Create the UEM GPO (although this contains user settings) and apply them on the Computer OU.
Enable Loopback processing mode and configure this to Replace.
Computers, thats where I had them prior to using the noAD mode, and everything worked as expected.
Here is information on noad mode if your not familar
https://kb.vmware.com/s/article/2148324
basically instead of a gpo controlling uem, you point UEM to a config file. For enviornments with multiple domains I'm pretty sure this is a requirement,
Create the UEM GPO (although this contains user settings) and apply them on the Computer OU.
Enable Loopback processing mode and configure this to Replace.
For example, If I create the OU Structure as below,
Horizon (Main OU)
----->Horizon Computers(Sub OU)- Put all the Virtual desktops , Connection server, composer, UEM servers etc.. -- Apply UEM GPO *** only here, including loopback processing also
----->Horizon Users ( Sub OU)- Horizon local users, Domain user Group(security groups)--
will be the right approach???
Yes that would work. I also have a horizon specific ou but place ad objects outside of that for special cases. Basically wherever the computer object is is where the gpo needs to be, and in that gpo you can enable the loopback processing.