Setting Up for Linux Desktops
Table Of Contents
- Setting Up Horizon 7 for Linux Desktops
- Contents
- Setting Up Horizon 7 for Linux Desktops
- Features and System Requirements
- Preparing a Linux Virtual Machine for Desktop Deployment
- Setting Up Active Directory Integration for Linux Desktops
- Setting Up Graphics for Linux Desktops
- Installing Horizon Agent
- Configuration Options for Linux Desktops
- Create and Manage Linux Desktop Pools
- Bulk Deployment of Horizon 7 for Manual Desktop Pools
- Overview of Bulk Deployment of Linux Desktops
- Overview of Bulk Upgrade of Linux Desktops
- Create a Virtual Machine Template for Cloning Linux Desktop Machines
- Input File for the Sample PowerCLI Scripts to Deploy Linux Desktops
- Sample Script to Clone Linux Virtual Machines
- Sample Script to Join Cloned Virtual Machines to AD Domain
- Sample Script to Join Cloned Virtual Machines to AD Domain Using SSH
- Sample Script to Upload Configuration Files to Linux Virtual Machines
- Sample Script to Upload Configuration Files to Linux Virtual Machines Using SSH
- Sample Script to Upgrade Horizon Agent on Linux Desktop Machines
- Sample Script to Upgrade Horizon Agent on Linux Virtual Machines Using SSH
- Sample Script to Perform Operations on Linux Virtual Machines
- Troubleshooting Linux Desktops
- Collect Diagnostic Information for Horizon 7 for Linux Machine
- Troubleshooting Copy and Paste between Remote Desktop and Client Host
- Configuring the Linux Firewall to Allow Incoming TCP Connections
- View Agent Fails to Disconnect on an iPad Pro Horizon Client
- SLES 12 SP1 Desktop does not Auto Refresh after Drag and Drop
- SSO Fails to Connect to a PowerOff Agent
- Unreachable VM After Creating a Manual Desktop Pool for Linux
3 Synchronize user information (except password) from the Active Directory to the OpenLDAP server.
4 Configure the OpenLDAP server to delegate password verification to a separate process such as
saslauthd, which can perform password verification against the Active Directory.
5 Configure the Linux desktops to use an LDAP client to authenticate users with the OpenLDAP server.
System Security Services Daemon (SSSD) LDAP Authentication
Against the Microsoft Active Directory
The SSSD LDAP authentication against the Microsoft Active Directory solution involves the following
steps:
1 To enable LDAPS, install the Certificate Services on the Active Directory.
2 To use LDAP authentication directly against the Microsoft Active Directory, configure the SSSD in the
Linux desktop.
Winbind Domain Join
The Winbind Domain Join solution involves the following steps:
1 Install the Winbind, Samba, and Kerberos packages on the Linux desktop.
2 Join the Linux desktop to the Microsoft Active Directory.
If you use the Winbind Domain Join solution or other Keberos authentication-based solution, join the
template virtual machine to the Active Directory, and re-join the cloned virtual machine to the Active
Directory. For example, use the following command:
sudo /usr/bin/net ads join -U <domain_user>%<domain_password>
Use the following options to run the domain re-join command on a cloned virtual machine for the Winbind
solution:
n
Remote connect such as SSH or vSphere PowerCLI to each virtual machine and run the command.
For more information on scripts, see Chapter 8 Bulk Deployment of Horizon 7 for Manual Desktop
Pools.
n
Include the command to a shell script and set the script path to the Horizon agent RunOnceScript
option in the /etc/vmware/viewagent-custom.conf file. For more information, see Setting Options
in Configuration Files on a Linux Desktop.
PowerBroker Identity Services Open (PBISO) Authentication
Configuring the PowerBroker Identity Services Open (PBISO) authentication solution involves the
following steps:
1 Download PBISO 8.5.6 or later from https://www.beyondtrust.com/products/powerbroker-
identity-services-open/.
Setting Up Horizon 7 for Linux Desktops
VMware, Inc. 31