Connection Broker Advanced Connections Management for Multi-Cloud Environments

Similar documents
V iew Direct- Connection Plug-In. The Leostream Connection Broker. Advanced Connection and Capacity Management for Hybrid Clouds

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and More

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and More. Licensing Guide

DNS Setup Guide. Connection Broker. Advanced Connection Management For Multi-Cloud Environments

Connection Broker Advanced Connections Management for Multi-Cloud Environments. DNS Setup Guide

Glossary of Terms. Connection Broker. Advanced Connection and Capacity Management for Hybrid Clouds. Version 9.0 June Contacting Leostream

Connection Broker Advanced Connections Management for Multi-Cloud Environments. Security Review

Security Guide. Connection Broker. Advanced Connection and Capacity Management for Hybrid Clouds

Application Guide. Connection Broker. Advanced Connection and Capacity Management For Hybrid Clouds

Leostream Agent. Leostream Platform. Advanced Capacity and Connection Management for your Hybrid Cloud

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

Connection Broker Advanced Connections Management for Multi-Cloud Environments Leostream Connect Administrator s Guide and End User s Manual

Connection Broker Managing User Connections to Hosted Desktops. Administrator s Guide

Gateway Guide. Leostream Gateway. Advanced Capacity and Connection Management for Hybrid Clouds

Leostream Connect. Leostream 9. Advanced Capacity and Connection Management For Hybrid Clouds

Transitioning to Leostream from HP SAM

Installation Guide. Connection Broker. Advanced Capacity and Connection Management for Hybrid Clouds

Getting Started with Amazon Web Services

Connection Broker OpenStack VDI Reference Architecture with Leostream

Connection Broker Where Virtual Desktops Meet Real Business. Installing Leostream Connect on HP Thin Clients

Scalability Guide. Designing Highly Available and Resilient Leostream Environments

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Installing and Configuring vcloud Connector

Proofpoint Threat Response

Horizon Console Administration. 13 DEC 2018 VMware Horizon 7 7.7

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline 1.4

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline Collector 2.0

Threat Response Auto Pull (TRAP) - Installation Guide

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Migrating vrealize Automation 6.2 to 7.2

Configuring the SMA 500v Virtual Appliance

Accops HyWorks v3.0. Quick Start Guide. Last Update: 4/25/2017

VMware View Upgrade Guide

Installing and Configuring vcloud Connector

Getting Started with ESXi Embedded

REVISED 1 AUGUST REVIEWER'S GUIDE FOR VMWARE APP VOLUMES VMware App Volumes and later

Installing and Configuring vrealize Automation for the Rainpole Scenario. 12 April 2018 vrealize Automation 7.4

Setting Up Resources in VMware Identity Manager

VMware Horizon 7 Administration Training

Red Hat CloudForms 4.0

Plexxi Connect vsphere Plugin User Guide Releases through 2.5.0

VMware vfabric Data Director Installation Guide

TECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION. VMware Horizon 7 version 7.

SonicWall Secure Mobile Access SMA 500v Virtual Appliance 8.6. Getting Started Guide

CounterACT User Directory Plugin

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Goliath Performance Monitor v11.7 POC Install Guide

Dell Storage Compellent Integration Tools for VMware

Ahsay Online Backup Manager v7 Quick Start Guide for Synology NAS

NetScaler Analysis and Reporting. Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi

Connection Broker Advanced Connections Management for Multi-Cloud Environments. Integrating Leostream with Commercial SSL VPN Appliances

REVISED 1 AUGUST QUICK-START TUTORIAL FOR VMWARE APP VOLUMES VMware App Volumes and later

UDS Enterprise Free & Evaluation Edition. Lab UDS Enterprise + VMware vsphere + RDP/XRDP

Using vrealize Operations Tenant App as a Service Provider

Dell Storage Compellent Integration Tools for VMware

UDS Enterprise Free & Evaluation Edition. Lab UDS Enterprise + VMware vsphere + RDP/XRDP

Synchronization Agent Configuration Guide

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Dell EMC vsan Ready Nodes for VDI

Double-Take AVAILABILITY. Version 7.0 Double-Take Availability for vsphere User's Guide

Synchronization Agent Configuration Guide

Installing and Configuring VMware Identity Manager for Linux. Modified MAY 2018 VMware Identity Manager 3.2

VMware vfabric Data Director Installation Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

akkadian Provisioning Manager Express

Install and Configure FindIT Network Manager and FindIT Network Probe on a VMware Virtual Machine

Installing and Configuring VMware Identity Manager. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

OpenManage Integration for VMware vcenter Quick Installation Guide for vsphere Web Client Version 3.2

SRA Virtual Appliance Getting Started Guide

VMware Identity Manager Administration

Using the Horizon vrealize Orchestrator Plug-In

Product Version 1.1 Document Version 1.0-A

OpenManage Integration for VMware vcenter Quick Installation Guide for vsphere Web Client Version 3.1

akkadian Global Directory 3.0 System Administration Guide

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client, Version 2.3.1

Boot Attestation Service 3.0.0

McAfee Boot Attestation Service 3.5.0

Getting Started with VMware View View 3.1

ITCorporation HOW DO I INSTALL A FRESH INSTANCE OF ANALYZER? DESCRIPTION RESOLUTION. Knowledge Database KNOWLEDGE DATABASE

Administering vrealize Log Insight. April 12, 2018 vrealize Log Insight 4.6

Netwrix Auditor. Virtual Appliance and Cloud Deployment Guide. Version: /25/2017

OpenManage Integration for VMware vcenter Using the vsphere Client Quick Install Guide Version 2.0

VMware Horizon Cloud Service on Microsoft Azure Administration Guide

Dell Storage Integration Tools for VMware

Novell Identity Manager

Installing and Configuring VMware Identity Manager. Modified on 14 DEC 2017 VMware Identity Manager 2.9.1

Dell EMC Ready Architectures for VDI

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Horizon Cloud with On-Premises Infrastructure Administration Guide. VMware Horizon Cloud Service Horizon Cloud with On-Premises Infrastructure 1.

Implementing Infoblox Data Connector 2.0

Administering vrealize Log Insight. September 20, 2018 vrealize Log Insight 4.7

Transcription:

Connection Broker Advanced Connections Management for Multi-Cloud Environments Using Leostream with the VMware Horizon View Direct- Connection Plug-in Version 8.2 December 2017

Contacting Leostream Leostream Corporation http://www.leostream.com 271 Waverley Oaks Rd. Telephone: +1 781 890 2019 Suite 206 Fax: +1 781 688 9338 Waltham, MA 02452 USA To submit an enhancement request, email features@leostream.com. To request product information or inquire about our future directions, email sales@leostream.com. Copyright Copyright 2002-2017 by Leostream Corporation This software program and documentation are copyrighted by Leostream. The software described in this document is provided under a license agreement and may be used or copied only under the terms of this agreement. No part of this manual may be copied or reproduced in any form without prior written consent from Leostream. Trademarks The following are trademarks of Leostream Corporation. Leostream The Leostream graphical logo The absence of a product name or logo from this list does not constitute a waiver of the trademark or other intellectual property rights concerning that product, name, or logo by Leostream. The OpenStack Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. Leostream is not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. OpenLDAP is a trademark of The OpenLDAP Foundation. Microsoft, Active Directory, SQL Server, Hyper-V, and Windows are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Other brand and product names are trademarks or registered trademarks of their respective holders. Leostream claims no right to use of these marks. Patents Leostream software is protected by U.S. Patent 8,417,796. 2

Quick Start Contents CONTENTS... 3 CHAPTER 1: OVERVIEW... 4 LEOSTREAM COMPONENTS... 4 WHAT IS THE CONNECTION BROKER?... 5 HOW THE CONNECTION BROKER MANAGES USERS... 6 USING PCOIP CLIENTS WITH LEOSTREAM... 7 CHAPTER 2: CONFIGURING THE CONNECTION BROKER... 8 STEP 1: STARTING THE CONNECTION BROKER VIRTUAL MACHINE... 8 STEP 2: OPENING THE WEB INTERFACE... 8 Changing Your Connection Broker Password... 9 STEP 3: CONFIGURING THE MICROSOFT WINDOWS VIRTUAL MACHINES... 9 STEP 4: CREATING A CENTER FOR VMWARE VCENTER SERVER... 10 STEP 5: DEFINING POOLS... 13 STEP 6: DEFINING PROTOCOL, POWER CONTROL, AND RELEASE PLANS... 14 Protocol Plans... 14 Power Control Plans... 17 Release Plans... 18 STEP 7: DEFINING USER POLICIES... 20 STEP 8: AUTHENTICATING USERS... 21 STEP 9: ASSIGNING USER ROLES AND POLICIES... 23 STEP 10: TESTING USER LOGIN... 24 STEP 11: CONFIGURING PCOIP CLIENTS... 25 CHAPTER 3: MANAGING YOUR LICENSE... 26 VIEWING LICENSE INFORMATION... 26 UPDATING THE CONNECTION BROKER... 26 INSTALLING A NEW LICENSE... 27 3

Using Leostream with the VMware View Direct-Connection Plug-in Chapter 1: Overview Teradici PC-over-IP (PCoIP ) technology provides an optimal end-user experience when connecting users to hosted desktops by delivering a true PC experience over standard IP networks. For more information on the PCoIP protocol, please visit http://www.teradici.com/pcoip-technology. Leostream can manage PCoIP connections to a number of different back-end environments, including physical workstations with an installed PCoIP Remote Workstation Card, virtual machines running the Teradici Cloud Access Software, and virtual machines with an installed VMware Horizon View Direct- Connection Plug-in. This document describes how to use Leostream to manage PCoIP connections to virtual machines with an installed VMware Horizon View Direct-Connection Plug-in. When using PCoIP zero-clients, you can configure Leostream to provide connections to workstations with a Remote Workstation Card and virtual machines with a Direct-Connection Plug-in from a single login. See the Installation Guide for information on downloading and installing the Connection Broker virtual appliance and related components. See the Leostream Quick Start Guide for managing Remote Workstations with a PCoIP Remote Workstation Card for information on how to set up Leostream to manage physical machines. See the Leostream Quick Start Guide for Using Leostream with the Teradici Cloud Access Platform if you want to use Leostream and Teradici to build a virtual workspaces solution. Leostream Components The Leostream Connection Broker consists of the following four components. Connection Broker: The Connection Broker is the central management layer for your environment. The Connection Broker inventories, provisions, and terminates desktops, assigns desktops to users, and defines the end-user experience. Leostream Agent: When installed on the remote desktop, the Leostream Agent provides the Connection Broker with insight into the connection status of the remote users. On Windows operating systems, the Leostream Agent also performs functions related to the Leostream printing and USB management features. The Leostream Agent is a critical component when scaling out deployments to a large number of end users. Leostream Connect: A software client provided by Leostream that allows users to log into Windows and Linux remote desktops from any Windows or Linux fat or thin clients. Database: When building a proof-of-concept, the Connection Broker stores all information in an internal database. Production deployments should configure a Connection Broker cluster attached to an external Microsoft SQL Server 2012 or 2014 database, or PostgreSQL database. 4

Quick Start What is the Connection Broker? A connection broker lies at the heart of any hosted desktop deployment, and is the key component for assigning desktops to end users. The Leostream Connection Broker runs as a virtual appliance within a VMware, Citrix, Microsoft, or Red Hat virtualization layers, making it easy to install, maintain, and update. The Connection Broker provides end users with consistent, reliable access to data and desktops from a wide range of fat, thin, and zero clients. After you install the Connection Broker, you use the Administrator web interface to define the Leostream concepts shown in the following figure. Generally, you begin by defining authentication servers, and fill in the other concepts in the box as you work through your configuration. The following table describes these concepts in more detail. Leostream Concept Authentication servers Centers Pools Plans Policies Roles Definition A server that provides authentication services to users logging into the Connection Broker. The Connection Broker supports Microsoft Active Directory, Novell edirectory, OpenLDAP, and NIS directory services. You can specify any number of trusted or not-trusted domains, using any combination of authentication server types. In addition, the Connection Broker allows you to manually define local users without configuring an authentication server. The external systems from which the Connection Broker inventories hosted resources, including desktops, applications, and printers. Collections of desktops, gathered from a single or multiple centers. Common sets of rules that define how the Connection Broker manages the end user s connection to their assigned desktop. Rules that assign desktops to users and define what occurs at all steps of the user s session, including assignment, login, disconnect, and logout. Policies assign plans to desktops based on the desktop s pool membership. Permissions that control the level of access users have to the Connection Broker Administrator Web interface. 5

Using Leostream with the VMware View Direct-Connection Plug-in Leostream Concept Assignments Definition A set of rules that determine which role and policy the Connection Broker assigns to a user, based on who the user is and where they logged in. How the Connection Broker Manages Users The following figure illustrates the different steps involved in connecting users to desktops, which are described in more detail after the illustration. With the exception of authenticating users, policy logic determines how the Connection Broker handles each step. User signs in to Connection Broker Connection Broker authenticates user Connection Broker offers desktop based on user s policy User requests connection to desired desktops Connection Broker assigns desktop and connects user User ends remote desktop connection Connection Broker applies release plan Connection Broker applies power plans 1. User signs into the Connection Broker: In PCoIP environments, users sign into the Connection Broker using a PCoIP zero client. 2. Connection Broker authenticates user: The Connection Broker searches for the user in the domains defined in the > Users > Authentication Servers page. If the user previously logged in, the Connection Broker first looks in the authentication server used for the previous login then searches the remaining authentication servers in the order defined by the authentication server s Position property. If this is the first time the user logged in, the Connection Broker searches all authentication servers in order of their position. 3. Connection Broker offers resources based on user s policy: The Connection Broker then assigns a policy using the assignment table associated with the authentication server chosen in step 2. The policy determines the desktops offered to the user, the plans associated with the desktops, and the USB pass through permissions. 4. User requests connection to desired desktop: The client lists all desktops offered to the user by their policy. The user then requests a connection to their desired desktop. 5. Connection Broker assigns desktop and connects user: After the user selects a desktop, the Connection Broker assigns that desktop to the user. When a desktop is assigned to a particular user, the Connection Broker never offers that desktop to another user. After the assignment is made, the Connection Broker passes configuration information needed to establish the desktop connection to the client device. In the case of PCoIP connections, the Connection Broker establishes a connection between the PCoIP zero client and the PCoIP Remote 6

Quick Start Workstation card, then logs the user into the desktop operating system. The PCoIP connection does not flow through the Connection Broker. 6. User ends remote desktop connection: When the user disconnects or logs out of the remote session, the Connection Broker applies any power control or release actions specified by the plans assigned to that desktop by the user s policy. 7. Connection Broker applies release plan: The Release Plan indicates if the Connection Broker releases the desktop back to its pool and unassigns the desktop, or retains the desktop assignment. 8. Connect Broker applies power policy: Lastly, the Connection Broker takes any power control actions set in the user s power control plan. Using PCoIP Clients with Leostream You can use any supported PCoIP software, mobile, or zero client to log into Leostream. The type of client you use, and whether the client communicates with Leostream or the PCoIP Connection Manager, determines what types of PCoIP resources can be connected. The following table describes the types of resources users can connect to from different PCoIP client. PCoIP Client Type Software (Mac, Windows, ChromeOS) Mobile Zero Communicates with Connects to Virtual Machines Connects to Physical Machines PCoIP Connection Manager Running the PCoIP Standard or Graphics Agent for the Teradici Cloud Access Platform Running the PCoIP Workstation Access Software Zero client Leostream Connection Broker Running the VMware Horizon View Direct Connection Plug-In With an installed Remote Workstation Cards When connecting to virtual machines running the VMware Horizon View Direct Connection Plug-In, you must configure the zero client to communicate with the Leostream Connection Broker. 7

Using Leostream with the VMware View Direct-Connection Plug-in Chapter 2: Configuring the Connection Broker Step 1: Starting the Connection Broker Virtual Machine After you install the Connection Broker virtual appliance into your virtualization platform, turn on the Connection Broker virtual machine. If you are using a second video network, add the second network to the Connection Broker virtual appliance before turning on the Connection Broker virtual machine. Once the virtual machine is running, the Connection Broker IP address appears in the console. For example: If the console cannot obtain an IP address from DHCP, you can manually configure the network. See Manually Configuring the Connection Broker Address section in the Leostream Installation Guide for more information. Otherwise, proceed to the next step. Step 2: Opening the Web Interface After you have the Connection Broker IP address, you can open the Administrator Web interface, as follows. 1. Open a new browser. 2. Enter the Connection Broker IP address in your browser s URL edit field. The Connection Broker Sign In page opens, as shown in the following figure. 3. Sign into the Connection Broker Web interface using the following credentials: 8

Quick Start User name: admin Password: leo 4. Click Sign In. The Leostream license page, shown in the following figure, opens. 5. In the License key edit field, enter the license key you received via email. If you do not have a Leostream license key, contact sales@leostream.com Ensure that there are no spaces in or after the sequence and that you include the lines containing the text -----BEGIN LICENSE----- and -----END LICENSE----- line. 6. Click on the License Agreement link to view the end user license agreement. Select the I have read and accept the License Agreement option if you agree to the terms of the Leostream end user license agreement. 7. Click Save. The Welcome page opens, giving you the option to check for any Connection Broker updates. You can perform the update at any time (see Updating the Connection Broker). Changing Your Connection Broker Password You can change the default administrator password at any time, as follows: 1. Click the Users tab in the main navigation menu. 2. Click the My Options tab in the Users page navigation menu. 3. Enter your new password in the Password and Re-type password edit fields. 4. Click Save. The Connection Broker cannot remind you of your password. Step 3: Configuring the Microsoft Windows Virtual Machines When using Leostream to manage PCoIP connections to VMware virtual machines, you must ensure that each virtual machine has an installed VMware View Direct-Connection Plug-in. You do not need to configure the View Connection Server to handle entitlements. All desktop assignments are controlled by Leostream. 9

Using Leostream with the VMware View Direct-Connection Plug-in Install the Leostream Agent on each virtual machine, as well. During the installation, specify the Connection Broker address from Step 1. When installing the Leostream Agent, ensure that you do not select the task to install the Credential Provider when performing the installation. The Leostream Agent credential provider may conflict with the Direct-Connection Plug-in. Ensure that the PCoIP connection can be established from the VMware Horizon View Client to the virtual machine, before attempting to use with Leostream. You must configure the View Agent Direct-Connection Users on the virtual machine before Leostream can establish the PCoIP connection. Consult the VMware documentation for complete instructions on configuring the VMware Horizon View Direct Connection Plug-in. Installing the VMware Horizon View Direct-Connection Plug-In automatically creates a new local group on the operating system, named View Agent Direct-Connection Users. Users must be a member of this group to connect to the desktop. Leostream does not automatically add users to this group. Therefore, ensure that you configure members of this group before proceeding with the Leostream setup. Step 4: Creating a Center for VMware vcenter Server The Connection Broker interfaces with a number of third party systems to inventory and control hosted desktops. Leostream defines centers as the external, third-party systems that inform the Connection Broker about desktops that are available for assignment to end users. In this guide, virtual machines are hosted in VMware vsphere, and vsphere is managed by VMware vcenter Server. Therefore, for the Connection Broker to manage these machines, define a center for vcenter Server, as follows. 1. Click the Resources tab in the main navigation menu. 2. Click the Centers tab in the Resources page navigation menu. 3. Click Add Center, as shown in the following figure: 4. Configure the Add Center form, as follows: 10

Quick Start a. Select VMware vcenter Server from the Type drop-down menu, as shown in the following figure. b. Enter a name for the center in the Name edit field. c. Enter the vcenter Server s address in the Hostname or IP address edit field. d. In the Username edit field, enter the name of a user with the necessary privileges. Leostream requires specific VMware vcenter Server privileges in order to perform various actions, such as starting and stopping VMs or provisioning virtual machines from templates. If your Connection Broker is unable to perform any of these actions, ensure that you create your center with an account that has all the required privileges. See the What privileges do I need to interact with VMware vcenter Server article in the Leostream Frequently Asked Questions for information on required privileges. e. Enter this user s password into the Password edit field. f. If you want to import virtual machines from a particular datacenter, enter the name of the datacenter in the Datacenter edit field. g. Select a time from the Refresh interval drop-down menu. This setting tells the Connection Broker how often to refresh the desktops imported from this center. The refresh interval is the length of time between when one refresh action is finished and the next refresh action 11

Using Leostream with the VMware View Direct-Connection Plug-in is invoked. If your vcenter Server manages a large number of machines, refreshing the center can place a substantial load on vcenter Server. If you are experiencing responsiveness issues, try increasing the refresh rate. h. Leave the remaining settings on their default values and click Save. The > Resources > Centers page shows the new center, and indicates that the center is refreshing, as shown in the following figure. The virtual machines found in this center appear in the > Resources > Desktops page. See the Working with Desktops and Applications section of the Connection Broker Administrator s Guide for information on viewing, editing, and controlling desktops from within the Connection Broker. 12

Quick Start Step 5: Defining Pools After you create your centers and the Connection Broker registers your desktops, you can combine the desktops into logical groups, or pools. Use pools to create sets of desktops that have similar attributes, or come from the same center. The Leostream Connection Broker defines a pool as any group of desktops or applications. When using Leostream to manage connections to virtual machines with a VMware Horizon View Direct- Connection Plug-in, ensure that all virtual machines in the pool have an installed plug-in. Leostream provides a number of flexible methods for creating pools. For a complete description, see the Creating Desktop and Application Pools chapter in the Connection Broker Administrator s Guide. In this example, you can create a pool of all of the virtual machines in vsphere with a Windows operating system, as follows: 1. Click the Resources tab in the main navigation menu. 2. Click the Pools tab in the Resources page navigation menu. 3. Click Create Pool, as shown in the following figure. The Create Pool form opens. 4. Enter a unique name for this pool in the Name edit field. 5. From the Subset of pool drop-down menu, select All Windows Desktops. 6. Select Centers from the Define pool using drop-down menu. 7. From the Available centers list in the Center Selection section, select the vcenter Server center you created in step 4. 8. Click the Add highlighted items link below the Available centers list. 9. Click Save. 13

Using Leostream with the VMware View Direct-Connection Plug-in Step 6: Defining Protocol, Power Control, and Release Plans After you separate your desktops into pools, define the rules that control how the Connection Broker manages the user s connection to desktops in those pools. To perform this step, ask yourself the following questions. What display protocols do I want the user to use to connect to their desktops? How do I want to manage the power state of each desktop, for example, should it be turned off when the user logs out? How long can users remain assigned to a particular desktop? For example, if the user logs out, should they remain assigned to that desktop, or should another user be able to log in? The Leostream Connection Broker defines a plan as a set of rules that can be applied to any number of pools. This step describes three types of pool-based plans: 1) Protocol, 2) Power Control, and 3) Release. Protocol Plans Protocol plans determine which display protocol the Connection Broker uses to connect a user to their desktop from a particular pool. For a complete description of protocol plans, see Building Pool-Based Plans in the Connection Broker Administrator s Guide. The Connection Broker provides one default protocol plan, which is shown on the > Plans > Protocol page, shown in the following figure. If the user logs in using a PCoIP zero client, Leostream always attempts to establish a PCoIP connection using the Horizon View Direct-Connection Plug-in (see Step 11: Configuring PCoIP Clients). When using a PCoIP zero client, the protocol plan is used only to configure the port to check when using backup pools or failover desktops. By default, the Connection Broker checks port 8080. If you want to change the default port: 1. Go to the > Plans > Protocols page. 2. Click the Create Protocol Plan at the top of the page. The Create Protocol Plan form opens. 3. Scroll down to the Teradici PCoIP Client Configuration section, shown in the following figure. 4. Enter the new port in the Alternate port for remote viewer port check edit field. 14

Quick Start 5. Click Save to save the form. Establishing Connections using Leostream Connect When using Leostream Connect or the Leostream Web client, the user s client device must have an installed VMware Horizon View client. You can then use Leostream protocol plans to launch the VMware client and establish a PCoIP connection to a Windows virtual machine running the VMware View Direct-Connection Plugin. To configure the protocol plan for software-based PCoIP connections: 1. Go to the > Plans > Protocol page. 2. Create a new protocol plan, or edit an existing plan. 3. In the Leostream Connection and Thin Clients Writing to Leostream API section, select 1 from the Priority menu associated with VMware View. 4. Also in the Leostream Connection and Thin Clients Writing to Leostream API section, select Do not use or set lower priority to all other protocols. 5. In the Command line parameters edit field, enter the command line parameters needed to connect the user with single sign-on. The default parameters, shown below, launch the Windows version of the VMware View client. -noninteractive -serverurl {IP} -username {USER} -password {PLAIN_PASSWORD} -domainname {DOMAIN} -desktopname {VM:NAME} - desktopprotocol PCOIP The Linux version of the VMware View client requires different parameter. If your users are logging in from a Linux client device, modify the command line parameters, as follows; --noninteractive --serverurl {IP} --username {USER} --password {PLAIN_PASSWORD} --domainname {DOMAIN} --desktopname {VM:NAME} --protocol PCOIP If you have users logging in from Windows and Linux devices, create two protocol plans and assign the appropriate plan based on the user s location. See Assigning Plans to Locations in Chapter 12 of the Connection Broker Administrator s Guide for more information. 6. In the Port for remote viewer check specify the port number that the Connection Broker pings to determine if the desktop is available for PCoIP connections. 7. Click Save. When creating a policy, ensure that you associate the protocol plan that uses the VMware View client with the pool of virtual machines with a VMware View Direct-Connection Plug-in. 15

Using Leostream with the VMware View Direct-Connection Plug-in Establishing Connections using the Leostream Web Client The Leostream Web client uses the VMware Horizon View client URI to launch a PCoIP connection to the desktop. To configure the Connection Broker to support PCoIP connections to virtual machines: 1. Create a pool of virtual machines with a running VMware Horizon View Agent Direct-Connection Plug-In. 2. Create a protocol plan to assign to these virtual machines. In the Web Browser section of the protocol plan: a. Set the Priority of the External viewer to 1. b. Set the Priority of all other protocols to Do not use. c. In the Configuration file for the external viewer, enter: vmware-view://{hostname}/{vm:name}?desktopprotocol=pcoip The following figure displays the final protocol plan configuration. 3. Build a policy that assigns the protocol plan from step 2 to the pool of virtual machines created in step 1. 4. Assign the policy to the user. When a user who is assigned this policy logs into the Connection Broker, the broker offers the user a virtual machine from the pool. When the user requests a connection to the virtual machine, the Connection Broker launches the VMware Horizon View client, which establishes the PCoIP connection to the desktop. The VMware Horizon View client URI does not support single sign-on. 16

Quick Start Power Control Plans Power control and release plans allow you to take actions on the user s remote desktop based on different events, such as: When the user disconnects from their desktop When the user logs out of their desktop When the desktop is released to its pool When the user s session has been idle for a specified length of time The remote desktop must have an installed and running Leostream Agent to allow the Connection Broker to distinguish between user logout and disconnect and to perform actions based on idle time. Not all display protocols allow the Connection Broker to perform actions at these times. Power control plans define what power control action is taken on a desktop. Available power control plans are shown on the > Plans > Power Control page, shown in the following figure. New Connection Broker installations contain one default power control plan, called Default. You can create as many additional power control plans as needed for your deployment. To build a new power control plan: 1. Select Create Power Control Plan on the > Plans > Power Control page. The Create Power Control Plan form, shown in the following figure, opens. 17

Using Leostream with the VMware View Direct-Connection Plug-in Release Plans 2. Enter a unique name for the plan in the Plan name edit field. 3. For each of the remaining sections: a. From the Wait drop-down menu, select the time to wait before applying the power action. b. From the then drop-down menu, select the power control action to apply. Selecting Do not change power state renders the setting in the Wait drop-down menu irrelevant, as no action is ever taken. 4. Enter any optional Notes. 5. Click Save to store the changes, or Cancel to return to the > Plans > Power Control page without creating the plan. Release plans define how long a desktop remains assigned to a user and when it is released to its pool, as well as if a user should be forcefully logged out of their desktop. Available release plans are shown on the > Plans > Release page, shown in the following figure. New Connection Broker installations contain one default release plan. However, you can create as many 18

Quick Start additional release plans as needed for your deployment. For example, to build a release plan that schedules a logout after the user disconnects from their desktop: 1. Click Create Release Plan on the > Plans > Release page. The Create Release Plan form, shown in the following figure, opens 2. Enter a unique name for the plan in the Plan name edit field. 3. In the When User Disconnects from Desktop section, select after 1 hour from the Forced Logout drop-down menu. 4. Click Save. When using this release plan, the Connection Broker forcefully logs the user out an hour after they disconnect from their desktop. The logout event then triggers the When User Logs Out of Desktop section of the release plan, which releases the desktop back to its pool and removes the user s assignment to the desktop. 19

Using Leostream with the VMware View Direct-Connection Plug-in Step 7: Defining User Policies After you define your pools and plans, build policies that assign the plans to desktops. The Leostream Connection Broker defines a policy as a set of rules that determine how desktops are offered, connected, and managed for a user, including: the pools to offer desktops from; what display protocol is used to connect to those desktops, which power control, and release plans are applied to those desktops, what USB devices the user can access in their remote desktop; and more. The Connection Broker provides a Default policy that applies if no other policy exists or is applicable. The Default policy assigns one desktop from the All Desktops pool. You can create additional policies, as follows: 1. Click the Users tab in the top navigation menu. 2. Click the Policies tab in the Users page navigation menu. 3. Click Create Policy, as shown in the following figure. 4. In the Create Policy form, enter a name for the policy in the Policy name edit field. For a discussion on the remaining general policy properties, see the Connection Broker Administrator s Guide. 5. In the Desktop Assignment from Pools section, use to Pool menu to select the pool of desktops with an installed VMware Horizon View Direct-Connection Plug-in. One policy can assign desktops from multiple pools. Use the [Add Pools] menu at the bottom of the Desktop Assignment from Pools section to add additional pools to the Create Policy form. By adding a second pool to the policy, you can create a policy that offers the user both a virtual machine with a VMware Horizon View Direct-Connection Plug-in and a physical workstation with a PCoIP Remote Workstation Card. 6. For each pool, from the Number of desktops to offer drop-down menu, select the number of desktops to offer from this pool to a user of this policy. 7. For each pool, use the controls shown in the following figure to configure the policy options. See the Configuring User Experience by Policy chapter of the Connection Broker Administrator s Guide for information on using the controls shown in the following figure. 20

Quick Start In a simple proof-of-concept environment, many of these settings can be left at their default values. Note that, by default, the Connection Broker does not offer a desktop to a user if the desktop does not have an installed Leostream Agent. If you want to assign desktops that do not have a Leostream Agent, select the Yes, regardless of Leostream Agent status option from the Offer running desktops drop-down menu. 8. In the Plans section for the pool, select the protocol, power control, and release plan to use for this pool. If users will log in using Leostream Connect or the Leostream Web client, ensure that the protocol plan is configured to launch the VMware Horizon View client. 9. Click Save. See the Configuring User Experience by Policy chapter in the Connection Broker Administrator s Guide for a complete description on Connection Broker policies. Step 8: Authenticating Users The Connection Broker can authenticate users in standard LDAP systems, such as Active Directory, OpenLDAP, or Novell edirectory. For information on adding OpenLDAP or edirectory services, see the Connection Broker Administrator s Guide. For this example, add an Active Directory authentication server, as follows. Leave any options that are not covered in the following procedure at their default values. 1. Go to the > Users > Authentication Servers tab. 2. Click Add Authentication Server, as shown in the following figure. 21

Using Leostream with the VMware View Direct-Connection Plug-in 3. In the Authentication Server name edit field, enter a name for this record in the Connection Broker. 4. In the Domain Name edit field, enter the domain name associated with this Active Directory server. 5. Use the Include domain in drop-down option to indicate if this is the default domain for the Domain field. 6. In the Connection Settings section, shown in the following figure, use the following procedure to set up an Active Directory authentication server. a. Select Active Directory from the Type drop-down list. b. From the Specify address using drop-down menu, select Hostname or IP address. c. Enter the authentication server hostname or IP address in the Hostname or IP address edit field. d. Enter the port number in the Port edit field. e. Click on the Encrypt connection to authentication server using SSL (LDAPS) checkbox if you need a secure connection to the authentication server. The port number automatically changes to 636. Re-edit the Port edit field if you are not using port 636 for secure connections. 7. In the Search Settings section, shown in the following figure, enter the username and password for an account that has read rights to the user records. Leostream does not need full administrator rights to your Active Directory authentication server. 22

Quick Start 8. In the User Login Search section, ensure that the Match Login name against this field edit field is set to samaccountname. This is the attribute that the Connection Broker should match the user s entered login name against. 9. Click Save. Step 9: Assigning User Roles and Policies When a user logs in to the Connection Broker, the Connection Broker searches the authentication servers defined on the > Users > Authentication Servers page for a user that matches those credentials. The Connection Broker then looks on the > Users > Assignments page, shown in the following figure, for the assignment rules associated with the authentication server that authenticated the user. For example, if the Connection Broker authenticated the user in the Leostream domain defined on the > Users > Authentication Servers page, the Connection Broker would look in the Leostream assignment rules in the following figure. To assign roles and policies to users in a particular authentication server, click the Edit link associated with that authentication server on the > Users > Assignments tab, shown in the previous figure. The Edit Assignment form for this authentication server appears, as shown in the following figure. By default, the Connection Broker matches the selection in the Group drop-down menu to the user s memberof attribute in Active Directory. 23

Using Leostream with the VMware View Direct-Connection Plug-in If you modified your groups in Active Directory after you last signed into your Connection Broker, you must sign out and sign back in to have your Connection Broker reflect the authentication server changes. To assign rules based on the user s group attribute: 1. Select the group attribute from the Group drop-down menu 2. If you are using locations, select a location from the Client Location drop-down menu 3. Assign a role to this group and client location pair by selecting an item from the User Role dropdown menu 4. Assign a policy to this group and client location pair by selecting an item from the User Policy dropdown menu If you need to assign roles and policies based on a different authentication server attribute, uncheck the Query for group information option at the bottom of the Edit Assignments form. After you save the form, the format of the Assigning User Role and Policy section changes. For information on locations and roles, see the Connection Broker Administrator s Guide. Step 10: Testing User Login To test your Connection Broker, ensure that users are being correctly assigned to their desktops, as follows: 1. Click the Users tab in the main navigation menu. 2. Click the Users tab in the Users page navigation menu. 3. Click Test Login, as shown in the following figure: 4. In the Login Test form that opens, enter the name of the user to test in the User Name edit field. 5. If you are allowing the user to specify their domain, select a domain from the Domain drop-down menu. 6. Use the Filter client list by location drop-down menu to restrict the clients shown in the Clients drop-down menu. You create these locations on the > Clients > Locations page. If you are not using locations, select All. 7. If you have any clients loaded into your Connection Broker, use the Client menu to select the client you want to test this user logging in from. 24

Quick Start 8. Click Run Test. The Connection Broker searches the authentication server for your user, and then presents a report indicating which role and policy it assigned the user, and what desktops and applications it would offer. Please, complete a login test prior to contacting Leostream support. Step 11: Configuring PCoIP Clients Currently, you can use any PCoIP Zero client to manage PCoIP connections to a virtual machine running the VMware Horion View Direct-Connection Plug-in. By default, when the Connection Broker discovers new PCoIP zero clients, the broker configures the client to use the Connection Management Interface. You must manually switch the client to the PCoIP Broker Protocol, as follows. 1. Go to the zero client s Configuration dialog or the Configuration menu in the client s Web interface 2. Select Session. 3. In the Session page: a. Select PCoIP Connection Manager from the Session Connection Type drop-down menu b. Enter your Leostream Connection Broker address in the Server URI edit field. For example: 4. Click Apply. The zero client must be running Teradici firmware version 4.2, or higher. PCoIP zero clients that use the PCoIP Connection Manager connection type can offer the user workstations with a PCoIP Remote Workstation card or virtual machines with the Direct-Connection Plug-in. Leostream establishes the PCoIP connection to the user s selected resource. 25

Using Leostream with the VMware View Direct-Connection Plug-in Chapter 3: Managing Your License You can view and manage license information within the Connection Broker Web interface. To view license information: 1. Click on the System tab in the top navigation menu. 2. Click on the Maintenance tab in the System page navigation menu. Viewing License Information The License Information text on the right hand side of the Maintenance page, shown in the following figure, displays the license information. The number of available licenses currently used, for example: Number of licenses in use: 7 of 100. This number indicates the number of users that can concurrently be assigned to resources using the Connection Broker. The support expiration date, for example: Your support license expires 2020-05-03. This date indicates the last date that you are eligible for Leostream support and Connection Broker updates. Contact sales@leostream.com to add users to your licenses or renew an expired support license. Updating the Connection Broker The Connection Broker information displayed on the right side of the > System > Maintenance page displays the current Connection Broker version and the last time it was updated. If you have not recently updated your Connection Broker, you can download and install updates using options on the > System > Maintenance page. The most up-to-date Connection Broker update file can be found at: http://www.leostream.com/leostream-connection-broker-updates Leostream recommends taking a snapshot of your Connection Broker virtual machine prior to installing an update. Also, qualify the Connection Broker update in a pre-production environment before you roll the new version into production. 26

Quick Start If the update options are disabled, your Leostream support license has expired and you are no longer eligible for Connection Broker updates. Contact sales@leostream.com to renew your Leostream support license. To install the Connection Broker update file: 1. Go to the > System > Maintenance page. 2. Select the Install Connection Broker update option and click Next. The following Install Update File form opens. 3. Browse for or enter the full path to the update file. 4. Click Upload File. The Connection Broker checks the new file, and opens a form indicating the current version number and the new version number. Certain browsers, such as Internet Explorer, may automatically unpack the file. If the TGZ-file was unpacked during the download from the Leostream website, the file will not upload into the Connection Broker. 5. Click Install version x.x.x.x in this form to finish the installation. The Connection Broker update may over a half hour if the Connection Broker needs to recompile components such as OpenSSL. The update is complete after the Connection Broker reboots. Installing a New License To update your support license, or add users to your license: 1. Go to the > System > Maintenance page. 2. In the Update section, select the Install new license option. 3. Click Next. 4. In the Leostream license page, shown in the following figure, enter your new license key. 27

Using Leostream with the VMware View Direct-Connection Plug-in 5. Click on the License Agreement link to open the End User License Agreement for the Leostream Connection Broker 6. Read the agreement and, if you accept it, select the I have read and accept the License Agreement check box. 7. Click Save. 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback