VMware Horizon View - 6.1, Horizon 6.1 Architecture Planning

View Architecture Planning
VMware Horizon 6
Version 6.1
This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
EN-001739-00
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2009–2015 VMware, Inc. All rights reserved. Copyright and trademark information.
VMware, Inc.
3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com
2 VMware, Inc.

Contents

View Architecture Planning 5
Introduction to View 7
1
Advantages of Using View 7
View Features 9
How the Components Fit Together 11
Integrating and Customizing View 15
Planning a Rich User Experience 19
2
Feature Support Matrix for View Agent 19
Choosing a Display Protocol 21
Using Hosted Applications 23
Using View Persona Management to Retain User Data and Settings 24
Using USB Devices with Remote Desktops and Applications 25
Using the Real-Time Audio-Video Feature for Webcams and Microphones 26
Using 3D Graphics Applications 26
Streaming Multimedia to a Remote Desktop 27
Printing from a Remote Desktop 27
Using Single Sign-On for Logging In to a Remote Desktop 28
Using Multiple Monitors 28
Managing Desktop and Application Pools from a Central Location 29
3
Advantages of Desktop Pools 29
Advantages of Application Pools 30
Reducing and Managing Storage Requirements 31
Application Provisioning 36
Using Active Directory GPOs to Manage Users and Desktops 38
VMware, Inc.
Architecture Design Elements and Planning Guidelines for Remote Desktop
4
Deployments 41
Virtual Machine Requirements for Remote Desktops 42
View ESXi Node 46
Desktop Pools for Specific Types of Workers 47
Desktop Virtual Machine Configuration 50
RDS Host Virtual Machine Configuration 51
vCenter Server and View Composer Virtual Machine Configuration 51
View Connection Server Maximums and Virtual Machine Configuration 53
vSphere Clusters 54
Storage and Bandwidth Requirements 56
View Building Blocks 64
View Pods 64
3
Advantages of Using Multiple vCenter Servers in a Pod 67
Planning for Security Features 69
5
Understanding Client Connections 69
Choosing a User Authentication Method 71
Restricting Remote Desktop Access 74
Using Group Policy Settings to Secure Remote Desktops and Applications 75
Implementing Best Practices to Secure Client Systems 75
Assigning Administrator Roles 75
Preparing to Use a Security Server 76
Understanding View Communications Protocols 81
Overview of Steps to Setting Up a View Environment 89
6
Index 91
4 VMware, Inc.

View Architecture Planning

View Architecture Planning provides an introduction to VMware Horizon™ 6, including a description of its major features and deployment options and an overview of how the components are typically set up in a production environment.
This guide answers the following questions:
Does the product solve the problems you need it to solve?
n
Would it be feasible and cost-effective to implement this solution in your enterprise?
n
Not all features and capabilities of VMware Horizon 6 are available in all editions. For a comparison of feature sets in each edition, see
http://www.vmware.com/files/pdf/products/horizon-view/VMware-Horizon-View-Pricing-Licensing­FAQ.pdf.
To help you protect your installation, this guide also provides a discussion of security features.
Intended Audience
This information is intended for IT decision makers, architects, administrators, and others who need to familiarize themselves with the components and capabilities of this product. With this information, architects and planners can determine whether View satisfies the requirements of their enterprise for efficiently and securely delivering Windows desktops and applications to their end users. The example architecture helps planners understand the hardware requirements and setup effort required for a large­scale deployment.
VMware, Inc.
5
6 VMware, Inc.

Introduction to View 1

With View, IT departments can run remote desktops and applications in the datacenter and deliver these desktops and applications to employees as a managed service. End users gain a familiar, personalized environment that they can access from any number of devices anywhere throughout the enterprise or from home. Administrators gain centralized control, efficiency, and security by having desktop data in the datacenter.
This chapter includes the following topics:
“Advantages of Using View,” on page 7
n
“View Features,” on page 9
n
“How the Components Fit Together,” on page 11
n
“Integrating and Customizing View,” on page 15
n

Advantages of Using View

When you manage enterprise desktops with View, the benefits include increased reliability, security, hardware independence, and convenience.
Reliability and Security
Desktops and applications can be centralized by integrating with VMware vSphere® and virtualizing server, storage, and networking resources. Placing desktop operating systems and applications on a server in the datacenter provides the following advantages:
Access to data can easily be restricted. Sensitive data can be prevented from being copied onto a remote
n
employee's home computer.
RADIUS support provides flexibility when choosing among two-factor authentication vendors.
n
Supported vendors include RSA SecureID, VASCO DIGIPASS, SMS Passcode, and SafeNet, among others.
Integration with VMware Workspace™ Portal means that end users have on-demand access to remote
n
desktops through the same Web-based application catalog they use to access SaaS, Web, and Windows applications. Inside a remote desktop, users can also use this custom app store to access applications.
The ability to provision remote desktops with pre-created Active Directory accounts addresses the
n
requirements of locked-down Active Directory environments that have read-only access policies.
Data backups can be scheduled without considering when end users' systems might be turned off.
n
VMware, Inc.
7
Remote desktops and applications that are hosted in a datacenter experience little or no downtime.
n
Virtual machines can reside on high-availability clusters of VMware servers.
Virtual desktops can also connect to back-end physical systems and Microsoft Remote Desktop Services (RDS) hosts.
Convenience
The unified management console is built for scalability so that even the largest View deployments can be efficiently managed from a single management interface. Wizards and dashboards enhance the workflow and facilitate drilling down to see details or change settings. Figure 1-1 provides an example of the browser­based user interface for View Administrator.
Figure 11. Administrative Console Showing the Dashboard View
Another feature that increases convenience is the VMware remote display protocol, PCoIP. The PCoIP (PC­over-IP) display protocol delivers an end-user experience equal to the current experience of using a physical PC:
On LANs, the display is faster and smoother than traditional remote displays.
n
On WANs, the display protocol can compensate for an increase in latency or a reduction in bandwidth,
n
ensuring that end users can remain productive regardless of network conditions.
Manageability
Provisioning desktops and applications for end users is a quick process. No one is required to install applications one by one on each end user's physical PC. End users connect to a remote application or a remote desktop complete with applications. End users can access their same remote desktop or application from various devices at various locations.
Using VMware vSphere to host virtual desktops and RDS host servers provides the following benefits:
Administration tasks and management chores are reduced. Administrators can patch and upgrade
n
applications and operating systems without touching a user's physical PC.
8 VMware, Inc.
Chapter 1 Introduction to View
Integration with Workspace Portal means that IT managers can use the Web-based Workspace Portal
n
administration interface to monitor user and group entitlements to remote desktops.
With View Persona Management, physical and virtual desktops can be centrally managed, including
n
user profiles, application entitlement, policies, performance, and other settings. Deploy View Persona Management to physical desktop users prior to converting to virtual desktops.
Storage management is simplified. Using VMware vSphere, you can virtualize volumes and file
n
systems to avoid managing separate storage devices.
With vSphere 6.0 or a later release, you can use Virtual Volumes (VVols). This feature maps virtual
n
disks and their derivatives, clones, snapshots, and replicas, directly to objects, called virtual volumes, on a storage system. This mapping allows vSphere to offload intensive storage operations such as snapshoting, cloning, and replication to the storage system. The result, for example, is that a cloning operation that previously took an hour might now take just a few minutes using Virtual Volumes.
With vSphere 5.5 Update 1 or a later release, you can use Virtual SAN, which virtualizes the local
n
physical solid-state disks and hard disk drives available on ESXi™ hosts into a single datastore shared by all hosts in a cluster. You specify only one datastore when creating a desktop pool, and the various components, such as virtual machine files, replicas, user data, and operating system files, are placed on either SSD disks or hard drive disks, as appropriate.
You manage virtual machine storage requirements, such as capacity, performance, and availability, in the form of default storage policy profiles, which get created automatically when you create a desktop pool.
With the View storage accelerator, the IOPS storage load is dramatically reduced, supporting end-user
n
logins at larger scales without requiring any special storage array technology.
If remote desktops use the space-efficient disk format available with vSphere 5.1 and later, stale or
n
deleted data within a guest operating system is automatically reclaimed with a wipe and shrink process.
Hardware Independence
Remote desktops and applications are hardware-independent. For example, because a remote desktop runs on a server in the datacenter and is only accessed from a client device, a remote desktop can use an operating system that might not be compatible with the hardware of the client device.
For example, although Windows 8 can run only on Windows 8-enabled devices, you can install Windows 8 in a virtual machine and use that virtual machine on a PC that is not Windows 8-enabled.
Remote desktops run on PCs, Macs, thin clients, PCs that have been repurposed as thin clients, tablets, and phones. Remote applications run on a subset of these devices. New device support is added quarterly.
If you use the HTML Access feature, end users can open a remote desktop inside a browser, without having to install any client application on the client system or device.

View Features

Features included in View support usability, security, centralized control, and scalability.
The following features provide a familiar experience for the end user:
On Microsoft Windows client devices, print from a virtual desktop to any local or networked printer
n
that is defined on the Windows client device. This virtual printer feature solves compatibility issues and does not require you to install additional print drivers in a virtual machine.
On most client devices, use the location-based printing feature to map to printers that are physically
n
near the client system. Location-based printing does require that you install print drivers in the virtual machine.
VMware, Inc. 9
Use multiple monitors. With PCoIP multiple-monitor support, you can adjust the display resolution
n
and rotation separately for each monitor.
Access USB devices and other peripherals that are connected to the local device that displays your
n
virtual desktop.
You can specify which types of USB devices end users are allowed to connect to. For composite devices that contain multiple types of devices, such as a video input device and a storage device, you can split the device so that one device (for example, the video input device) is allowed but the other device (for example, the storage device) is not.
Use View Persona Management to retain user settings and data between sessions even after the desktop
n
has been refreshed or recomposed. View Persona Management has the ability to replicate user profiles to a remote profile store (CIFS share) at configurable intervals.
You can also use a standalone version of View Persona Management on physical computers and virtual machines that are not managed by View.
View offers the following security features, among others:
Use two-factor authentication, such as RSA SecurID or RADIUS (Remote Authentication Dial-In User
n
Service), or smart cards to log in.
Use pre-created Active Directory accounts when provisioning remote desktops and applications in
n
environments that have read-only access policies for Active Directory.
Use SSL tunneling to ensure that all connections are completely encrypted.
n
Use VMware High Availability to ensure automatic failover.
n
Scalability features depend on the VMware virtualization platform to manage both desktops and servers:
Integrate with VMware vSphere to achieve cost-effective densities, high levels of availability, and
n
advanced resource allocation control for your remote desktops and applications.
Use the View storage accelerator feature to support end-user logins at larger scales with the same
n
storage resources. This storage accelerator uses features in the vSphere 5 platform to create a host memory cache of common block reads.
Configure View Connection Server to broker connections between end users and the remote desktops
n
and applications that they are authorized to access.
Use View Composer to quickly create desktop images that share virtual disks with a master image.
n
Using linked clones in this way conserves disk space and simplifies the management of patches and updates to the operating system.
The following features provide centralized administration and management:
Use Microsoft Active Directory to manage access to remote desktops and applications and to manage
n
policies.
Use View Persona Management to simplify and streamline migration from physical to virtual desktops.
n
Use the Web-based administrative console to manage remote desktops and applications from any
n
location.
Use View Administrator to distribute and manage applications packaged with VMware ThinApp™.
n
Use a template, or master image, to quickly create and provision pools of desktops.
n
Send updates and patches to virtual desktops without affecting user settings, data, or preferences.
n
Integrate with Workspace Portal so that end users can access remote desktops through the user portal
n
on the Web, as well as use Workspace Portal from a browser inside a remote desktop.
10 VMware, Inc.
Integrate with Mirage™ and Horizon FLEX™ to manage locally installed virtual machine desktops and
n
to deploy and update applications on dedicated full-clone remote desktops without overwriting user­installed applications.

How the Components Fit Together

End users start Horizon Client to log in to View Connection Server. This server, which integrates with Windows Active Directory, provides access to remote desktops hosted on a VMware vSphere server, a physical PC, or a Microsoft RDS host. Horizon Client also provides access to remote applications on a Microsoft RDS host.
NOTE View supports the following Active Directory Domain Services (AD DS) domain functional levels:
Windows Server 2003
n
Windows Server 2008
n
Windows Server 2008 R2
n
Windows Server 2012
n
Windows Server 2012 R2
n
View does not support Novell DSFW (Domain Services For Windows).
Chapter 1 Introduction to View
Figure 1-2 shows the relationship between the major components of a View deployment.
VMware, Inc. 11
tablet
ESXi hosts running Virtual Desktop virtual machines
View
Connection
Server
View
Administrator
(browser)
VMware vCenter Server
with View Composer
network
Windows client
Thin Client
Virtual desktops
ESXi host
VM VM VM
VM VM VM
VM
Virtual machine
Desktop OS
app app app
View Agent
Microsoft
Active Directory
RDS hosts
physical PCs
non-vCenter VMs
View Agent
ThinApp
Mac client
Figure 12. High-Level Example of a View Environment

Client Devices

A major advantage of using View is that remote desktops and applications follow the end user regardless of device or location. Users can access their personalized virtual desktop or remote application from a company laptop, their home PC, a thin client device, a Mac, or a tablet or phone.
End users open Horizon Client to display their remote desktops and applications. Thin client devices use View thin client software and can be configured so that the only application that users can launch directly on the device is View Thin Client. Repurposing a legacy PC into a thin client desktop can extend the life of the hardware by three to five years. For example, by using View on a thin desktop, you can use a newer operating system such as Windows 8.x on older desktop hardware.
If you use the HTML Access feature, end users can open a remote desktop inside a browser, without having to install any client application on the client system or device.
12 VMware, Inc.
Chapter 1 Introduction to View

View Connection Server

This software service acts as a broker for client connections. View Connection Server authenticates users through Windows Active Directory and directs the request to the appropriate virtual machine, physical PC, or Microsoft RDS host.
View Connection Server provides the following management capabilities:
Authenticating users
n
Entitling users to specific desktops and pools
n
Assigning applications packaged with VMware ThinApp to specific desktops and pools
n
Managing remote desktop and application sessions
n
Establishing secure connections between users and remote desktops and applications
n
Enabling single sign-on
n
Setting and applying policies
n
Inside the corporate firewall, you install and configure a group of two or more View Connection Server instances. Their configuration data is stored in an embedded LDAP directory and is replicated among members of the group.
Outside the corporate firewall, in the DMZ, you can install and configure View Connection Server as a security server. Security servers in the DMZ communicate with View Connection Servers inside the corporate firewall. Security servers ensure that the only remote desktop and application traffic that can enter the corporate data center is traffic on behalf of a strongly authenticated user. Users can access only the resources that they are authorized to access.
Security servers offer a subset of functionality and are not required to be in an Active Directory domain. You install View Connection Server in a Windows Server 2008 R2 or Windows Server 2012 R2 server, preferably on a VMware virtual machine.
IMPORTANT It is possible to create a View setup that does not use View Connection Server. If you install the View Agent Direct Connect Plugin in a remote virtual machine desktop, the client can connect directly to the virtual machine. All the remote desktop features, including PCoIP, HTML Access, RDP, USB redirection, and session management work in the same way, as if the user had connected through View Connection Server. For more information, see View Agent Direct-Connection Plugin Administration.

Horizon Client

The client software for accessing remote desktops and applications can run on a tablet, a phone, a Windows, Linux, or Mac PC or laptop, a thin client, and more.
After logging in, users select from a list of remote desktops and applications that they are authorized to use. Authorization can require Active Directory credentials, a UPN, a smart card PIN, or an RSA SecurID or other two-factor authentication token.
An administrator can configure Horizon Client to allow end users to select a display protocol. Protocols include PCoIP and Microsoft RDP for remote desktops. The speed and display quality of PCoIP rival that of a physical PC.
Features differ according to which Horizon Client you use. This guide focuses on Horizon Client for Windows. The following types of clients are not described in detail in this guide:
Details about Horizon Client for tablets, Linux clients, and Mac clients. See the Horizon Client
n
documentation at https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
VMware, Inc. 13
Details about the HTML Access Web client, which allows you to open a remote desktop inside a
n
browser. No Horizon Client application is installed on the client system or device. See the Horizon Client documentation at
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Various third-party thin clients and zero clients, available only through certified partners.
n
View Open Client, which supports the VMware partner certification program. View Open Client is not
n
an official client application and is not supported as such.

VMware Horizon User Web Portal

From a Web browser on a client device, end users can connect to remote desktops and applications through the browser, automatically start Horizon Client if it is installed, or download the Horizon Client installer.
When you open a browser and enter the URL of a View Connection Server instance, the Web page that appears contains links to the VMware Downloads site for downloading Horizon Client. The links on the Web page are configurable, however. For example, you can configure the links to point to an internal Web server, or you can limit which client versions are available on your own View Connection Server.
If you use the HTML Access feature, the Web page also displays a link for accessing remote desktops inside a supported browser. With this feature, no Horizon Client application is installed on the client system or device. For more information, see the Horizon Client documentation at
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.

View Agent

You install the View Agent service on all virtual machines, physical systems, and Microsoft RDS hosts that you use as sources for remote desktops and applications. On virtual machines, this agent communicates with Horizon Client to provide features such as connection monitoring, virtual printing, View Persona Management, and access to locally connected USB devices.
If the desktop source is a virtual machine, you first install the View Agent service on that virtual machine and then use the virtual machine as a template or as a parent of linked clones. When you create a pool from this virtual machine, the agent is automatically installed on every remote desktop.
You can install the agent with an option for single sign-on. With single sign-on, users are prompted to log in only when they connect to View Connection Server and are not prompted a second time to connect to a remote desktop or application.

View Administrator

This Web-based application allows administrators to configure View Connection Server, deploy and manage remote desktops and applications, control user authentication, and troubleshoot end user issues.
When you install a View Connection Server instance, the View Administrator application is also installed. This application allows administrators to manage View Connection Server instances from anywhere without having to install an application on their local computer.

View Composer

You can install this software service on a vCenter Server instance that manages virtual machines or on a separate server. View Composer can then create a pool of linked clones from a specified parent virtual machine. This strategy reduces storage costs by up to 90 percent.
Each linked clone acts like an independent desktop, with a unique host name and IP address, yet the linked clone requires significantly less storage because it shares a base image with the parent.
Because linked-clone desktop pools share a base image, you can quickly deploy updates and patches by updating only the parent virtual machine. End users' settings, data, and applications are not affected.
14 VMware, Inc.
Although you can install View Composer on its own server host, a View Composer service can operate with only one vCenter Server instance. Similarly, a vCenter Server instance can be associated with only one View Composer service.

vCenter Server

This service acts as a central administrator for VMware ESXi servers that are connected on a network. vCenter Server provides the central point for configuring, provisioning, and managing virtual machines in the datacenter.
In addition to using these virtual machines as sources for virtual machine desktop pools, you can use virtual machines to host the server components of View, including View Connection Server instances, Active Directory servers, Microsoft RDS hosts, and vCenter Server instances.
You can install View Composer on the same server as vCenter Server or on a different server. vCenter Server then manages the assignment of the virtual machines to physical servers and storage and manages the assignment of CPU and memory resources to virtual machines.
You can install vCenter Server either as a VMware virtual appliance or install vCenter Server in a Windows Server 2008 R2 server or a Windows Server 2012 R2 server, preferably on a VMware virtual machine.

Integrating and Customizing View

Chapter 1 Introduction to View
To enhance the effectiveness of View in your organization, you can use several interfaces to integrate View with external applications or to create administration scripts that you can run from the command line or in batch mode.
Integrating with Other Components
VMware Workspace Portal
VMware Mirage and Horizon FLEX
You can integrate Workspace Portal with View to provide the following benefits to IT managers and end users:
End users have on-demand access to remote desktops and applications
n
through the same user portal on the Web that they use to access SaaS, Web, and Windows applications, with the same single sign-on convenience.
End users can access Workspace Portal on the Web from inside a remote
n
desktop for applications they need.
If you also use HTML Access, end users can open a remote desktop
n
inside a browser, without having to install any client application on the client system or device.
IT managers can use the browser-based administration console of
n
Workspace Portal to monitor user and group entitlements to remote desktops.
You can use Mirage and Horizon FLEX to deploy and update applications on dedicated full-clone remote desktops without overwriting user-installed applications or data.
Mirage provides a better offline virtual desktop solution than the Local Mode feature that was previously included with View. Mirage includes the following security and management features for offline desktops:
Encrypts the locally installed virtual machine and prevents a user from
n
modifying virtual machine settings that affect the integrity of the secure container.
VMware, Inc. 15
Provides policies, including expiration, available in VMware Fusion™
n
Professional and VMware® Player Plus™, that are comparable to the polices provided with the previous Local Mode feature. Fusion Pro and Player Plus are included with Mirage.
Eliminates the need for users to check in or check out their desktops to
n
receive updates.
Enables administrators to utilize the Mirage layering capability, backup
n
features, and file portal.
Horizon vRealize Orchestrator plug-in
The Horizon vRealize Orchestrator plug-in allows interaction between vCenter Orchestrator and VMware Horizon 6. You can use this plug-in to expand the settings and methods for provisioning remote desktops and applications.
The plug-in contains a set of standard workflows that enable automation, self-service by request and approval, and scalable delegated administration across multi-tenant or highly distributed environments. You can also use these pre-defined workflows to create custom workflows.
Integrating with Popular Video Conferencing Software
Flash URL Redirection
Streaming Flash content directly from Adobe Media Server to client endpoints lowers the load on the datacenter ESXi host, removes the extra routing through the datacenter, and reduces the bandwidth required to simultaneously stream live video events to multiple client endpoints.
The Flash URL redirection feature uses a JavaScript that is embedded inside a Web page by the Web page administrator. Whenever a virtual desktop user clicks on the designated URL link from within a Web page, the JavaScript intercepts and redirects the ShockWave File (SWF) from the virtual desktop session to the client endpoint. The endpoint then opens a local VMware Flash Projector outside of the virtual desktop session and plays the media stream locally.
NOTE With Flash URL Redirection, the multicast or unicast stream is redirected to client devices that might be outside your organization's firewall. Your clients must have access to the Adobe Web server that hosts the ShockWave Flash (SWF) file that initiates the multicast or unicast streaming. If needed, configure your firewall to open the appropriate ports to allow client devices to access this server.
This feature is available only on some types of clients. To find out whether this feature is supported on a particular type of client, see the feature support matrix included in the "Using VMware Horizon Client" document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Microsoft Lync
You can use a Microsoft Lync 2013 client on remote desktops to participate in Unified Communications (UC) VoIP (voice over IP) and video chat calls with Lync certified USB audio and video devices. A dedicated IP phone is no longer required.
16 VMware, Inc.
This architecture requires the installation of a Microsoft Lync 2013 client on the remote desktop and a Microsoft Lync VDI plug-in on the Windows 7 or 8 client endpoint. Customers can use the Microsoft Lync 2013 client for presence, instant messaging, Web conferencing, and Microsoft Office functionality.
Whenever a Lync VoIP or video chat call occurs, the Lync VDI plug-in offloads all the media processing from the datacenter server to the client endpoint, and encodes all media into Lync-optimized audio and video codecs. This optimized architecture is highly scalable, results in lower network bandwidth used, and provides point-to-point media delivery with support for high-quality real-time VoIP and video. For more information, see the white paper about VMware Horizon 6 and Microsoft Lync 2013, at
http://www.vmware.com/files/pdf/techpaper/vmware-horizon-view­microsoft-lync-install-configure.pdf.
NOTE Recording audio is not yet supported. This integration is supported only with the PCoIP display protocol.
Integrating View with Business Intelligence Software
Chapter 1 Introduction to View
You can configure View Connection Server to record events to a Microsoft SQL Server or Oracle database.
End-user actions such as logging in and starting a desktop session.
n
Administrator actions such as adding entitlements and creating desktop pools.
n
Alerts that report system failures and errors.
n
Statistical sampling such as recording the maximum number of users over a 24-hour period.
n
You can use business intelligence reporting engines such as Crystal Reports, IBM Cognos, MicroStrategy 9, and Oracle Enterprise Performance Management System to access and analyze the event database.
For more information, see the View Integration document.
You can alternatively generate View events in Syslog format so that the event data can be accessible to analytics software. If you enable file-based logging of events, events are accumulated in a local log file. If you specify a file share, the log files are moved to that share. For more information, see the View Installation document.
Using View PowerCLI to Create Administration Scripts
Windows PowerShell is a command-line and scripting environment that is designed for Microsoft Windows. PowerShell uses the .NET object model and provides administrators with management and automation capabilities. As with any other console environment, you work with PowerShell by running commands, which are called cmdlets in PowerShell.
The View PowerCLI provides an easy-to-use PowerShell interface to View. You can use the View PowerCLI cmdlets to perform various administration tasks on View components.
Create and update desktop pools.
n
Configure multiple network labels to greatly expand the number of IP addresses assigned to virtual
n
machines in a pool.
Add datacenter resources to a full virtual machine or linked-clone pool.
n
Perform rebalance, refresh, or recompose operations on linked-clone desktops.
n
Sample the usage of specific desktops or desktop pools over time.
n
VMware, Inc. 17
Query the event database.
n
Query the state of services.
n
You can use the cmdlets in conjunction with the vSphere PowerCLI cmdlets, which provide an administrative interface to the VMware vSphere product.
For more information, see the View Integration document.
Modifying LDAP Configuration Data in View
When you use View Administrator to modify the configuration of View, the appropriate LDAP data in the repository is updated. View Connection Server stores its configuration information in an LDAP compatible repository. For example, if you add a desktop pool, View Connection Server stores information about users, user groups, and entitlements in LDAP.
You can use VMware and Microsoft command-line tools to export and import LDAP configuration data in LDAP Data Interchange Format (LDIF) files from and into View. These commands are for advanced administrators who want to use scripts to update configuration data without using View Administrator or View PowerCLI.
You can use LDIF files to perform a number of tasks.
Transfer configuration data between View Connection Server instances.
n
Define a large number of View objects, such as desktop pools, and add these to your View Connection
n
Server instances without using View Administrator or View PowerCLI.
Back up a configuration so that you can restore the state of a View Connection Server instance.
n
For more information, see the View Integration document.
Using SCOM to Monitor View Components
You can use Microsoft System Center Operations Manager (SCOM) to monitor the state and performance of View components, including View Connection Server instances and security servers and the services running on these hosts.
For more information, see the View Integration document.
Using the vdmadmin Command
You can use the vdmadmin command line interface to perform a variety of administration tasks on a View Connection Server instance. You can use vdmadmin to perform administration tasks that are not possible from within the View Administrator user interface or that need to run automatically from scripts.
For more information, see the View Administration document.
18 VMware, Inc.

Planning a Rich User Experience 2

View provides the familiar, personalized desktop environment that end users expect. For example, on some client systems, end users can access USB and other devices connected to their local computer, send documents to any printer that their local computer can detect, authenticate with smart cards, and use multiple display monitors.
View includes many features that you might want to make available to your end users. Before you decide which features to use, you must understand the limitations and restrictions of each feature.
This chapter includes the following topics:
“Feature Support Matrix for View Agent,” on page 19
n
“Choosing a Display Protocol,” on page 21
n
“Using Hosted Applications,” on page 23
n
“Using View Persona Management to Retain User Data and Settings,” on page 24
n
“Using USB Devices with Remote Desktops and Applications,” on page 25
n
“Using the Real-Time Audio-Video Feature for Webcams and Microphones,” on page 26
n
“Using 3D Graphics Applications,” on page 26
n
“Streaming Multimedia to a Remote Desktop,” on page 27
n
“Printing from a Remote Desktop,” on page 27
n
“Using Single Sign-On for Logging In to a Remote Desktop,” on page 28
n
“Using Multiple Monitors,” on page 28
n

Feature Support Matrix for View Agent

When planning which display protocol and features to make available to your end users, use the following information to determine which agent (remote desktop and application) operating systems support the feature.
The types and editions of the supported guest operating system depend on the Windows version.
Table 21. Operating Systems for Linked-Clone and Full-Clone Remote Desktops
Guest Operating System Version Edition Service Pack
Windows 8.1 64-bit and 32-bit Enterprise and
Professional
Windows 8 64-bit and 32-bit Enterprise and
Professional
VMware, Inc. 19
None and Update
None
Table 21. Operating Systems for Linked-Clone and Full-Clone Remote Desktops (Continued)
Guest Operating System Version Edition Service Pack
Windows 7 64-bit and 32-bit Enterprise and
Windows Server 2012 R2 64-bit Datacenter None
Windows Server 2008 R2 64-bit Datacenter SP1
Table 22. Operating Systems for RDS Hosts, Providing Remote Desktops or Applications
Guest Operating System Edition Service Pack
Windows Server 2008 R2 Standard, Enterprise, and
Windows Server 2012 Standard and Datacenter None
Windows Server 2012 R2 Standard and Datacenter None or Update 1
Table 23. Features Supported on Windows Operating Systems Where View Agent Is Installed
Feature
USB access X X X USB flash drives and
Real-Time Audio-Video (RTAV)
RDP display protocol X X X Session-based desktops
PCoIP display protocol X X X Hosted applications
Persona Management X X X
Wyse MMR
Windows Media MMR X X
Location-based printing X X X X
Virtual printing X X X X
Smart cards X X X X
RSA SecurID or RADIUS X X X X
Single sign-on X X X X
Multiple monitors X X X X
Professional
Datacenter
Windows 7 Desktop
X X X
Windows 8.x Desktop
SP1
SP1
Windows Server 2008/2012 R2 Desktop Microsoft RDS Host
hard disks on Windows Server 2012 R2 RDS hosts
only
and session-based desktops
NOTE For information about which features are supported on the various types of client devices, see the Horizon Client documentation at
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
In addition, several VMware partners offer thin client devices for View deployments. The features that are available for each thin client device are determined by the vendor and model and the configuration that an enterprise chooses to use. For information about the vendors and models for thin client devices, see the Thin Client Compatibility Guide, available on the VMware Web site.
20 VMware, Inc.

Choosing a Display Protocol

A display protocol provides end users with a graphical interface to a remote desktop or application that resides in the datacenter. Depending on which type of client device you have, you can choose between PCoIP (PC-over-IP), which VMware provides, or Microsoft RDP (Remote Desktop Protocol).
You can set policies to control which protocol is used or to allow end users to choose the protocol when they log in to a desktop.
NOTE For some types of clients, neither the PCoIP nor the RDP remote display protocol is used. For example, if you use the HTML Access client, available with the HTML Access feature, the Blast protocol is used, rather than PCoIP or RDP.

PCoIP

PCoIP (PC over IP) provides an optimized desktop experience for the delivery of a remote application or an entire remote desktop environment, including applications, images, audio, and video content for a wide range of users on the LAN or across the WAN. PCoIP can compensate for an increase in latency or a reduction in bandwidth, to ensure that end users can remain productive regardless of network conditions.
PCoIP is supported as the display protocol for remote applications and for remote desktops that use virtual machines, physical machines that contain Teradici host cards, or shared session desktops on an RDS host.
Chapter 2 Planning a Rich User Experience
PCoIP Features
Key features of PCoIP include the following:
Users outside the corporate firewall can use this protocol with your company's virtual private network
n
(VPN), or users can make secure, encrypted connections to a security server in the corporate DMZ.
Advanced Encryption Standard (AES) 128-bit encryption is supported and is turned on by default. You
n
can, however, change the encryption key cipher to AES-192 or AES-256.
Connections from all types of client devices.
n
Optimization controls for reducing bandwidth usage on the LAN and WAN.
n
32-bit color is supported for virtual displays.
n
ClearType fonts are supported.
n
Audio redirection with dynamic audio quality adjustment for LAN and WAN.
n
Real-Time Audio-Video for using webcams and microphones on some client types.
n
Copy and paste of text and, on some clients, images between the client operating system and a remote
n
application or desktop. For other client types, only copy and paste of plain text is supported. You cannot copy and paste system objects such as folders and files between systems.
Multiple monitors are supported for some client types. For example, on Windows-based clients, you
n
can use up to four monitors and adjust the resolution for each monitor separately, with a resolution of up to 2560 x 1600 per display. Pivot display and autofit are also supported.
When the 3D feature is enabled, up to 2 monitors are supported with a resolution of up to 1920 x 1200.
USB redirection is supported for some client types.
n
MMR redirection is supported for some Windows client operating systems and some remote desktop
n
operating systems (with View Agent-installed).
VMware, Inc. 21
For information about which desktop operating systems support specific PCoIP features, see “Feature
Support Matrix for View Agent,” on page 19.
For information about which client devices support specific PCoIP features, go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
Recommended Guest Operating System Settings
1GB of RAM or more and a dual CPU is recommended for playing in high-definition, full screen mode, or 720p or higher formatted video. To use Virtual Dedicated Graphics Acceleration for graphics-intensive applications such as CAD applications, 4GB of RAM is required.
Video Quality Requirements
480p-formatted video
720p-formatted video
1080p-formatted video
3D rendering
You can play video at 480p or lower at native resolutions when the remote desktop has a single virtual CPU. If you want to play the video in high­definition Flash or in full screen mode, the desktop requires a dual virtual CPU. Even with a dual virtual CPU desktop, as low as 360p-formatted video played in full screen mode can lag behind audio, particularly on Windows clients.
You can play video at 720p at native resolutions if the remote desktop has a dual virtual CPU. Performance might be affected if you play videos at 720p in high definition or in full screen mode.
If the remote desktop has a dual virtual CPU, you can play 1080p formatted video, although the media player might need to be adjusted to a smaller window size.
You can configure remote desktops to use software- or hardware-accelerated graphics. The software-accelerated graphics feature enables you to run DirectX 9 and OpenGL 2.1 applications without requiring a physical graphics processing unit (GPU). The hardware-accelerated graphics features enable virtual machines to either share the physical GPUs (graphical processing unit) on a vSphere host or dedicate a physical GPU to a single virtual machine desktop.
For 3D applications, up to 2 monitors are supported, and the maximum screen resolution is 1920 x 1200. The guest operating system on the remote desktops must be Windows 7 or later.
For more information about 3D features, see “Using 3D Graphics
Applications,” on page 26.
Hardware Requirements for Client Systems
For information about processor and memory requirements, see the "Using VMware Horizon Client" document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
22 VMware, Inc.
Chapter 2 Planning a Rich User Experience

Microsoft RDP

Remote Desktop Protocol is the same multichannel protocol many people already use to access their work computer from their home computer. Microsoft Remote Desktop Connection (RDC) uses RDP to transmit data.
Microsoft RDP is a supported display protocol for remote desktops that use virtual machines, physical machines, or shared session desktops on an RDS host. (Only the PCoIP display protocol is supported for remote applications.) Microsoft RDP provides the following features:
RDP 7 has true multiple monitor support, for up to 16 monitors.
n
You can copy and paste text and system objects such as folders and files between the local system and
n
the remote desktop.
32-bit color is supported for virtual displays.
n
RDP supports 128-bit encryption.
n
Users outside the corporate firewall can use this protocol with your company's virtual private network
n
(VPN), or users can make secure, encrypted connections to a View security server in the corporate DMZ.
Hardware Requirements for Client Systems
For information about processor and memory requirements, see the "Using VMware Horizon Client" document for the specific type of client system. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
NOTE Mobile client devices use only the PCoIP display protocol.

Using Hosted Applications

You can use Horizon Client to securely access remote Windows-based applications, in addition to remote desktops.
With this feature, after launching Horizon Client and logging in to a View server, users see all the remote applications they are entitled to use, in addition to remote desktops. Selecting an application opens a window for that application on the local client device, and the application looks and behaves as if it were locally installed.
For example, on a Windows client computer, if you minimize the application window, an item for that application remains in the Taskbar and looks identical to the way it would look if it were installed on the local Windows computer. You can also create a shortcut for the application that will appear on your client desktop, just like shortcuts for locally installed applications.
Deploying remote applications in this way might be preferable to deploying complete remote desktops under the following conditions:
If an application is set up with a multi-tiered architecture, where the components work better if they are
n
located geographically near each other, using remote, hosted applications is a good solution.
For example, when a user must access a database remotely, if large amounts of data must be transmitted over the WAN, performance is usually affected. With hosted applications, all parts of the application can be located in the same data center as the database, so that traffic is isolated and only the screen updates are sent across the WAN.
From a mobile device, accessing an individual application is easier than opening a remote Windows
n
desktop and then navigating to the application.
VMware, Inc. 23
To use this feature, you install applications on a Microsoft RDS host. In this respect, View hosted applications work similarly to other application remoting solutions. View hosted applications are delivered using the PCoIP display protocol, for an optimized user experience.

Using View Persona Management to Retain User Data and Settings

You can use View Persona Management with remote desktops and with physical computers and virtual machines that are not managed by View. View Persona Management retains changes that users make to their profiles. User profiles comprise a variety of user-generated information.
User-specific data and desktop settings, which allow the desktop appearance to be the same regard less
n
of which desktop a user logs in to.
Application data and settings. For example, these settings allow applications to remember toolbar
n
positions and preferences.
Windows registry entries configured by user applications.
n
To facilitate these abilities, View Persona Management requires storage on a CIFS share equal or greater than the size of the user's local profile.
Minimizing Logon and Logoff Times
View Persona Management minimizes the time it takes to log on to and off of desktops.
View takes recent changes in the profile on the remote desktop and copies them to the remote
n
repository at regular intervals. The default is every 10 minutes. In contrast, Windows roaming profiles wait until logoff time and copy all changes to the server at logoff.
During logon, by default, View downloads only the files that Windows requires, such as user registry
n
files. Other files are copied to the remote desktop when the user or an application opens them from the profile folder in the remote desktop.
You can configure View to download specified files when the user logs in and download other files in the background.
With View Persona Management, during logoff, only files that were updated since the last replication
n
are copied to the remote repository.
With View Persona Management, you can avoid making any changes to Active Directory in order to have a managed profile. To configure Persona Management, you specify a central repository, without changing the user's properties in Active Directory. With this central repository, you can manage a user's profile in one environment without affecting the physical machines that users might also log on to.
With View Persona Management, if you provision desktops with VMware ThinApp applications, the ThinApp sandbox data can also be stored in the user profile. This data can roam with the user but does not significantly affect logon times. This strategy provides better protection against data loss or corruption.
Configuration Options
You can configure View personas at several levels: a single remote desktop, a desktop pool, an OU, or all remote desktops in your deployment. You can also use a standalone version of View Persona Management on physical computers and virtual machines that are not managed by View.
By setting group policies (GPOs), you have granular control of the files and folders to include in a persona:
Specify whether to include the local settings folder. This policy affects the AppData\Local folder.
n
Specify which files and folders to load at login time. For example: Application
n
Data\Microsoft\Certificates. Within a folder, you can also specify files to exclude.
24 VMware, Inc.
Chapter 2 Planning a Rich User Experience
Specify which files and folders to download in the background after a user logs in to the desktop.
n
Within a folder, you can also specify files to exclude.
Specify which files and folders within a user's persona to manage with Windows roaming profiles
n
functionality instead of View Persona Management. Within a folder, you can also specify files to exclude.
As with Windows roaming profiles, you can configure folder redirection. You can redirect the following folders to a network share.
Contacts My Documents Save Games
Cookies My Music Searches
Desktop My Pictures Start Menu
Downloads My Videos Startup Items
Favorites Network Neighborhood Templates
History Printer Neighborhood Temporary Internet Files
Links Recent Items
To configure a remote repository to store personas, you can use either a network share or an existing Active Directory user profile path that you configured for Windows roaming profiles. The network share can be a folder on a server, a network-attached storage (NAS) device, or a network server. To support a large View deployment, you can configure separate repositories for different desktop pools.
You can install a standalone version of View Persona Management on physical computers and virtual machines that are not managed by View, allowing you to accomplish these goals:
Share and manage profiles across standalone systems and remote desktops.
n
Migrate user profiles from physical systems to remote desktops.
n
Perform a staged migration from physical systems to remote desktops.
n
Support up-to-date profiles when users go offline.
n
Limitations
View Persona Management has the following limitations and restrictions:
You must have a View license that includes the View Personal Management component.
n
View Persona Management requires a CIFS (Common Internet File System) share.
n

Using USB Devices with Remote Desktops and Applications

Administrators can configure the ability to use USB devices, such as thumb flash drives, cameras, VoIP (voice-over-IP) devices, and printers, from a remote desktop. This feature is called USB redirection, and it supports using either the RDP or the PCoIP display protocol. A remote desktop can accommodate up to 128 USB devices.
You can also redirect locally connected USB thumb flash drives and hard disks for use in RDS desktops and applications. Other types of USB devices, including other types of storage devices, are not supported in RDS desktops and applications.
When you use this feature in desktop pools that are deployed on single-user machines, most USB devices that are attached to the local client system become available in the remote desktop. You can even connect to and manage an iPad from a remote desktop. For example, you can sync your iPad with iTunes installed in your remote desktop. On some client devices, such as Windows and Mac OS X computers, the USB devices are listed in a menu in Horizon Client. You use the menu to connect and disconnect the devices.
VMware, Inc. 25
In most cases, you cannot use a USB device in your client system and in your remote desktop or application at the same time. Only a few types of USB devices can be shared between a remote desktop and the local computer. These devices include smart card readers and human interface devices such as keyboards and pointing devices.
Administrators can specify which types of USB devices end users are allowed to connect to. For composite devices that contain multiple types of devices, such as a video input device and a storage device, on some client systems, administrators can split the device so that one device (for example, the video input device) is allowed but the other device (for example, the storage device) is not.
The USB redirection feature is available only on some types of clients. To find out whether this feature is supported on a particular type of client, see the feature support matrix included in the "Using VMware Horizon Client" document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.

Using the Real-Time Audio-Video Feature for Webcams and Microphones

With the Real-Time Audio-Video feature, you can use your local computer's webcam or microphone on your remote desktop. Real-Time Audio-Video is compatible with standard conferencing applications and browser-based video applications, and supports standard webcams, audio USB devices, and analog audio input.
End users can run Skype, Webex, Google Hangouts, and other online conferencing applications on their virtual desktops. This feature redirects video and audio data to the remote desktop with a significantly lower bandwidth than can be achieved by using USB redirection. With Real-Time Audio-Video, webcam images and audio input are encoded on the client and then sent to the remote desktop. On the remote desktop the stream is decoded and played by a virtual webcam and virtual microphone, which can be used by the third-party application.
No special configuration is necessary, although administrators can set GPOs and registry keys for the remote desktop to configure frame rate and image resolution, or to turn the feature off altogether. By default the resolution is 320 by 240 pixels at 15 frames per second. Administrators can also use client-side configuration settings to set a preferred webcam or audio device if needed.
NOTE This feature is available only on some types of clients. To find out whether this feature is supported on a particular type of client, see the feature support matrix included in the "Using VMware Horizon Client" document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.

Using 3D Graphics Applications

The software- and hardware-accelerated graphics features available with the PCoIP display protocol enable remote desktop users to run 3D applications ranging from Google Earth to CAD and other graphics­intensive applications.
NVIDIA GRID vGPU (shared GPU hardware acceleration)
Available with vSphere 6.0 and later, this feature allows a physical GPU (graphical processing unit) on an ESXi host to be shared among virtual machines. Use this feature if you require high-end, hardware-accelerated workstation graphics.
Virtual Dedicated Graphics Acceleration (vDGA)
26 VMware, Inc.
Available with vSphere 5.5 and later, this feature dedicates a single physical GPU on an ESXi host to a single virtual machine. Use this feature if you require high-end, hardware-accelerated workstation graphics.
Chapter 2 Planning a Rich User Experience
Virtual Shared Graphics Acceleration (vSGA)
Soft 3D
For these features, up to 2 monitors are supported, and the maximum screen resolution is 1920 x 1200.
IMPORTANT For more information on the various choices and requirements for 3D rendering, see the
VMware white paper about graphics acceleration.
Available with vSphere 5.1 and later, this feature allows multiple virtual machines to share the physical GPUs on ESXi hosts. You can use 3D applications for design, modeling, and multimedia.
Software-accelerated graphics, available with vSphere 5.0 and later, allows you to run DirectX 9 and OpenGL 2.1 applications without requiring a physical GPU. Use this feature for less demanding 3D applications such as Windows Aero themes, Microsoft Office 2010, and Google Earth.

Streaming Multimedia to a Remote Desktop

The Windows Media MMR (multimedia redirection) feature, for Windows 7 and Windows 8/8.1 desktops and clients, enables full-fidelity playback on Windows client computers when multimedia files are streamed to a remote desktop.
With MMR, the multimedia stream is processed, that is, decoded, on the Windows client system. The client system plays the media content, thereby offloading the demand on the ESXi host. Media formats that are supported on Windows Media Player are supported; for example: M4V; MOV; MP4; WMP; MPEG-4 Part 2; WMV 7, 8, and 9; WMA; AVI; ACE; MP3; WAV.
NOTE You must add the MMR port as an exception to your firewall software. The default port for MMR is
9427.

Printing from a Remote Desktop

The virtual printing feature allows end users on some client systems to use local or network printers from a remote desktop without requiring that additional print drivers be installed in the remote desktop operating system. The location-based printing feature allows you to map remote desktops to the printer that is closest to the endpoint client device.
With virtual printing, after a printer is added on a local client computer, that printer is automatically added to the list of available printers on the remote desktop. No further configuration is required. For each printer available through this feature, you can set preferences for data compression, print quality, double-sided printing, color, and so on. Users who have administrator privileges can still install printer drivers on the remote desktop without creating a conflict with the virtual printing component.
To send print jobs to a USB printer, you can either use the USB redirection feature or use the virtual printing feature.
Location-based printing allows IT organizations to map remote desktops to the printer that is closest to the endpoint client device. For example, as a doctor moves from room to room in a hospital, each time the doctor prints a document, the print job is sent to the nearest printer. Using this feature does require that the correct printer drivers be installed in the remote desktop.
NOTE These printing features are available only on some types of clients. To find out whether a printing feature is supported on a particular type of client, see the feature support matrix included in the "Using VMware Horizon Client" document for the specific type of desktop or mobile client device. Go to
https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html.
VMware, Inc. 27

Using Single Sign-On for Logging In to a Remote Desktop

The single-sign-on (SSO) feature allows end users to supply login credentials only once.
If you do not use the single-sign-on feature, end users must log in twice. They are first prompted to log in to View Connection Server and then are prompted log in to their remote desktop. If smart cards are also used, end users must sign in three times because users must also log in when the smart card reader prompts them for a PIN.
For remote desktops, this feature includes a credential provider dynamic-link library.

Using Multiple Monitors

Regardless of the display protocol, you can use multiple monitors with a remote desktop.
If you use PCoIP, the display protocol from VMware, you can adjust the display resolution and rotation separately for each monitor. PCoIP allows a true multiple-monitor session rather than a span mode session.
A span mode remote session is actually a single-monitor session. The monitors must be the same size and resolution, and the monitor layout must fit within a bounding box. If you maximize an application window, the window spans across all monitors. Microsoft RDP 6 uses span mode.
In a true multiple-monitor session, monitors can have different resolutions and sizes, and a monitor can be pivoted. If you maximize an application window, the window expands to the full screen of only the monitor that contains it.
This feature has the following limitations:
If you use PCoIP, the maximum number of monitors that you can use to display a remote desktop is 4,
n
with a resolution of up to 2560 X 1600 if you have enough video RAM. The maximum number of monitors that can be stacked vertically is 2. If you use more than 2 monitors, the monitors must be in the same mode and have the same screen resolution. That is, if you use 3 monitors, all 3 monitors must be in either portrait mode or landscape mode and must use the same screen resolution.
To use the 3D rendering feature, you can use up to 2 monitors, with a resolution of up to 1920 X 1200.
n
You must use the PCoIP display protocol.
If you use Microsoft RDP 7, the maximum number of monitors that you can use to display a remote
n
desktop is 16.
If you use Microsoft RDP display protocol, you must have Microsoft Remote Desktop Connection
n
(RDC) 6.0 or higher installed in the remote desktop.
28 VMware, Inc.
Managing Desktop and Application
Pools from a Central Location 3
You can create pools that include one or hundreds or thousands of remote desktops. As a desktop source, you can use virtual machines, physical machines, and Windows Remote Desktop Services (RDS) hosts. Create one virtual machine as a base image, and View can generate a pool of remote desktops from that image. You can also create pools of applications that give users remote access to applications.
This chapter includes the following topics:
“Advantages of Desktop Pools,” on page 29
n
“Advantages of Application Pools,” on page 30
n
“Reducing and Managing Storage Requirements,” on page 31
n
“Application Provisioning,” on page 36
n
“Using Active Directory GPOs to Manage Users and Desktops,” on page 38
n

Advantages of Desktop Pools

View offers the ability to create and provision pools of desktops as its basis of centralized management.
You create a remote desktop pool from one of the following sources:
A physical system such as a physical desktop PC or an RDS host
n
A virtual machine that is hosted on an ESXi host and managed by vCenter Server
n
A virtual machine that runs on a virtualization platform other than vCenter Server that supports View
n
Agent
If you use a vSphere virtual machine as a desktop source, you can automate the process of making as many identical virtual desktops as you need. You can set a minimum and maximum number of virtual desktops to be generated for the pool. Setting these parameters ensures that you always have enough remote desktops available for immediate use but not so many that you overuse available resources.
Using pools to manage desktops allows you to apply settings or deploy applications to all remote desktops in a pool. The following examples show some of the settings available:
Specify which remote display protocol to use as the default for the remote desktop and whether to let
n
end users override the default.
If using a virtual machine, specify whether to power off the virtual machine when it is not in use and
n
whether to delete it altogether.
Specify whether to use a Microsoft Sysprep customization specification or QuickPrep from VMware.
n
Sysprep generates a unique SID and GUID for each virtual machine in the pool.
VMware, Inc.
29
Loading...
+ 65 hidden pages