I have a test environment using linked clones in a persistent pool. My question is once the linked clone is assigned to a user in a persistent environment, how do you disassociate that user from the assigned desktop in the event of employee termination, job change, etc?
Thanks
Hi torquilcleric
In a persistent desktop pool, the user mapping to his assigned desktop is stored into the ADAM database. So everytime the user connects through view client or view portal, he/she connects to the same assigned desktop. As far as I know, you can't remove that assignement through view manager and also not through the command line tool..--
Question; why do you not remove that VM in view manager, and create a new one for next user?
you can also sort this issue out by removing the users assignment attributes in LDAP - but seems not to be the supported way.. see: http://communities.vmware.com/thread/131943
br, AAW
Hi torquilcleric
In a persistent desktop pool, the user mapping to his assigned desktop is stored into the ADAM database. So everytime the user connects through view client or view portal, he/she connects to the same assigned desktop. As far as I know, you can't remove that assignement through view manager and also not through the command line tool..--
Question; why do you not remove that VM in view manager, and create a new one for next user?
you can also sort this issue out by removing the users assignment attributes in LDAP - but seems not to be the supported way.. see: http://communities.vmware.com/thread/131943
br, AAW
Is there any way to script against view manager? In an environment with relatively high churn, how can we automate the removal of linked clones after a given period of inactivity?
Why would you need to remove the linked clone? if it is a none-persistant pool it can be utilised by the next user just as well.
If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Tom Howarth VCP / vExpert
VMware Communities User Moderator
Blog: www.planetvm.net
Contributing author for the upcoming book "VMware Virtual Infrastructure Security: Securing ESX and the Virtual Environment”.
Ok, so maybe a little more explanation is needed...
Linked clones are a given, and will be used for whatever we decide, but we haven't decided between persistent and non-persistent desktops. If we go non-persistent, then we have to manage the profiles and sandbox data. That's assuming all the apps can be thinapp'd - we don't know that yet. We may still have to manage profiles for apps that won't work with thinapp. If we go with persistent pool, then all their data stays there, and we have to manage the VMs when somebody leaves. So if a user leaves the company, his persistent desktop stays there. We're meeting with security to see what their process now is, for how to remove a physical PC, and may be able to translate that into a process to remove a virtual PC. But if we could script something to not give them access into View Manager, that would be handy. And we don't want to "own" pc removal. What I'm looking for is somehting like Lab Manager has, where you can set an expiration, except the expiration would be relative to the last time the VM was used. Maybe that should be a feature request?
you would remove the linked clone from vCenter, by doing a remove from disk or remove from inventory and the View Manager would provision another instance if necessary.
If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Tom Howarth VCP / vExpert
VMware Communities User Moderator
Blog: www.planetvm.net
Contributing author for the upcoming book "VMware Virtual Infrastructure Security: Securing ESX and the Virtual Environment”.
I believe you can use the vdmadmin.exe command to do this.
It's a command line utility that comes with the View Connection Server: C:\Program Files\VMware\VMware View\Server\bin"
From a DOS prompt, type "vdmadmin.exe /?" to see the available options.