6.1
Table Of Contents
- Using the Horizon vRealize Orchestrator Plug-In
- Contents
- Using the VMware Horizon vRealize Orchestrator Plug-In
- Introduction to the Horizon vRealize Orchestrator Plug-In
- Installing and Configuring the Horizon vRealize Orchestrator Plug-In
- Horizon vRealize Orchestrator Plug-In Functional Prerequisites
- Install or Upgrade the Horizon vRealize Orchestrator Plug-In
- Configure the Connection to a View Pod
- Add a Horizon Air Instance
- Assigning Delegated Administrators to Desktop and Application Pools
- Configuration Tasks for Self-Service Workflows and Unmanaged Machines
- Best Practices for Managing Workflow Permissions
- Set a Policy for De-Provisioning Desktop Virtual Machines
- Using Horizon vRealize Orchestrator Plug-In Workflows
- Access the Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Library
- Horizon vRealize Orchestrator Plug-In Workflow Reference
- Add Managed Machines to Pool
- Add Unmanaged Machines to Pool
- Add User(s) to App Pool
- Add User(s) to App Pools
- Add User(s) to Desktop Pool
- Add User(s) to Horizon Air Desktop Pool
- Advanced Desktop Allocation
- Application Entitlement
- Assign User
- Desktop Allocation
- Desktop Allocation for Users
- Desktop Assignment
- Desktop Entitlement
- Desktop Recycle
- Desktop Refresh
- Global Entitlement Management
- Port Pool to vCAC
- Recompose Pool
- Recompose Pools
- Register Machines to Pool
- Remove Users from Application Pool
- Remove Users from Desktop Pool
- Remove Users from Horizon Air Desktop Pool
- Self-Service Advanced Desktop Allocation
- Self-Service Desktop Allocation
- Self-Service Desktop Recycle
- Self-Service Desktop Refresh
- Self-Service Horizon Air Desktop Allocation
- Self-Service Horizon Air Desktop Recycle
- Self-Service Release Application
- Self-Service Request Application
- Session Management
- Set Maintenance Mode
- Unassign User
- Update App Pool Display Name
- Update Desktop Pool Display Name
- Update Desktop Pool Min Size
- Update Desktop Pool Spare Size
- Syntax for Specifying User Accounts in the Workflows
- Making the Workflows Available in vSphere Web Client and vRealize Automation
- Exposing VMware Horizon vRealize Orchestrator Plug-In Workflows in vSphere Web Client
- Exposing Horizon vRealize Orchestrator Plug-In Workflows in vRealize Automation
- Create Business Groups for Delegated Administrators and End Users
- Create Services for Delegated Administrators and End Users
- Create Entitlements for Delegated Administrators and End Users
- Bind vCAC Workflows to a vCAC User
- Configure Output Parameters for vCAC Workflows
- Configure the Catalog Item for the Workflow
- Making Desktop and Pool Actions Available in vRealize Automation
- Creating Machines and Managing Pools in vRealize Automation
- Prerequisites for Creating Machines in vRealize Automation
- Create Templates and Blueprints for Adding Machines to Desktop Pools
- Use Machine Blueprints to Create and Add Desktops to Pools
- Configure a Machine Blueprint Service for Advanced Desktop Allocation
- Advanced Desktop Allocation Scenarios for Delegated Administrators and End Users
- Deleting Machines Provisioned by vRealize Automation
- Working with Unmanaged Machines
- Index
5 For machines that belong to a domain, enable and test Kerberos authentication:
a Open a command prompt and use the following commands to enable Kerberos authentication:
winrm set winrm/config/service/auth '@{Kerberos=”true”}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/client/auth '@{Kerberos=”true”}'
winrm set winrm/config/client '@{AllowUnencrypted="true"}'
b Use the following command to test Kerberos authentication:
winrm id -r:machine.domain.com -auth:Kerberos -u:administrator@domain.com -p:'password'
6 Install View Agent in the physical machine.
What to do next
Configure authentication on the vRealize Orchestrator server. See “Configure vRealize Orchestrator to Use
Kerberos Authentication with Physical Machines,” on page 73.
Configure vRealize Orchestrator to Use Kerberos Authentication with Physical
Machines
You must edit a configuration file on your vRealize Orchestrator server to specify the domain name and
domain controller name.
Prerequisites
You must have the root password if you are using the vRealize Orchestrator virtual appliance or the
administrator credentials if vRealize Orchestrator is installed in a Windows server.
Procedure
1 Log in as root (or as an administrator if you have a Windows server).
2 Search for the krb5.conf file and rename it to krb5.conf.back.
On a virtual appliance, this file is located in etc/krb5.conf, if it exists.
3 Create a krb5.conf file in the appropriate directory.
Server Type Description
Virtual appliance
/usr/java/jre-vmware/lib/security/
Windows server
C:\Program Files\Common Files\VMware\VMware vCenter Server
- Java Components\lib\security\
4 Open the krb5.conf file with a text editor and add the following lines, with the appropriate values:
[libdefaults]
default_realm = YOURDOMAIN.COM
udp_preference_limit = 1
[realms]
YOURDOMAIN.COM = {
kdc = yourDC.yourdomain.com
default_domain = yourdomain.com
}
[domain_realms]
. yourdomain.com= YOURDOMAIN.COM
yourdomain.com= YOURDOMAIN.COM
Chapter 7 Working with Unmanaged Machines
VMware, Inc. 73