6.1
Table Of Contents
- Using the Horizon vRealize Orchestrator Plug-In
- Contents
- Using the VMware Horizon vRealize Orchestrator Plug-In
- Introduction to the Horizon vRealize Orchestrator Plug-In
- Installing and Configuring the Horizon vRealize Orchestrator Plug-In
- Horizon vRealize Orchestrator Plug-In Functional Prerequisites
- Install or Upgrade the Horizon vRealize Orchestrator Plug-In
- Configure the Connection to a View Pod
- Add a Horizon Air Instance
- Assigning Delegated Administrators to Desktop and Application Pools
- Configuration Tasks for Self-Service Workflows and Unmanaged Machines
- Best Practices for Managing Workflow Permissions
- Set a Policy for De-Provisioning Desktop Virtual Machines
- Using Horizon vRealize Orchestrator Plug-In Workflows
- Access the Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Reference
- Add Managed Machines to Pool
- Add Unmanaged Machines to Pool
- Add User(s) to App Pool
- Add User(s) to App Pools
- Add User(s) to Desktop Pool
- Add User(s) to Horizon Air Desktop Pool
- Advanced Desktop Allocation
- Application Entitlement
- Assign User
- Desktop Allocation
- Desktop Allocation for Users
- Desktop Assignment
- Desktop Entitlement
- Desktop Recycle
- Desktop Refresh
- Global Entitlement Management
- Port Pool to vCAC
- Recompose Pool
- Recompose Pools
- Register Machines to Pool
- Remove Users from Application Pool
- Remove Users from Desktop Pool
- Remove Users from Horizon Air Desktop Pool
- Self-Service Advanced Desktop Allocation
- Self-Service Desktop Allocation
- Self-Service Desktop Recycle
- Self-Service Desktop Refresh
- Self-Service Horizon Air Desktop Allocation
- Self-Service Horizon Air Desktop Recycle
- Self-Service Release Application
- Self-Service Request Application
- Session Management
- Set Maintenance Mode
- Unassign User
- Update App Pool Display Name
- Update Desktop Pool Display Name
- Update Desktop Pool Min Size
- Update Desktop Pool Spare Size
- Syntax for Specifying User Accounts in the Workflows
- Making the Workflows Available in vSphere Web Client and vRealize Automation
- Exposing VMware Horizon vRealize Orchestrator Plug-In Workflows in vSphere Web Client
- Exposing Horizon vRealize Orchestrator Plug-In Workflows in vRealize Automation
- Create Business Groups for Delegated Administrators and End Users
- Create Services for Delegated Administrators and End Users
- Create Entitlements for Delegated Administrators and End Users
- Bind vCAC Workflows to a vCAC User
- Configure Output Parameters for vCAC Workflows
- Configure the Catalog Item for the Workflow
- Making Desktop and Pool Actions Available in vRealize Automation
- Creating Machines and Managing Pools in vRealize Automation
- Prerequisites for Creating Machines in vRealize Automation
- Create Templates and Blueprints for Adding Machines to Desktop Pools
- Use Machine Blueprints to Create and Add Desktops to Pools
- Configure a Machine Blueprint Service for Advanced Desktop Allocation
- Advanced Desktop Allocation Scenarios for Delegated Administrators and End Users
- Deleting Machines Provisioned by vRealize Automation
- Working with Unmanaged Machines
- Index
Horizon vRealize Orchestrator Plug-In Architecture
vRealize Orchestrator and vRealize Automation provide the architecture that supports the
Horizon vRealize Orchestrator plug-in functions.
vRealize Orchestrator plug-ins allow seamless automation between the software environment in which the
workflows are executed and the products with which the workflows interact. With the
Horizon vRealize Orchestrator plug-in, workflows can be exposed natively, through the vSphere Web
Client, to delegated administrators, and through the vRealize Automation service catalog. Although
entitlement, scheduling, and execution of workflows are exposed through the vSphere Web Client and
vRealize Automation, you can customize and configure the workflows only in the vRealize Orchestrator
client.
The following diagram illustrates the Horizon vRealize Orchestrator plug-in architecture.
Figure 1‑1. Horizon vRealize Orchestrator Plug-In Architecture
Self-service
request and approval
multi-tenancy
vRealize Automation
service catalog
Run and schedule
workflows
vSphere Web Client
Install and customize
workflows
vRO Orchestrator
Self-service for
EU and DA
View management
and automation
Horizon vRO
plugin
IT
admin
End
users
IT
admin
VMware
Horizon vRealize Orchestrator Security Model
The Horizon vRealize Orchestrator plug-in uses a trusted account security model. The administrator
provides the credentials to the initial configuration between the View pod, the Horizon Air tenant, and the
plug-in, and that trusted account is the security context that all workflows use between
vRealize Orchestrator and VMware Horizon 6.
Additional levels of permissions also restrict which users can see and edit the workflows within
vRealize Orchestrator. All Horizon vRealize Orchestrator plug-in workflows must be explicitly configured
for execution. Access to the workflows requires both the permissions and the vRealize Orchestrator client
interaction with the client.
In addition, the third level of security is an access layer between where the workflows are executed, in
vRealize Orchestrator, and where they are exposed to delegated administrators and end users, in the
vSphere Web Client and vRealize Automation.
n
Administrators use the vCenter Single Sign-On implementation to allow access by users or groups to
run workflows within vSphere Web Client.
Chapter 1 Introduction to the Horizon vRealize Orchestrator Plug-In
VMware, Inc. 11