Eric Monjoin
Staff Consulting Architect but also pilot, spending time in front of my computer or flying in the air...

Author: eric

New Horizon Cloud Connector v1.10.0

What’s New March 25, 2021 (v2103, v1.10, v21.03, v21.1)

  • Horizon Cloud Administration Console is now Horizon Universal Console.
  • Universal Broker and multi-cloud assignments are now available for existing deployments of Horizon Cloud pods on Microsoft Azure. Universal Broker provides a single URL for end-users to access virtual desktops and apps, whether on-premises or in the cloud, as well as multi-cloud assignments that enable you to create dedicated and floating virtual desktop assignments that span multiple pods and sites.
  • Universal Broker and multi-cloud assignments now support Horizon pods on Azure VMware Solutions (AVS), enabling unified brokering of multi-cloud assignments across hybrid and multi-cloud deployments, supporting both Horizon pods and Horizon Cloud pods on Microsoft Azure.
  • App Volumes for Horizon Cloud pods on Microsoft Azure now supports Windows 10 Enterprise multi-session, allowing multiple users to each login into individual sessions with their own app assignments. App Volumes and MSIX app attach formats can be delivered to a session simultaneously, and the App Volumes agent will use the correct mode of virtualization for each format respectively.
  • Multi-cloud virtual desktop assignments for Horizon Cloud pods on Microsoft Azure now support multiple tenant subnets from either the pod’s VNet or from multiple connected, peered VNets. (Feature debuted on February 23, 2021)
  • Image Management Service for Horizon Cloud pods on Microsoft Azure is in Limited Availability. For more information and to request access to this feature, please email the VMware Horizon Cloud Service team at horizoncloudservice@vmware.com.
  • Administrators can now generate Agent DCT logs from within the console for virtual desktop assignments and Farms on Horizon Cloud pods on Microsoft Azure. This feature is in Limited Availability. For more information, please email the VMware Horizon Cloud Service team at horizoncloudservice@vmware.com.

AppVolumes 2103 (4.4) Tools – Off line packaging for both AppVolumes On-Prem and on Azure

One of the great update from AppVolumes 2103 (aka 4.4) is now you can install only App Volumes Tools and package applications offline from a simple VM on VMware Workstation for example and produce the same package for App Volumes on Prem (.vmdk file) and for App Volumes on Azure (.vhd files). So exactly the same package for both environment.

So let me describe how I created my “Capture and Build” VM, how to capture and import your applications….

Continue reading…

Awaited feature now available on Horizon 2103… Join VM in untrusted Domains

One year ago I posted a feature request for one of my customer who require to deploy Instant Clone VM on many Active Directory domain without Trust Relationship within each other and with the domain used by the Horizon Connection Server, so what was my surprise when I received the Announcing General Availability of Horizon Enterprise 2103 and saw this feature is now available 🙂

New Release of Horizon Enterprise 2103 and Unified Access Gateway 2103

What’s New?

  • Horizon Server
    • Added support for “Global Access Group”
    • Added support for open source database — “PostgresSQL”
    • Added support for untrusted domain
    • Pegged unabated growth of event database
    • Ability to pre-assign computer names to instant clone desktops
    • Delivered View API parity REST APIs
  • Horizon Agents & Clients
    • Teams offload Mac client
    • USB redirection for HTML Access & Chrome client
    • Pen redirection iOS & Android
    • HEVC 444 Intel GPU Linux client
    • Bandwidth control for integrated printing
    • Serial port improvements, auto mapping, ID passing
    • Agent hot patch via MSP
    • Expose HCA, H.264/H.265 enablement and networking client settings to registry and GPO template
    • Drop 32-bit support Windows agent, Linux agent and client
  • App Volumes
    • Support for Windows 10 Enterprise multi-session on Horizon Cloud on Azure
    • App Volumes Command-Line Capture Program for working with App Volumes and MSIX formatted VMDK and VHD packages
    • Global option to allow the same packages to work across both VDI/RDSH regardless of the packaging OS used
  • Dynamic Environment Manager
    • Replication of the Script folder in SyncTool
    • Simplification of computer environment configuration
    • Support for late arrival of system environment variables in agent configuration for computer environment settings
    • Improvements in default printer logic to roam default printer settings for redirected printers

Horizon Cloud from Zero to Hero – Set your Azure AD subscription ready for Horizon Cloud

In order to deploy Horizon Cloud on Azure, you first need to perform many task on Azure side like creating Virtual Network and so on. This can be done from the Azure portal or you can also use PowerShell to accomplish all tasks…

Before, let me tell you that all the merit for the following script must go to my colleague Roch Norwa and you can find the initial version on his blog here : https://digitalworkspace.blog/2020/04/19/horizon-cloud-on-azure-introduction-and-deployment-automation-script/

I made some slight changes to Roch scripts :

  • Added registration of Microsoft.SQL to the management subnet
  • Use only one Virtual Networ instead of 2
  • Use 3 of subnets instead of 2 : Management, VDI (and RDS host) and UAG
  • Changed Register-AzureRmResourceProvider for Register-AzResourceProvider
Continue reading…

PowerCLI and VMware Horizon.. error BaseImageVM_List

PowerShell and more specifically VMware PowerCLI (who are the PowerShell commands to manage VMware Infrastructure with around 800 cmdlets) are incredible tools who extremely facilitate administrators day to day life…

Now sometime it happens, after an upgrade, that didn’t work any more as expected.

In order to manage Horizon deployment using PowerShell scripts, using PowerCLI is not enough and you need to add the VMware.HV.Helper modules who contains many commands and more especially the New-HVPool one in order to create Horizon pools.

Continue reading…

vCenter 7 – Depreciation of IWA…

Every Friday we have an informal meeting with peoples from VMware PS: Architect, Sr Consultant and Consultant but also TAM and Project manager as well and today we spoke about the depreciation of IWA with vCenter 7 and so the necessity to move to AD FS for upcoming release :

Deprecation of Integrated Windows Authentication

Integrated Windows Authentication (IWA) is deprecated in vSphere 7.0 and will be removed in a future release. For more information, see VMware Knowledge Base article 78506

So we started to have look about how to move from IWA to AD FS and for this I deployed a brand new vCenter 7 on my own labs as many questions arise : How other applications will deal with this change (I mainly thought to Horizon and App Volumes Manager) but also could we still connect using the local vsphere.local domain. Spoiler : Yes it works for both (external apps and using local account)

Now let see how to configure this 🙂

Continue reading…

Adding Static Route to WS1 Access

I had a request from Spanish colleagues about adding static routes to Workspace One Access (in their case it was because of database in a different network).

I first had a look on our internal channel on Slack and find a first way to do it … but with Identity Manager version 3.3. However, when I try to test it in my Home Lab using my on-premise WS1 Access 20.10 it was totally different. vIDM 3.3 is based on Suse Linux when WS1 Access 20.10 is based on Photon 3. After some exchange by mail with my colleagues, they sent me the procedure they used for their deployment… different for the first two !!!
Yes they deployed Workspace One Access 20.01…

Basically both method work with vIDM 3.3 and Workspace One v20.01 as both are running Suse Linux

AD FS as IdP for Workspace ONE Access and UAG

I’ll not talk about the configuration of AD FS itself but how to create the relying party for both Workspace ONE Access and UAG… spoiler: the configuration is not the same 🙂

So here the common part who consist to the creation of the Relying Party Trusts:

Open you AD FS Manager, select “Relying Party Truts” and with the select “Add Relying Party Trust…

Azure AD as IdP for Workspace One Access

This tuto will show you how to configure Azure AD as a 3rd party Identity Provider for Workspace One Access.

Note : In my case, the default Azure AD domain is alfadir.onmicrosoft.com but in order to match with my on-premise Active Directory I had to use not the email address or UPN but the “Alternate email”

So the first thing to do is to create a “New Application” in Azure, once logged on Azure Portal as Admin, select “Azure Active Directory“, then on the left pane, select “Enteprise applications” and click “New Application“: