A Technology Journey
I am choosing to install Microsoft Remote Desktop Session Host servers to host published applications. I am going to use an automated farm which means there will be a virtual machine that will act as a single “golden image” and will be replicated to more than one. This eases management when installing new applications and updating previously installed applications.
Continue reading “MyLab: Microsoft Remote Desktop Session Host (RDSH)”I am choosing to install VMware Unified Access Gateway (UAG) 23.09 (current at the time of writing) so that I can access my Virtual Desktop Infrastructure (VDI) without the hassle of using a Virtual Private Network (VPN).
Continue reading “MyLab: VMware Unified Access Gateway (UAG)”From time to time, I completely wipe out my lab and just start over. This keeps me fresh on the technology and allows me to discover new puzzles as software is always changing. The one thing that is consistent in my lab is a VMware host, a PowerEdge R730xd, and a Synology DS1511+ Network Attached Storage (NAS).
These new posts are going to allow me to capture any details and be the living documentation. My lab may come up and go down, but a lot of the times I use similar Group Policies or names. These posts will be the information that stays current while the lab is ever changing.
In the future, I would like to get this as code (infrastructure as code), where possible, so that the process is more defined. Rather than build and configure, I would rather configure and build. That is likely a little ways off, however.
To keep things simple, I am going to preface the posts with MyLab: and then include whatever technology I am documenting at that time. The goal for my lab is usually a fully secured and operational VMware Horizon implementation.
Continue reading “MyLab: Overview”For my domain, I am going to use Microsoft Windows Server 2022 and build two domain controllers (DC1 and DC2) in a new forest called aaronrombaut.com. The domain controllers will provide critical services such as Domain Name System (DNS), authentication, and time services to other domain joined computers and servers. VMware Horizon (and other products) components (VMware Horizon and VMware App Volumes) rely on domain joined Windows Servers still, so without domain controllers, there would be no VMware Horizon Virtual Desktop Infrastructure (VDI) to build.
Continue reading “MyLab: The Domain Controller”A database is required for quite a few components used in VMware Horizon. For this Service, I am going to install Microsoft SQL Server 2019 Standard Edition as this is compatible with both VMware Horizon and VMware App Volumes.
To ensure compatibility in the future, check the VMware Product Interoperability Matrix.
Continue reading “MyLab: The Database”I am a strong proponent to securing an infrastructure with customer-signed Transport Layer Security (TLS) certificates internally and only using third party certificates where absolutely necessary for external services.
For this service, I am going to build a two-tier Microsoft certificate authority (CA) using Windows Server 2022. One virtual machine will be a root authority and the other will be an intermediate CA where the certificates will actually be provisioned from. It is recommended to shut down and remove the Root CA, but I am only going to shut down (and not remove) the Root CA virtual machine in my lab.
Continue reading “MyLab: The Certificates”I am choosing to install VMware Dynamic Environment Manager (DEM) to quickly perform tasks on user profiles and save profile data. Using DEM is easier to administer user-based Group Policies than Active Directory and (I think) more predictable.
Continue reading “MyLab: VMware Dynamic Environment Manager (DEM)”