Introduction to the Horizon Integration Labs

Welcome to the Anywhere Workspace Livefire: Horizon Integration session. The scenario you will be working on this week is a company called EUC-Livefire. They are a very dynamic Organization and have traditionally been an in house Organization that has been required to get all their users to work from home. They need a secure solution that offers a user experience on par with working in the office.

During this course, you will be integrating the security capabilities available in VMware Products specifically Workspace ONE UEM , Workspace ONE Access, VMware Carbon Black,  VMware Horizon, VMware Unified Access Gateway, VMware App Volumes, VMware ThinAPP and VMware Dynamic Environment Manager.  

The objective of this chapter is to introduce to class resources.

Please take the time and document all the URL's and Credentials for the resources you will be using this week

LAB Architecture for this week

LAB Networking Architecture for this week

Your Resource Information

  1. On your Laptop / Desktop
    • Open a Browser and enter the following URL
      • https://vmwarelearningplatform.com/livefire
      • Select LOGIN/REGISTER
      • Next to Username
        • enter your registered username with the Livefire teams
      • Next to Password
        • Enter your VLP password,
          • If you dont know your VLP Password, select Forgot Password?
      • Select LOGIN
  1. In the Labs area
    • Under DIGITAL WORKSPACE,
      • Select ENROLL
  1. In the Enrollments area
    • Expand LAB DETAILS
      • Take a moment to Read the details
    • Select START THIS LAB
  1. Accessing your resources
    • You have two choices as to how you will access your labs
      • The first option is direct access using the VLP Admin Console
      • The second option is RDP .
        • Check your email for the following
          • You should receive and email entitled Livefire-HaaS-VRO (DO NOT REPLY)
          • Open the email and notice there is an attachment
          • Download the attachment
      • Please Note in YOUR email the details
        • To connect to the RDP server
        • Login to the VM (This will be your ControlCenter server)
  1. In your Downloads folder
    • Select and right-click the Livefire Desktop.rdp shortcut
      • Open with your preferred RDP client
    • In your username area : enter
      • YOUR email details to connect to the RDP server Username
      • YOUR email details to connect to the RDP server Password
    • Select OK
  1. In your RDP client session
    • If the login to the ControlCenter fails
    • Ensure the username is [email protected]
    • Ensure the password is VMware1!
    • Select the Sign In arrow
  1. In the VLP interface
    • On the left of the page, select CONSOLES
    • Note the Tier1 virtual machines as mentioned earlier in the LAB Architecture

Colour Code Convention

  • Everything in BOLD BLACK is something to look for, it could be a heading or title providing you context to an area you need to configure or launch
  • Everything in BOLD GREEN is an area to select or click on
  • Everything in BOLD BLUE is something to type in

Account information

On your Laptop or Desktop

  • Step number 1
    • Recently we have decided to use Microsoft TEAMS as a collaborative Platform
      • First, make sure you have Microsoft Teams installed on your Desktop or Laptop
        • Check your email, and select Open Microsoft Teams, to join the Horizon Livefire session
          • This will have all your notes and collaborative info this week.
  • Step number 2
    • It is critical that you have two dummy email accounts with fictitious names
      • 1 will serve the purpose of a Test account
      • 1 will serve the purpose of an Admin account
      • Go to GMAIL.com or Outlook.com and create yourself two fictitious accounts.
        • You can create the accounts in either or both
        • You will be provided a sheet to document all your password. Do not forget to document which account is your Test account and which account will be your Admin account

Part 1. Overview of our On-premise and SaaS resources

On-premise resources

  • The following resources in your lab environment are representative of what the EUC-Livefire organisation "On-premise' resources.
    1. Active Directory Domain Controller and DNS services.
      • Server Name is ControlCenter and the Active Directory Domain is EUC-Livefire.com
    2. Connector Server
      • A dedicated Windows server called ws1.euc-livefire.com, this is dedicated for the Workspace ONE Access & UEM AirWatch connector.
    3. Horizon Infrastructure
      • A Horizon Connection server - Horizon.euc-livefire.com (Installed and Configured)
      • An Enrollment server - TrueSSO.euc-livefire.com (not installed or Configured)
      • An Instant Clone desktop pool with 3 Windows 10 Desktops
      • A RDSH server configured manually for Published Applications
    4. Unified Access Gateway servers
      • To be installed
    5. NSX-T infrastructure - nsxmgr-01a.euc-livefire.com (Deployed and Configured)
      • Managing the 172.16.10.x network which will represents internal communications in our POD environment
      • Managing the 172.16.20.x network which represents DMZ based communications in our POD environment
      • Managing the 172.16.30.x network which represents External communications in our POD environment
      • In addition we are also using the 192.168.110.x and 192.168.110.x IP address ranges as internal networks
    6. Client resources
      1. Windows 10 desktop .
        • W10Ext01a.euc-livefire.com           (TEST CLIENT)
        • W10Client01.euc-livefire.com        (TEST CLIENT
        • CAPTUREVM.euc-livefire.com        (ThinAPP )
        • PackagingVM.euc-livefire.com      (ThinAPP)
        • DEMProfiler.euc-livefire.com         (Dynamic Environment Manager)
      2. Android Device
        • You will be asked to enroll an Android Device, you can either bring your own version of Android or deploy the Android Emulator on a physical laptop. This deployment is optional and we offer a step by step guide on how to do this

Cloud SaaS resources

You will also be able to login with the same email address you logged in the VLP portal on the SaaS Workspace ONE UEM console. .

  • A SaaS Instance of WorkspaceONE UEM (formerly known as VMware AirWatch)
  • A Saas Instance of Workspace ONE Access
  • A Saas instance of VMware Carbon Black

Part 2. Logging Into Workspace ONE UEM

  • Open a browser and navigate https://dw-livefire.awmdm.com
    • Use the e-mail address you signed up to the course with as the User Name (e.g [email protected]) and the password: VMware1!
    • Click Log In
    • In the Terms of Use page select ACCEPT
    • Now set a security question and answer and a four digit Pin
    • You should now be on the Getting started window of the UEM console which is the default landing page.

Part 3. Logging into and gaining access to Workspace ONE Access

  1. Look in your e-mail and you should also have received an e-mail from [email protected].
    • NOTE: Check your JUNK folder
    • This e-mail contains the unique tenant for your vIDM SaaS instance. Click on the TENANT URL to launch the VIDM Admin Console.
    • Use the credentials provided to login : Username: Administrator Password: VMware1!
  1. In the Intelligent Hub web console
    • In the top right-hand corner, select the TA  Icon
    • From the drop down, select Workspace ONE Access Console

Part 4. Configuration of a Custom Test Accounts

It is critical going forward that this is done and understood clearly!

Every attendee needs two accounts.

  1. The first account will be a Custom Test Account that you will create in your Microsoft Active Directory
  2. The second account is a Custom Administrative account with a unique email address you have not used in our training environment previously.
    • We would highly recommend going to GMAIL and creating a custom email address for the sole purpose of use with this weeks labs
      • It will serve well as you will not be spammed in the future from 3rd Party Saas providers, you can simply discard this email after this week.
      • Also when doing your Salesforce lab, you need to ensure that you register with an email address never used before.
  1. Revert to your "On-premise" Infrastructure.
    • On the ControlCenter server, select the Start button
    • In the Start Menu, select Administrative Tools
  1. Open Active Directory User & Computers.
    • Expand the EUC-livefire.com domain,
    • Expand the Corp OU
    • Expand the Marketing OU
  1. On the Marketing OU select and right-click the Marketing OU and select New >  User,
    • For Lab testing Lab to work, we will create a custom test account
    • This will also serve as your test user account for your labs
  1. Fill in the following details:
  • First Name: {your name} e.g. demale
  • Last Name: { your surname} e.g. striteo
  • User logon name: {your first name.last name} e.g demale.striteo
  1. In the New Object - User window,
    • Type and confirm your password VMware1!
    • Select the Password never expires checkbox,
    • select Next,
    • select Finish
  1. In the Marketing OU
    • Select your custom user
    • Select Properties
      • Select the General Tab
      • In the email address area type your logon name followed by "@euc-livefire.com"
        • eg. demale.striteo@euc-livefire.com
  1. In your custom user properties
    • Select the Member Of tab
    • Select Add,
    • In the Enter the object names box type Marketing
    • Select Check Names,
    • Select OK,
    • Select OK
  1. Create a custom GMAIL Admin account for this session
    • Open a browser , and in the address type, www.gmail.com
    • In the Sign in area, select Create account
      • Select For myself
      • Enter relevant information
        • HINT. When creating a custom account, make up a name
      • Select Next
      • Follow through with the associated prompts
  1. A handy suggestion

A useful approach to this lab might be create a separate Chrome Profile,

  • This will assist you with remaining organised and not loosing your links for this session.
  • Your browsing history can be retained
  • You can then bookmark all your hyperlink and save all your passwords to your custom account profile
    • Select the ICON , in the top right-hand of your Chrome Browser
    • Select + ADD
    • On the Set up your new Chrome profile, select Continue without an account (you can sign in later)
    • On the Customise your Chrome Profile page
      • Enter, as an example (Horizon Integration Livefire (August 2021)
      • Select Done

 

Part 5. Integrating with Workspace ONE Intelligence

This part of the lab will take you through how to activate your WorkspaceOne Intelligence Trial environment from the UEM console.

  1. In your Workspace ONE UEM Console 
    • On your left pane, select Monitor
    • Select Intelligence
    • Select LAUNCH

 

  1. In the Terms of Service page
    • Enter your registered email and details
    • In the bottom right corner Select ACCEPT

 

  1. We will setup the integration of WorkspaceOne Intelligence with Workspace ONE Access.
    • This will allow us to begin aggregating information based on logins to Workspace ONE UEM and AppLaunch.
    • At the top of the page select Integrations
  1. In the Workspace ONE Access Box,
    • Select SET UP
  1. In the Set UP Workspace ONE Access window,
    • Select GET STARTED
  1. In the Authorize: Workspace ONE Access window,
    • Expand Authorize Details
    • Next to Authorized URL enter the full FQDN including HTTPS of your ACCESS Tenant
    • Select CONNECT TO WORKSPACE ONE ACCESS
  1. In the Workspace ONE Intelligence Integration window,
    • Select Accept
    • In the Workspace ONE Access authorized successfully window
      • Select FINISH

Part 6: Introduction to the Livefire Company

Overview of the Company

Livefire as an Organization was found in 2003, It  started off a revolutionary approach to financial investment. The Organizations headquarters are in New York USA. The company has branches across the USA and now employs just under 6400 users.

This Organization requires a radical infrastructure re-think as employees  appear to be working from home on a permanent basis for the foreseeable future. We will look at  the VMware Workspace ONE Portfolio as way to grant secure Anywhere Access to users.

As a consulting firm you will do a test of part of VMware Anywhere Access with using the Sales, Marketing, Help Desk and IT Support Teams. In your testing you are welcome to conduct tests using accounts representative of roles in these departments

  • We have the following accounts for the respective departments
    • For Marketing
      • Fernando Dusello                     email is [email protected]
      • Tom Marios                                  email is [email protected]
      • And your custom account
    • For Sales
      • Jill Verneo                                    email is [email protected]
      • Mark Debio                                  email is [email protected]
    • For IT Support we have the following accounts
    • For Help Desk

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.