VxRail: Upgrade Notes

Overview

There are some things that should be done prior to upgrading the VxRail that will help with a smooth upgrade. I will not be performing a VxRail upgrade, here, but rather list resources that I have been provided or used in the past. Some of the resources below require you to log in to the Dell Support page.

Disclaimer: I do not work for Dell; these are my notes and should not be used without Dell Support involved in a production scenario.

Continue reading “VxRail: Upgrade Notes”

MyLab: Configuring VMware Horizon on Unified Access Gateway (UAG)

Overview

This post will document how to configure VMware Horizon on Unified Access Gateway (UAG). To get this working the first time, ensure the following appliances are configured. A Unified Access Gateway should already be deployed and configured. Reference the link for more information on how to:
* Log into the Appliance Settings
* Configure NTP servers
* Configure TLS settings (Admin and Internet interfaces)
* Configure a SAML Identity Provider (IdP)
* Configure High Availability Settings (if required)
* Configure network settings.

The other technology that should already be configured are the VMware Horizon Connection servers. It is ideal to have separate Horizon Connection servers for internal and external endpoints. The configurations for these servers are different when dealing with tunnels and secure gateways. Ensure the Horizon Connection servers have TLS certificates configured.

Continue reading “MyLab: Configuring VMware Horizon on Unified Access Gateway (UAG)”

MyLab: Automated Instant-Clone Farm (VMware Horizon)

Introduction

This post will discuss the initial setup and configuration for an Automated Instant-Clone Farm for use with VMware Horizon. I am going to use this farm to publish applications and connect them into Workspace ONE Access (WS1 Access). Workspace ONE Access is not required for this technology, but can be leveraged. In this example, I am also going to leverage VMware App Volumes instead of installing the applications directly on the server.

Basically, after installing the Remote Desktop Services Role, we will restrict users to a single session through a local group policy, install the VMware Horizon Agent, install the VMware App Volumes Agent, and finally run the VMware Operating System Optimization Tool (OSOT). Once complete, the virtual machine can be shut down, a snapshot can be taken, and then a Farm can be established in the VMware Horizon Console.

Continue reading “MyLab: Automated Instant-Clone Farm (VMware Horizon)”

MyLab: Workspace ONE Access (post v2)

Preparing to Deploy the VMware Workspace ONE Access Appliance

Preparation tasks include the following:

  • Download the VMware Workspace ONE Access OVA file (customerconnect.vmware.com)
  • Create DNS records (forward (A) and reverse lookup (PTR) records are required)
  • Obtain IP addresses
  • Create the Workspace ONE Access Service Database (either using Windows Authentication Mode or Local SQL Server Authentication) — Explained later in this post
  • Change SQL Server Database Auto Growth Settings for Workspace ONE Access — Explained later in this post
Continue reading “MyLab: Workspace ONE Access (post v2)”

MyLab: VMware Horizon True SSO

An Enterprise Certificate Authority needs to be accessible. Certificates are a big part of True SSO. There are going to be short term certificates that will be issued. True SSO will require the following servers and services:

  • A deployed and configured Workspace ONE Access appliance
  • A configured Workspace ONE Access connector with the VMware Virtual App Sync service configured
  • A synced Virtual Apps Collection in Workspace ONE Access
  • An Enterprise Certificate Authority
  • Smart Cards authentication configured in Active Directory
  • VMware Horizon Connection Server
  • VMware Horizon Enrollment Server
  • VMware Workspace ONE Access appliance
  • VMware Workspace ONE Access Connector

Familiarity with the command line is helpful, but not necessary as well.

Continue reading “MyLab: VMware Horizon True SSO”