VCAP-DTD | Objective 4.2 | Integrate a View Design with Infrastructure Services

Determine appropriate Active Directory configuration for the design

Active Directory configuration is relatively simple with VMware View.

AD can apply View specific polices using GPO. GPO is able to configure all desktops created by View connection server.

Firstly, it is highly recommended that you create dedicated OUs for View desktops, View servers and View specific user/service accounts. The View connection server includes administrative templates for managing View virtual desktops, servers and clients. These administrative templates can be imported and applied using GPO to to the respective OUs for these components.

Establish DNS/DHCP configuration

Both of these are fairly self explanatory really, and not too sure they need delving into. As we know, DNS is crucial for any environment. It’s important to remember that when a pool of desktops is removed or a recompose task is initiated then DNS records may become stale. It’s well worth reviewing the DNS scavenging settings within AD to ensure the operations are completed within a timely manner.

With DHCP, other than ensuring you have enough DHCP scopes to satisfy all your desktops, it worth reducing the lease time especially with floating desktops. Real world experience shows that an 8 hour lease should suffice.

Determine appropriate firewall rules for View components

Whilst researching this subject I stumbled across a very compressive article by Earl Gay III over at Blog.EEG3.Net

Rather than duplicate the information I’ll just link directly to it, full credit to the original author.
 
Based on customer requirements, identify Smart Card / RSA configuration
As with all 3rd party products, check with VMware (and the 3rd party themselves) that their product is compatible and supported with VMware View and follow any design guidelines they provide or recommend.
Next, I would suggest determining the use case for this. If for example, you only have a handful of users that require smart card authentication, consider creating a separate pool for these users with their own dedicated image with the software already installed.
By default, VMware View authenticates users using AD credentials. As an option, View can be configured so that users are first required to authenticate using RSA SecureID. This can configured in the connection server settings. From here you also need to determine if RSA SecureID usernames must match usernames in AD. If this option is not selected different usernames will be generated and will potentially confuse your users. I don’t have much experience with RSA, so plan on studying the RSA SecureID Ready Implementation Guide further.

Speak Your Mind

*