A Technology Journey
There are a few necessary services that need to be running for a Nested VCF lab. These services include Domain Name System (DNS) and Network Time Protocol (NTP). A few additional services, while not necessary, are very helpful. These services include a file server and a management virtual machine.
Continue reading “Nested VCF Lab: Virtual Machines”The networking component for the nested VCF lab is very important. There are certain things that must be configured for a successful deployment. These settings do not apply in a production scenario where the physical hosts are connected to Top-of-Rack Switches. Doing so could open up a serious security situation.
Continue reading “Nested VCF Lab: Networking”I use a YubiKey 5Ci (by Yubico) in my lab. This allows me to log in with a smart card interface. If you are looking for information on how to configure smart card access in your lab, please reference the following post: MyLab: Smart Card Authentication
Continue reading “Configuring Smart Card | Common Access Card (CAC) | Personal Identity Verification (PIV) in VMware vSphere and VMware Horizon”There are a few things that should be configured to ensure the best possible user experience when it comes to a Virtual Desktop Infrastructure (VDI). After all, if the users cannot use it or are logging endless incidents, then we have failed our customer.
Continue reading “VMware Horizon Best Practices”There are some things that should be done prior to upgrading the VxRail that will help with a smooth upgrade. I will not be performing a VxRail upgrade, here, but rather list resources that I have been provided or used in the past. Some of the resources below require you to log in to the Dell Support page.
Disclaimer: I do not work for Dell; these are my notes and should not be used without Dell Support involved in a production scenario.
Continue reading “VxRail: Upgrade Notes”This post will document how to configure VMware Horizon on Unified Access Gateway (UAG). To get this working the first time, ensure the following appliances are configured. A Unified Access Gateway should already be deployed and configured. Reference the link for more information on how to:
* Log into the Appliance Settings
* Configure NTP servers
* Configure TLS settings (Admin and Internet interfaces)
* Configure a SAML Identity Provider (IdP)
* Configure High Availability Settings (if required)
* Configure network settings.
The other technology that should already be configured are the VMware Horizon Connection servers. It is ideal to have separate Horizon Connection servers for internal and external endpoints. The configurations for these servers are different when dealing with tunnels and secure gateways. Ensure the Horizon Connection servers have TLS certificates configured.
Continue reading “MyLab: Configuring VMware Horizon on Unified Access Gateway (UAG)”This post will discuss the initial setup and configuration for an Automated Instant-Clone Farm for use with VMware Horizon. I am going to use this farm to publish applications and connect them into Workspace ONE Access (WS1 Access). Workspace ONE Access is not required for this technology, but can be leveraged. In this example, I am also going to leverage VMware App Volumes instead of installing the applications directly on the server.
Basically, after installing the Remote Desktop Services Role, we will restrict users to a single session through a local group policy, install the VMware Horizon Agent, install the VMware App Volumes Agent, and finally run the VMware Operating System Optimization Tool (OSOT). Once complete, the virtual machine can be shut down, a snapshot can be taken, and then a Farm can be established in the VMware Horizon Console.
Continue reading “MyLab: Automated Instant-Clone Farm (VMware Horizon)”