VMware Horizon Community
caryers
Contributor
Contributor
Jump to solution

Multiple AD Domain Access

We are a Windows 2k3/2k8 and VDI View 5.0.1 shop that recently took over a sister agency that has their own AD domain. We would like to configure our View environment to allow this new group to login to their own AD domain within our VDI environment. We have recently configured a successful AD trust between the two primary AD domains. Since that trust has been created, I now see a Red Alert in my dashboard view within the View GUI under "Other components\Domains". 

The Red Status indicates...

  • "The trust relationship could not be determined."
  • "Domain status error detected. View Administrator is unable to perform operations related to domain."   

However, outside of View, Trust access on the desktops within each domain are working fine. Additionally, the View client does not allow you to select a different domain.

What else do I need to do within the many View components to allow VDI access to this other AD domain?

Thanks in advance...

Scott

Hillsborough County/ITS


Reply
0 Kudos
1 Solution

Accepted Solutions
Abum75
Contributor
Contributor
Jump to solution

You may need to add the domain NETBIOS name and domain FQDN via the vdmadmin utility:

Open a command prompt one one of your brokers/connection servers and run the following commands:

vdmadmin -N -domains -include -domain FQDN of the domain to add -add

          Output should look something like this: "The domain FQDN domain name has been added to the include list for the cluster."

vdmadmin -N -domains -include -domain NETBIOS domain name to add -add

          Output should look something like this: "The domain NETBIOS domain name has been added to the include list for the cluster."

vdmadmin -N -domains -list -active

  Output should be something like this:

  Domain Information (<Connection Broker Server>)

  ===================================

  Primary Domain: FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

Thanks,

Jason D.

View solution in original post

Reply
0 Kudos
5 Replies
mittim12
Immortal
Immortal
Jump to solution

Did you configure a two way trust?

Reply
0 Kudos
caryers
Contributor
Contributor
Jump to solution

yes

Reply
0 Kudos
vcpguy
Expert
Expert
Jump to solution

Can you restart all your View Broker and test it?

----------------------------------------------------------------------------- Please don't forget to reward Points for helpful hints; answers; suggestions. My blog: http://vmwaredevotee.com
Reply
0 Kudos
Abum75
Contributor
Contributor
Jump to solution

You may need to add the domain NETBIOS name and domain FQDN via the vdmadmin utility:

Open a command prompt one one of your brokers/connection servers and run the following commands:

vdmadmin -N -domains -include -domain FQDN of the domain to add -add

          Output should look something like this: "The domain FQDN domain name has been added to the include list for the cluster."

vdmadmin -N -domains -include -domain NETBIOS domain name to add -add

          Output should look something like this: "The domain NETBIOS domain name has been added to the include list for the cluster."

vdmadmin -N -domains -list -active

  Output should be something like this:

  Domain Information (<Connection Broker Server>)

  ===================================

  Primary Domain: FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

  Domain: NETBIOS domain name DNS:FQDN domain name

Thanks,

Jason D.

Reply
0 Kudos
ingplat
Contributor
Contributor
Jump to solution

I have a 2k8/2k8 with Horizon View 5.3 with the exact same problem.

When I first set up the two way trust it didn't work. After a few hours the 2nd domain appeared green in the dashboard, but the next day when I logged in to the admin console, the 2nd domain went back to red under the same status.

I have tried Abum75's solution but it doesn't work, it actually removes the 2nd domain from the dashboard.

Can anyone else suggest a solution?

Thanks,

Nicolas.

Reply
0 Kudos