2. Choose the Windows authentication radio button.
3. Select the Default database for App Volumes Manager if it was already created. You can assign it later after creating the database if needed.
4. Select the Default language
Do not click OK!
On the Server Roles page, choose the sysadmin checkbox to grant the role to the user. Don’t click OK, yet.
On the User Mapping page, Choose the checkbox next to the database being mapped to the user (computer) account (assuming the database has already been created).
Click OK.
Verify the computer account is added to the list of logins.
I will start out this post to mention that if you try to install App Volumes 4 and are stuck on the SQL database portion trying to get Windows Integrated Authentication (WIA) working, you are not alone. I have spent countless hours troubleshooting this and looking for documentation. Documentation seems to be almost non-existent regarding the database requirements, besides which version to use, but nothing specific on database settings or user/computer/other authentication settings. It is very frustrating.
I am going to assume that you have some level of technical proficiency if you are this far along in your journey and will not add mundane details like how to mount an ISO or what buttons to click unless following a particular workflow and feel the details are absolutely necessary. Let’s get started…
Check the I accept the terms in the License Agreement checkbox (you did read all that, right?) and Click Next.
Choose the Install App Volumes Manager radio button since we are installing the App Volumes Manager. Click Next.
Not Shown! – You may be presented with a Windows User Account Control (UAC) prompt. Move past this accordingly. The installation up to this point has been a bootstrap of sorts. The next screens will do the actual Manager installation.
Déjà vu? Groundhog Day? Now we proceed with the actual installation of App Volumes Manager. Click Next.
Choose the Connect to an existing SQL Server Database radio button. Click Next.
There is a lot going on at this step. If you read the beginning of this post and followed the two additional articles provided, you should not have any trouble using Windows Integrated Authentication here. To quickly recap:
Your MS SQL server and App Volumes Manager servers can resolve DNS forward and reverse lookup records
Your MS SQL server has a TLS certificate in the local machine certificate store
The user running your MS SQL service has been provided access to the MS SQL server’s private key
The MS SQL server has been configured to use the machine’s TLS certificate
Choose the Windows Integrated Authentication radio button.
Click the Browse… button. If your authentication works properly, this is a good test as it will either show you the databases or it will present you an error.
Choose the database specified for use with App Volumes and click Next.
4. Check the Enable SQL Server certificate validation checkbox.
Click Next.
Almost there, if you are to this point, the hardest part of the installation is over! Leave the default ports unless you like to complicate your life. Click Next.
Optional: Change the installation location if necessary.
Click Next.
Click Install. Take a break! The installer will need a few minutes to install the software.
Confirm that the Wizard completed successfully. See Troubleshooting section below if you did not have a successful installation.
Click Finish.
You have completed the install, but there are some prerequisite steps to take to make the configuration easier and work the first time. Check out the article here: Installing VMware App Volumes 4 Manager – Part 2.
Troubleshooting
Be sure to read the finished dialog! You may receive the following, reporting that the Wizard ended prematurely. You will have to open up the logs and investigate; navigate to your installation directory and look at the logs. The issue that generated the following screenshot for me was either a self-signed certificate issue or a SQL Server issue because I didn’t add the App Volumes Manager server login to the MS SQL server and assign it to the App Volumes database (see below for specific error message and how to fix). Delete the Cloud Volumes directory and try the installation again.
From the inst_ruby_script.log file, you see the following:
E, [2020-11-19T11:43:30.666302 #3196] ERROR -- : ERROR: 28000 (18456) [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Login failed for user 'AARONROMBAUT\APP-001V$'.
E, [2020-11-19T11:43:30.666571 #3196] ERROR -- : ["script/odbc_driver_validator.rb:145:in drvconnect'", "script/odbc_driver_validator.rb:145:inconnect_using_conn_string'", "script/odbc_driver_validator.rb:34:in odbc_connection'", "script/odbc_driver_validator.rb:76:invalidate_conn_and_version'", "script/odbc_driver_validator.rb:183:in <encoded>'", "script/odbc_driver_validator.rb:2:inRGLoader_load'", "script/odbc_driver_validator.rb:2:in `
'"]
Unable to connect to SQLServer. Exiting with status -1.
4. Open Sql Server Configuration Manager. Right-click Protocols for <INSTANCE-NAME>, choose Properties.
5. Click on the Certificate tab.
6. Choose the machine certificate you added earlier, click OK.
7. Back on the Sql Server Configuration Manager window, double-click TCP/IP.
8. Ensure the following settings:
9. Check the Active, Enabled, IP Address, and TCP Port settings. Modify as necessary and click OK. If you do make any modifications, be sure to restart the SQL service.
Creating the VMware Horizon Database and User
Open Microsoft SQL Server Management Studio.
Ensure the SQL server authentication is set to SQL Server and Windows Authentication mode. VMware Horizon does not use Integrated Windows Authentication. (https://docs.vmware.com/en/VMware-Horizon-7/7.12/horizon-installation/GUID-1360BFDF-9F90-47FD-8B6C-E842CF951A53.html)
3. Right-click Databases and choose New Database…
4. Fill in the Database name with a meaningful name. Click OK.
5. Expand Security and Right-click Logins.
6. On the General page, fill in the Login name with a meaningful name. Also choose a password and uncheckEnforce password policy unless you use a strong password. Change the Default database and Default language accordingly.
7. On the Server Roles page, check the sysadmin role.
8. On the User Mapping page, check the database name you created earlier. Click OK.
Configure the Event Database on Horizon View Connection Server
I was configuring VMware App Volumes and ran into an issue where the installer reported a MS SQL security alert. Since I am trying to get this to work in a production-like environment, I did not want to just “Trust server certificate” and move along. I wanted this to be installed appropriately. A couple minutes Googling and this post is a record of my findings for the future. Hopefully, it may help you as well if you stumbled here. Here is a screenshot of the security alert.
First of all, make sure you have a CA-signed certificate loaded in the Personal store on the server hosting your MS SQL Server. You can quickly check your machine certificates by clicking the Start button or opening Run and typing certlm.msc. If you don’t have that, stop here and go get one. I used Let’s Encrypt for my certificate.
The next thing you want to do is verify the service account that is running your MS SQL Server. In my case, I am using the default NT Service\MSSQLSERVER.
Right-click on your machine certificate and point to All Tasks, and choose Manage Private Keys…
The Permissions window opens up.
Add the account you verified as the Log On As user when checking the Services.msc management console. (You may need to change the location to the local server name from the Locations… button on the side of the SelectUsers or Groups window.) Ensure the user has Full Control on the certificate.
Go back to the Services.msc console and restart the SQL Server service and you should no longer have authentication or trust issues with connecting services.
