Hi Guys, I want to test creating Pools using 2 Active Directory domains. I've setup my environment as follow:
Domain A
1- Connection Server
2- Composer Server
3- Security server
4- vCenter Server
Domain B
1- Connection Server
2- Created a separate View Composer account
At the moment Horizon View 5.3.2 is fully functional on Domain A. But I need your help deploying pool using Domain B. After setting up Connection Server(joined to Domain B) I tried to add Domain B using View Composer account by logging to View Admin(Domain A) > Edit vCenter Server > Edit View Composer Settings > Verify Server Informations(under Domain) but I'm getting "Bad domain name"
Could you guys please help or send me a link to setup one-way trust which is needed for VMware View so that I can deploy Pool using Domain B.
Without creating any trust, I've added Domain B conditional forwarder on Domain A which let me add the Domain B without "Bad domain name" pop up. But I don't know what to do next. Can someone please guide me.
Regards
Hi,
I have made below configuration to create 2 different pools where VM's are joined to 2 different domains.
I have Domain-A & Domain-B which have 2 way trust configured by AD team.
I have deployed 3 Win 2k8 servers and added them to Domain-A. On one server i have installed vCenter & composer and on one server i have installed connection server & the second one i have made the replia server of existing connection server.
In connection server, i have added vCenter & composer. i have 2 different users who has domain joining rights in Domain-A & Domain-B.
Domain-A\abcUser
Domain-B\xyzUser
I have added above 2 users in the view composer settings under Domain. PFA.
While creating a pool, in Guest Customization tab for Domain-A users i have chossen Domain-A\abcUser ID to add machine to Domain-A and the AD container which is present in Domina-A to place the machines.
for Domain-B users created another pool and in Guest Customization tab i have chossen Domain-B\xyzuser and the AD container which belongs to Domain-B to place the machines.
If you want to add a machines to different domain, you need not to deploy a connection/replica server in each domain. Just add domain user ID in the view composer domain tab and choose the right ID while creating the pool.
Is the connection server on Domain B is installed as a replica server ?
If answer is Yes:
Ensure Two way transitive trust is is configured. Domain Names are resolvable across the member machines (also from View Composer)
If answer is No:
Use user principal names for VC and View composer,
Try to add VC alone, then check if the error is only for composer
(Try to add using IP address and verify)
Note: Composer account should have administrative privilege on the local machine where the composer is running.
Hi, thanks for the reply. Domain B Connection Server is a Standalone "Standard Server" . Domain A and Domain B are both at different locations connected through VPN.
Just to be clear I want to create VDI Pool so users from Domain B can have their own VDI using Domain A vCenter and View Composer.
I've the following link basically this is what I'm trying to achieve.
http://community.spiceworks.com/topic/336411-vmware-view-multiple-domains-without-a-two-way-trust
Please help.
Cheers
Guys, I ended up with 2-way trust. Now how can I create Pools using Domain B Connection Server? If I login to Domain B Connection Server https://DomainBconnectionserver/admin and try to add Pool it says "No vCenter Server has been configured". Do I need to configure same vCenter and Composer Server in Domain B or is there any way I can assign Domain B Connection Server when creating pool from Domain A?
Please help
Regards
Hi,
I have made below configuration to create 2 different pools where VM's are joined to 2 different domains.
I have Domain-A & Domain-B which have 2 way trust configured by AD team.
I have deployed 3 Win 2k8 servers and added them to Domain-A. On one server i have installed vCenter & composer and on one server i have installed connection server & the second one i have made the replia server of existing connection server.
In connection server, i have added vCenter & composer. i have 2 different users who has domain joining rights in Domain-A & Domain-B.
Domain-A\abcUser
Domain-B\xyzUser
I have added above 2 users in the view composer settings under Domain. PFA.
While creating a pool, in Guest Customization tab for Domain-A users i have chossen Domain-A\abcUser ID to add machine to Domain-A and the AD container which is present in Domina-A to place the machines.
for Domain-B users created another pool and in Guest Customization tab i have chossen Domain-B\xyzuser and the AD container which belongs to Domain-B to place the machines.
If you want to add a machines to different domain, you need not to deploy a connection/replica server in each domain. Just add domain user ID in the view composer domain tab and choose the right ID while creating the pool.
Hi,
Thanks for the detailed workaround. I was trying to make it work with one-way trust but that didn't look promising.
If you don't have any issues setting up Two-way trust between both domains then everything should work fine as per your perfect guideline. Also VMware recommends to use two-way trust.
I was managed to deploy 2 different pools on both domains and entitled users were logged in as well from both domains.
I haven't tested logging through security server yet. Have you deployed security security server on your end?
Also when you login through View Client or through Blast, it shows 2 domains in drop down list. Can we customize it so only DomainA shows to DomainA users? I don't think that's possible but please guide.
Thanks again for the help.
Regards,
MQ
Hi,
I have not tested it through security server and we are not using security server.
I think the setting which your are looking for default domain for two different domain users is also not possible.
There a detailed article related to this discussion at http://incloudnet.com/?p=2
It worked great even with Security Server. I couldn't find anything for default domain for two different domain users.
Cheers
Thanks this article should help others who are looking multiple AD domains on VMware Horizon View.
So I have a questions on this setup, although View 7 supports the one way trust I'm curious about the Connection Server in Domain B.
If I have the following and Domain B Trusts Domain A - can these connection servers be Primary and Replica? as below?? or would they both need to be standard?
Domain A
- Connection Server - Replica (due to the Domain B trusting Domain A)
- Composer Server
- vCenter Server
Domain B - (Deploy desktops here)
- Created a separate View Composer account
- Connection server - Primary?