6.1
Table Of Contents
- Using the Horizon vRealize Orchestrator Plug-In
- Contents
- Using the VMware Horizon vRealize Orchestrator Plug-In
- Introduction to the Horizon vRealize Orchestrator Plug-In
- Installing and Configuring the Horizon vRealize Orchestrator Plug-In
- Horizon vRealize Orchestrator Plug-In Functional Prerequisites
- Install or Upgrade the Horizon vRealize Orchestrator Plug-In
- Configure the Connection to a View Pod
- Add a Horizon Air Instance
- Assigning Delegated Administrators to Desktop and Application Pools
- Configuration Tasks for Self-Service Workflows and Unmanaged Machines
- Best Practices for Managing Workflow Permissions
- Set a Policy for De-Provisioning Desktop Virtual Machines
- Using Horizon vRealize Orchestrator Plug-In Workflows
- Access the Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Reference
- Add Managed Machines to Pool
- Add Unmanaged Machines to Pool
- Add User(s) to App Pool
- Add User(s) to App Pools
- Add User(s) to Desktop Pool
- Add User(s) to Horizon Air Desktop Pool
- Advanced Desktop Allocation
- Application Entitlement
- Assign User
- Desktop Allocation
- Desktop Allocation for Users
- Desktop Assignment
- Desktop Entitlement
- Desktop Recycle
- Desktop Refresh
- Global Entitlement Management
- Port Pool to vCAC
- Recompose Pool
- Recompose Pools
- Register Machines to Pool
- Remove Users from Application Pool
- Remove Users from Desktop Pool
- Remove Users from Horizon Air Desktop Pool
- Self-Service Advanced Desktop Allocation
- Self-Service Desktop Allocation
- Self-Service Desktop Recycle
- Self-Service Desktop Refresh
- Self-Service Horizon Air Desktop Allocation
- Self-Service Horizon Air Desktop Recycle
- Self-Service Release Application
- Self-Service Request Application
- Session Management
- Set Maintenance Mode
- Unassign User
- Update App Pool Display Name
- Update Desktop Pool Display Name
- Update Desktop Pool Min Size
- Update Desktop Pool Spare Size
- Syntax for Specifying User Accounts in the Workflows
- Making the Workflows Available in vSphere Web Client and vRealize Automation
- Exposing VMware Horizon vRealize Orchestrator Plug-In Workflows in vSphere Web Client
- Exposing Horizon vRealize Orchestrator Plug-In Workflows in vRealize Automation
- Create Business Groups for Delegated Administrators and End Users
- Create Services for Delegated Administrators and End Users
- Create Entitlements for Delegated Administrators and End Users
- Bind vCAC Workflows to a vCAC User
- Configure Output Parameters for vCAC Workflows
- Configure the Catalog Item for the Workflow
- Making Desktop and Pool Actions Available in vRealize Automation
- Creating Machines and Managing Pools in vRealize Automation
- Prerequisites for Creating Machines in vRealize Automation
- Create Templates and Blueprints for Adding Machines to Desktop Pools
- Use Machine Blueprints to Create and Add Desktops to Pools
- Configure a Machine Blueprint Service for Advanced Desktop Allocation
- Advanced Desktop Allocation Scenarios for Delegated Administrators and End Users
- Deleting Machines Provisioned by vRealize Automation
- Working with Unmanaged Machines
- Index
Configuration Tasks for Self-Service Workflows and Unmanaged
Machines
You must run some configuration workflows to enable self-service features and management of virtual
machines that have not yet been added to a View pod.
1 Set access rights for delegated administrators on the GuestCredentialConfiguration and
SelfServicePoolConfiguration configuration elements in the View folder. See “Best Practices for
Managing Workflow Permissions,” on page 22.
2 Run the Add Guest Credential workflow, in the Configuration/Horizon Registration Configuration
folder, before using any of the workflows for registering unmanaged machines.
Unmanaged machines are virtual machines that are managed by a vCenter instance that has not been
added to View. That is, if you log in to View Administrator, and go to View Configuration > Servers >
vCenter Servers, you will not see the vCenter Server instance in the list.
You must register an unmanaged machine with a View Connection Server instance before you can add
the virtual machine to a manual desktop pool. To run the Add Guest Credential workflow, you must
have local or domain administrator credentials for the virtual machine.
3 Run the Manage Delegated Administrator Configuration for Registration workflow, in the
Configuration/Horizon Registration Configuration folder, to allow the specified delegated
administrator to use the guest credentials and access the datacenter or virtual machine folder that
contains the unmanaged virtual machine.
4 Run the appropriate Manage Self Service Pool Configuration workflow to specify which desktop and
application pools will be available for self-service workflows in the Workflows/vCAC folder.
n
For Horizon Air desktop pools, the Manage Self Service Pool Configuration workflow is located in
the Configuration/Horizon Air Configuration/Self Service Pool Configuration folder,
n
For desktop and application pools provided through a Horizon pod or federation, the Manage Self
Service Pool Configuration workflow is located in the Configuration/Self Service Pool
Configuration folder,
Best Practices for Managing Workflow Permissions
You can use Orchestrator to limit which personas can see and interact with the workflows. Ideally, only the
administrator interacts with workflows in vRealize Orchestrator. Delegated administrators and end users
should interact with the workflows through the vSphere Web Client or through vRealize Automation.
The Horizon vRealize Orchestrator plug-in installs a number of workflows that are organized into
directories in the vRealize Orchestrator UI. The API access and Business logic folders are not intended to
be modified because their contents form the building blocks of the other executable workflows. To prevent
unauthorized customization of workflows, as a best practice, for certain folders, remove edit permissions for
all users except the administrator.
IMPORTANT The suggested permission settings listed in this topic are required only if you want to hide the
CoreModules folder and the configuration elements inside the View folder from delegated administrators and
end users.
In the Workflows view, you can set the following access rights:
n
On the root folder in the left pane, set the access rights so that delegated administrators have only View
and Execute permissions.
n
On the Configuration folder and CoreModules folder, set the access rights so that delegated
administrators have no permissions, and therefore cannot even see the folders. This restriction will
override the permissions set at the root folder.
Using the Horizon vRealize Orchestrator Plug-In
22 VMware, Inc.