Administrator's Guide HP Session Allocation Manager (SAM) v.2.1
Table Of Contents
- Introduction
- Installation
- Install the HP SAM Web Server and SQL Software
- Install and Validate the HP SAM Registration Service Software
- Install and Validate the HP SAM Client Software
- Deploy the HP SAM Registration Service to All HP SAM Computing Resources
- Deploy HP SAM Client Software to All HP SAM Access Devices
- Administration
- Log In
- General Navigation and User Interface Design
- Managing the HP SAM Administrator Access List
- HP SAM Administrator Console Tabs
- Setting Up Smart Card Login on the Access Device
- Firewall rules
- Frequently Asked Questions
- Registration Service Error Codes
- Glossary
- Index
Overview
1. When a user on an access device (desktop, notebook, thin client) requests a desktop session, the
HP SAM client sends a request to the HP SAM Web server.
a. If configured, HP SAM supports server failover. If the HP SAM Web server does not respond,
the HP SAM client goes down the list to the next HP SAM Web server.
b. The HP SAM client sends the user name and domain information to the HP SAM server.
2. The HP SAM Web server receives the user name and domain from the HP SAM client. The Web
server validates this information with the Microsoft Active Directory server. The account must be
valid and enabled in the Active Directory to continue.
3. The HP SAM Web server returns the appropriate desktop session information to the HP SAM client.
a. The HP SAM Web server determines whether or not the user still has a desktop session
running and, if so, reconnects the user to that same session (i.e., follow-me roaming). If the
user has no existing desktop session, the HP SAM Web server checks its internal database
to see what resources are available and connects the user to an appropriate resource.
b. The data returned to the HP SAM client is a DNS name (or IP address, depending on how it
is configured on the HP SAM Web server.)
c. If no computing resource is available, the HP SAM client informs the user.
4. The HP SAM client connects to the appropriate desktop session.
5. The user is then prompted at the login screen for the password. The user name and domain is
prepopulated by the HP SAM client. This step is omitted either if RDP is used or if RGS in Single
Sign-on mode is enabled and if the user has already entered the password on the HP SAM client.
NOTE: With RDP or RGS 5.1 or later, HP SAM can be configured to allow users with expired
passwords to log on. They are then required to update their passwords immediately.
6. Once the user logs in, the HP SAM registration service on the computing resource reports back to
the HP SAM Web server.
7. Once the user disconnects or logs out, the HP SAM registration service updates the HP SAM Web
server with the new information.
HP SAM Software Components
The following are the primary components of HP SAM.
●
HP SAM Client—The HP SAM Client runs on the access device and displays the graphical
interface employed by the user to request a connection from a client computer to a computing
resource. When the user requests a connection, the HP SAM client communicates this request to
the HP SAM Web Server for execution.
●
HP SAM Web Server—The HP SAM Web Server (web server) runs on Windows Server 2003 and
manages the operation of HP SAM. A request is made to the web server when an access device
user requests a connection to a computing resource. The web server validates the request, and
then communicates back to the access device to orchestrate the connection. In addition, the web
server supports a browser interface to allow the HP SAM administrator to set up, configure, and
administer HP SAM.
●
HP SAM SQL Software—The HP SAM SQL Software (SQL software) also runs on Windows
Server 2003 and provides a database to store HP SAM information, such as user IDs, client
computer IDs, and the roles supported by the computing resources. The web server accesses this
How It Works (Overview) 3