktopProtocol=BLAST&launchMinimized=false
- In the bottom right corner
- select NEXT
- In the New Saas Application window,
- In the Summary section
- Select SAVE & ASSIGN
- In the Summary section
- In the Assign window
- under Users / Groups
- enter Devel
- select [email protected]
- enter Devel
- under Users / Groups
- In the Assign window
- under Users / Groups
- enter sales
- select [email protected]
- enter sales
- under Deployment type
- from the dropdowns
- ensure both Sales and Developers are set to
- Automatic
- ensure both Sales and Developers are set to
- from the dropdowns
- in the bottom right corner
- select SAVE
- under Users / Groups
- In your Workspace ONE Access Console
-
Web Apps interface
- Note your Enterprise Corp Calculator Web Application Link
-
Web Apps interface
- In the Workspace ONE Access Console
- under the Resources > WEB Apps area
- select NEW
- under the Resources > WEB Apps area
- In the New SaaS Application window
-
In the Definition area
- under Name
- enter Enterprise Sudoku
-
under Icon
- select SELECT FILE ...
- under Name
-
In the Definition area
- In the File Explorer > Open window
- In the Quick Access pane
- select Desktop
- in the Desktop area
- select software > software > Icons
-
in the Icons folder
- select sudoku.jpg
- select Open
-
in the Icons folder
- select software > software > Icons
- in the Desktop area
- select Desktop
- In the Quick Access pane
- In the New SaaS Application window
- In the Definition area
- Select NEXT
- In the Definition area
- In the New SaaS Application window
- In the Configuration area
- below Authentication Type *
- from the dropdown
- select Web Application Link
- from the dropdown
- below Authentication Type *
- In the Configuration area
- In the New SaaS Application window
- In the Configuration area
- below Target URL *
- enter the following URL
- below Target URL *
- In the Configuration area
https://corp.techseals.co/portal/nativeclient/Sudoku?action=start-session&desktopProtocol=BLAST&launchMinimized=false
- In the bottom right corner
- select NEXT
- In the New Saas Application window,
-
Summary section
- select SAVE & ASSIGN
-
Summary section
- In the Assign window
- under Users / Groups
- enter Devel
- select [email protected]
- enter Devel
- under Users / Groups
- In the Assign window
- Under Deployment type
- From the dropdown
-
Developers are set to
- Automatic
-
Developers are set to
- From the dropdown
- Under Deployment type
- In the Assign window
- under Users / Groups
- enter Sales
- select [email protected]
- enter Sales
- under Users / Groups
- In the Assign window
- Under Deployment type
- From the dropdown
-
Developers are set to
- Automatic
-
Developers are set to
- In the bottom right corner
- select SAVE
- From the dropdown
- Under Deployment type
- In your Workspace ONE Access Console
-
Web Apps interface
- Note your Enterprise Sudoku Web Application Link
-
Web Apps interface
- In the Workspace ONE Access Console
- under the Resources > WEB Apps area
- select NEW
- under the Resources > WEB Apps area
- In the New SaaS Application window
-
In the Definition area
- under Name
- enter Enterprise Terminal
-
under Icon
- select SELECT FILE ...
- under Name
-
In the Definition area
- In the File Explorer > Open window
- In the Quick Access pane
- select Desktop
- in the Desktop area
- select software > software > Icons
-
in the Icons folder
- select terminal.png
- select Open
-
in the Icons folder
- select software > software > Icons
- In the Quick Access pane
- In the New SaaS Application window
- In the Definition area
- Select NEXT
- In the Definition area
- In the New SaaS Application window
- In the Configuration area
- below Authentication Type *
- from the dropdown
- select Web Application Link
- from the dropdown
- below Authentication Type *
- In the Configuration area
- In the New SaaS Application window
- In the Configuration area
- below Target URL *
- enter the following URL
- below Target URL *
- In the Configuration area
https://corp.techseals.co/portal/nativeclient/Terminal?action=start-session&desktopProtocol=BLAST&launchMinimized=false
- In the bottom right corner
- select NEXT
- In the New Saas Application window,
- In the Summary section
- Select SAVE & ASSIGN
- In the Summary section
- In the Assign window
- under Users / Groups
- enter Devel
- select [email protected]
- enter Devel
- under Users / Groups
- In the Assign window
- Under Deployment type
- From the dropdown
-
Developers are set to
- Automatic
-
Developers are set to
- From the dropdown
- Under Deployment type
- In the Assign window
- under Users / Groups
- enter Sales
- select [email protected]
- enter Sales
- under Users / Groups
- In the Assign window
- under Deployment type
- from the dropdown
-
Developers are set to
- Automatic
-
Developers are set to
- In the bottom right corner
- select SAVE
- from the dropdown
- under Deployment type
- In your Workspace ONE Access Console
-
Web Apps interface
- Note your Enterprise Terminal Web Application Link
-
Web Apps interface
Part 5. Testing Multi-Session Horizon integration with Workspace ONE Access using CPA Global Entitlements
We will conclude this entire lab with a test to validate the configuration we have implemented
- On your Control Center server
- On your Chrome browser
- Open up an Incognito session
- In the address bar enter your Workspace ONE Access tenant url
- On your Chrome browser
- In the Workspace ONE Sign in window
- below Select Your Domain
- select techseals.co
- select Next
- below Select Your Domain
- In the Workspace ONE Sign in window
- below username
- enter craig
- below password
- enter Pa$$w0rd
- select Sign in
- below username
- In the web Intelligent Hub
- select Apps
- In the Open VMware Horizon Client? window
- select Open VMware Horizon Client
- In the web Intelligent Hub
- under New Apps
- select Enterprise Corp Calculator
- under New Apps
- On your ControlCenter session
- Note your Calculator has launched
- Feel free to try launch Sudoku & Terminal
0 Comments
Add your comment