Amazon Banner

Thursday, October 8, 2015

Connecting to Multiple VMware Horizon Desktop

Recently been asked how can you connect to multiple Horizon Desktops from an endpoint.  Just to get things right there are just two ways depending where your virtual desktops are at.

Scenario 1
Multiple virtual desktops from the same connection server but in different desktop pools.

With Horizon Client, you will be able to connect multiple virtual desktops you are entitled to from just single instance whether on Mac of Windows as the Horizon Client window will be left open for you to select other virtual desktops to connect.

Scenario 2
Mutiple virtual desktops from different connection servers.

In this case, you will need to launch another instance of Horizon Client to connect to every connection server.  In Windows, this is easily done however on Mac, this might be a challenge.  You can of cause run a commend as written by this author here, to run another instance on Mac via Terminal window and keep it on the dock so you get two instance anytime you need it.

Can I connect to multiple virtual desktops from the same desktop pool with the same user credential?

How can I connect to multiple desktops with same user credential?
Create multiple desktop pools as each user credential is only entitled to one desktop connection per desktop pool.

Wednesday, September 9, 2015

VMware OEM Technical Support

Often come across this confusion between VMware License and VMware OEM License.  I wrote previously here the use of Open and OEM where VMware OEM license is some what different from other software OEM license e.g. Microsoft.

Now what about support.  What do you get from VMware OEM license support?  Here is an article from VMware and an uploaded copy here.

For VMware Support, you will contact VMware Support hotline or via myVMware license portal to seek for support request.  Level 1 to Level 3 support will come direct from VMware.

For VMware OEM Support, you will contact through respective OEM partner support center route.  You can refer to Page 7-8 of the above document, you can see that Level 1 and 2 will be provided by the OEM partner and ownership is by the partner.

Upon required the need of a Level 3 support, will it route to VMware Support as extracted the statement from the document.  At Level 3, the communication is only between customer and OEM partner support.  OEM partner will be the medium to communicate the two way communication between customer and VMware Level 3 Support.

"During Level 3 support interactions, the OEM Partner is responsible for managing the support relationship and ongoing communication with the customer including, requests by the customer for escalation"

Hope this clear up some of the questions the difference between both Support types.  The document also detailed other information like Severity, and more.

Which support would be your next question you should purchased?  This depends on your need and budget.  OEM support always comes at an attractive price with OEM License together.  If the lead time is acceptable and you are comfortable with the route of support arrangement, it is definitely OEM.  Time where direct support and lowest lead time is required its best to have a direct VMware Support.

Can you then mixed different type of licenses in an environment?  Advice is not to.  You might end up with different support.  Imagine logging a case with VMware and halfway down to see that other hosts are licensed via OEM, you just make troubleshooting difficult as that will not be covered.  Don't make your life difficult savibg a few bucks.

FAQ based on the document above

I have VMware OEM license from "A", can I log a VMware Support?
Yes via "A" partner support center contact.

Who will provide me VMware Support for OEM license?
The OEM partner will provide Level 1 and 2 support directly.

How will VMware Support comes in?
When issues cannot be resolve through OEM partner Level 1 and 2 support, OEM partner support will engaged VMware Level 3 support.  VMware Support will liaise directly with OEM Partner support who follow up customer who log the call.

Can I speak to a VMware Support staff directly calling OEM partner support route?
All communication will be through OEM partner support.

In what situation can I have direct support and use VMware hotline to raise a support ticket?
When you own VMware Open license and with valid Subscription and Support.

How long will OEM partner get back from VMware support if it has escalated to Level 3?
It depends as there are lead time between OEM Partner and VMware Support as well as the lead time from OEM partner to customer.

Wednesday, September 2, 2015

What's New at VMworld 2015

With VMworld 2015 starting today, there will always be new announcement.  Here I am going to summarize what are the new stuff that will be release in a nutshell and detail some of them in later post.

vSphere 6.0 U1
- Tech preview of vSphere Web Client Update Manager
- able to migration embedded PSC to external PSC
- added vCloud Air web client to plugin

Virtual SAN (VSAN) 6.1
- stretch cluster in All-Flash VSAN
- 2 nodes ROBO office with witness in main site
- vSphere Replication to support 5 minutes RPO
vSphere with Operations Manager 6.1 (vSOM), vRealize Operations 6.1 (vR Ops), vRealize Operations Insight 6.1 (vROI)
vR Ops Standard Edition now comes with SDDC management packs which include VSAN, vCloud Ai, NSX Update 17th Sept 2015: Apparently vR Ops 6.1 Advanced and above will have these management packs.
- New OS & Applications monitoring starting with 5 supported apps.  More to come.
- Tech preview: Workload Placement Engine (WLP) working with DRS

vCenter Site Recovery Manager 6.1
- Support of Metro cluster vMotion during planned downtime across different physical sites

- Previously named as EVO:RACK in tech preview
- 1/3 rack minimum

-  available in 5 hardware profiles
- support up to 64 nodes with 16 appliances

vCloud Air Compliance (EAP-US)
- Realize visibility for continuous monitoring of compliance
- applicable for on premise and off premise services

Horizon 6.2
- Horizon for Linux vGPU and vSGA support on top of existing vDGA
- Support for Skype Business
- New AMD GPU support for vDGA
- All-Flash VSAN support
- Zero day support for Windows 10
- Announce of Project Enzo

VMware Identity Manager Advanced Edition
- Previously known as VMware Workspace
- Advanced added support on SSO with enrollment of mobile devices for use to access applications via iDM

Wednesday, August 26, 2015

vSphere 6 Hardening Guide Release

With the release of vSphere 6.0 in Mar, the hardening guide is finally announced release today.  There is some different approach via vSphere API which is used in this release to help audit or implement using the guide.

You can also bookmark this page for all the other version vSphere hardening guide.

Tuesday, August 25, 2015

vExpert 2015 Second Half Announcement

Here I like congrats all new vExpert 2015 with the second half results announced 1 week before VMworld 2015.  Results can be viewed here

If you are going to VMWorld this year, remember to grab all the freebies for vExpert as well as the meetup just for vExpert.

If you miss the application, look out for the application for vExpert 2016 likely end of this year.

Monday, August 17, 2015

Is VMware vCloud Suite Bundle Becoming Irrelevant?

Software Defined Data Center (SDDC) is a term often used to illustrate the light of abilities to management and monitor your one or multiple data centers whether it is a private, managed or public cloud environment or mixed of anything.  With the ability to also having a centralize platform and ability to automate certain daily operation tasks to create an agile and efficient IT infrastructture.  Instead of having different silos creating the same overheads that once appear when everything was in a physical infrastructure where each applications could still be using a specific hardware set.

In the past, VMware introduced the vCloud Suite to allows customer to build their own cloud.  However with the adoption of mutliple clouds, VMware came up with another bundle.

VMware introduced the vRealize Suite (vR Suite) in both Advanced and Enterprise last year and this comprises of vRealize Operations Suite, Log Insight, vRealize Automation and vRealize Business all in one bundle.

vRealize Suite can be add on top for customer who are on naked vSphere.  For customers on vSphere with Operations Management (vSOM) or vRealize Operations Insight (vROI), it becomes contradicting as it get duplicates of the vRealize Operations Suite from vSOM and vRealize Suite.  For customers who are on vROI or vSOM, the only upgrade path is to vCloud Suite bundle.

However vCloud does not comes with Log Insight which makes monitoring shortfall of Log analysis.  Moreover in the vCloud Suite Advanced and Enterprise, the vRealize Business Standard (which is available in these two bundles) is not able to extend to Public Cloud as it is a different software of it's own to vRealize Business Advanced/Enterprise.  In addition, in vCloud Suite Enterprise, it included Site Recovery Manager (SRM).  However not everyoneone would really need SRM to protect the whole infrastructure but perhaps a small subset.  In such, it makes more sense to purchase this ala cart just enough to cover whatever is protected by SRM.

To add on with the new vCloud Suite bundle, the removal of vCloud Director (vCD) and vCloud Networking and Security (vCNS), makes the whole vCloud Suite bundle less attractive and appear more expensive comparing to vRealize Suite.

On the other hand, vRealize Suite can be purchase with naked vSphere without having to upgrade their vSphere.  This allows customer to save the additional renewal they will incur on a higher upgrade of vSphere e.g. vSOM or vROI.

To start with vRealize Suite and implement everything in the Suite on Day 1 is nearly impossible.  Often many will start small.  This also make vRealize Suite less attractive as there isn't a gradually phase upgrade unlike customer moving to a vCloud Suite from vSOM to vROI before vCloud Suite.

With many enterprises embarking on public clouds or having multiple private clouds and wanting to automate and centralize platform of monitoring and management, vRealize Suite look more for the fit than vCloud Suite.

As VMworld is coming, let's wait and see what other bundling or improvement that could allows customers to adopt a possible approach into a Software Defined Data Center.

Monday, August 3, 2015

vSphere 6.0 Web Client Integration Plug-in Bug Fix

So the new vSphere 6.0 has release, what is great on one of the functionality is the web client.  It has always be crawling since it was introduced in vSphere 5.0.  In vSphere 6.0, it was promised with great performance improvement and it was great!

On day 0 daily operations activity, accessing the VM console is essential and often used.  When you launch the vSphere Web Client, you will be at the login page.  Below you will see the link to download the Client Integration Plug-in as shown below:

After installing, you will be able to access the VM console after logging in.  Upon login, you will see the screen below when a VM is selected:

Above you see the screenshot taken from Hands-on-Lab.  To access a VM console you will have selected the VM and on the right you will see the above.  Clicking on "Launch Console", will launch the VM console in a new tab\window of your browser.  However this link is invalid!  So how are you going to use the console?  You must be kidding me!

Now take a deep breath, the answer is simple just click on the Preview image of the console just above of the linked text.  This will open another tab\window so you can access the console.

So now you are in the console as show above, however you find your mouse is not that responsive when you click within the console or is it?  After figuring around, a discovery was found.  As shown above the area shaded in RED, this area has no mouse interaction.  This leave you with a small area to work in a console.  Which means you cannot access any portion shaded at the bottom and right that made up of two third of the whole screen!  Who on earth decided the use of such a console screen?

Now I know you will very piss off.  How on earth did this happen?  Are you stuck now?

The solution here is NOT to install the Client Integration Plug-in.  Instead head over to VMware Download page of vSphere, under Drivers & Tools section, you will see a VMware Remote Console.  Download and install this instead.

So the next time you access the VM console, just use the VMware Remote Console.  This time it will work nicely.

Why did VMware release two different console one as a Plug-in while one is a standalone console?  I have no idea.  But with the VMware Remote Console, you can copy a link to a VM Console and send to someone with VMware Remote Console installed to access it.  Provided they have the credential to the server and vCenter.

Now is to wait for the future release to have this fixed.  For now, at least you can access your VM console and carry on your daily operations activity!

Saturday, July 11, 2015

VMware vRealize Operations (vR Ops) Requirements

Decided to fill up the missing information which was not listed in the documentation of vRealize Operations neither was it stated anywhere by anyone in any blog post that I tried to Google around.

Was doing a vSphere Optimization Assessment (VOA) and wanted to advise customer on the resources required.  Other than the documentation from here or from the vR Ops Installation Guide, it does not state what was provided e.g. the different profile sizes of the vApp is suited for which type of environment other than running the deployment wizard.  This is not very helpful especially when you are doing planning and the only way to get that information is to deploy it.

Upon deploying, you will get to know the disk size that vR Ops will use.   Based on documentation, was 250GB however in the wizard it shows 1.4GB for thin provisioned and 266GB for thick provisioned.

 vSphere Client

 vSphere Web Client

There are four profile sizes of the vR Ops vApp namely: extra small, small, Medium, Large.  You will find the sizes resources requirements from the sources provided above. Each profile is suited for what type of environment is only found here in the wizard.

vR Ops vApp
Extra Small:below 2000 VMs (not supported for production usage but mainly for testing)
Small: not more than 2000 VMs
Medium: Between 2000 - 4000 VMs
Large: 4000 VMs and above

Remote Collector
Standard: small to medium (I am assuming it is referring to the profile size of the above)
Large: Large environment

 vSphere Client showing small vApp

 vSphere Web Client showing small vApp

Some Gotcha here.  During the deployment in the wizard, you will need to enter your networking settings.  On the vSphere Client, this was not an issue it was ver clear.  However on the vSphere Web Client, this is not that obvious.  You will need to expand out to see it.  If you did not take not you will miss this portion as shown below:

vSphere Web Client requires to expand to show network setting
 vSphere Web Client showing the network setting

Running out of Disk Space?
What if you run out of space for your vR Ops vApp?  The procedures of increasing the disk size is stated here.  It is fairly easy by just shutting down the vApp and expanding the vDisk 2 or adding a new vDisk and powering up and everything will be automatically detected.  That definitely make life easier without having to bother to configure later.

Network Ports
Some environment require vR Ops to be placed in another network no similar to vCenter.  This would require the need of opening some firewall ports which are all listed here.

Update 15th Jul 2015
Apparently there is a sizing guide in this KB but not updated as of 6.0.1.

Monday, June 29, 2015

VMware Horizon 6.1.1 Application Remoting over HTML5

With the announcement of Horizon 6.1.1 release, there are some new features added to Horizon solution.  Of the few, one of them is Application Remoting which now support over HTML5 browser.

I have that testing since Horizon 6.1 in a technical preview and was not able to show it.  With this release, it is now official so I shall go through some of the screenshot how this was done.

The setup is all similar is no complicated steps just an installation of an .exe binary on top of latest View 6.1 agent and the HTML access binary on the connection server.

After which you have the freedom of choice to use a Horizon Client or a HTML5 to access your desktop as well as Applications remoting.  The best part of this is there is no plugin needed for browser this not just keep the browser clean from any crashes which can be resulted as well as messing up browser performance and behaviour.

Using the Horizon Client this time, there are several improvement.  Remember when I mentioned in my previous post, this has better improvement.

Here I am using a mobile Horizon Client:

In the Horizon Client, you will see your recent application you access and desktops.  You can choose to connect to other servers from the Servers  tab.

Once logon, you will see all the desktop and applications available.

Once connected you will see a side bar available with all the applications and desktops.  You can scroll down the list if there are more beyond the screen.

Once you choose an application, you will see appear on the client.  Here you see I opened MS Paint and calculator.  The side bar can then be hidden for more viewable space.

You can open more than one instance of the same application and it will be there.  A long press on the application allows you to close it or just click on the cross icon on the application window.

On the HTML5 browser, this can be on mobile or on a laptop.  Here I have one with mobile Chrome browser.
 Login via the mobile browser.

 List of all the virtual desktop and applications I am entitled to.

 The left panel toolbar that show all the virtual desktops and applications I can open and active.

Here you see I have two calculator applications and one MS Paint.  Native Windows applications on an android mobile device.  (Though I feel this is rather small but would work great on a tablet for sure.)

On my laptop I am using Firefox, you will be presented with your desktops and applications.  This is utilizing the Blast protocol use on both the desktop and application.

Here you see after pointing the Connection server you get presented all the applications entitled.  You can also favourite the applications by clicking on the star so you do not have to search for it.  You can also present a Thinapp application as a Hosted App.

Upon clicking on the application, you will be presented with the below.  You can see I have open a MS Word and two MS Paint.  As MS Paint is the same, they are displayed under the same group on the taskbar on the left.  The task bar, just like on the mobile client can be hidden and call upon.

The the screenshots from mobile Horizon Client to the HTML5 mobile browser and desktop browser, the look and feel and way of maneuvering around  is rather similar.   This will be great for end users as they do not have to relearn a new interface for every different application or device used.

There are few questions arises.  What if you need to change password, typically this will have no impact on your desktop or applications.  As long you are in desktop or application either on HTML5 or Horizon Client, you can still change them via a Ctrl-Alt-Del option.

Hope this gives you a good picture of HTML app remoting.

Update 6th Jul 2015
Added HTML5 access via a mobile browser.

Wednesday, June 3, 2015

Unable to verify certificate for vCenter on Horizon View Connection Server

Recently during an outage of my host during to hardware issue in my home lab where my vCenter 6.0 sit on it, resulted some strange behaviour on my View Connection Server 6.1.  I encounter the below error message:

When I go to my Horizon View Dashboard, it looks fine.

When I try to remove the vCenter entry under the Server options and adding it back I end up with another error when trying to add the View Composer.
However this is not related to the strange behaviour above.  But rather this is due to my login did not contain a domain\username but instead of use just username.

Back to the strange behaviour.  It seems my connection to my vCenter via Connection Server has a sudden slowness and the certificate seems to be corrupted.  I tried to find a solution to replace the self-signed (in my case) certificate on my View Connection Server however in vain.  I tried removing the vCenter and re-adding it back, that does not help.

So I chanced upon some steps by our internal team and use it to resolve my problem and it works.

In summary, this is what was done.  First we backup the ADAM database and then we invalid the entry of the vCenter in View Connection Server.  Then we try to add the existing vCenter again.  So now we have two entry of the vCenter where oneis an invalid entry.  Taking from the valid entry certificate thumbprint, we overwrite the invalid ones and remove the latter vCenter entry.  Next revert back the entry to previous valid entry.

Here are the detailed steps that help me resolved my issues.

To manually regenerate data:

Note: Back up the ADAM database before proceeding. For more information, see Performing an end-to-end backup and restore for View Manager (1008046).
  1. Log in to the machine hosting your View Connection Server. If there is a cluster of View Connection Servers, this step can be done on any of the servers.
  2. Click Start > Run, type cmd, and click OK. The command prompt opens.
  3. Run this command, substituting a name for your back up file.

    vdmexport > ViewBackupFilename.ldf

  4. Connect to the ADAM database. For more information, see Connecting to the View ADAM Database (2012377).
  5. Expand OU=Properties > OU=VirtualCenter.
    Note the entry is is after expanding the OU=VirtualCenter.
  6. Document the first four characters of the vCenter Server entry, for example CN=f030. Right-click the vCenter Server entry and click Properties.
  7. Document these three values:

    • pae-NameValuePair. Note the entry here and then remove it.
    • pae-SVIURL. Note the entry and set to a value similar to
    • pae-VCURL. Note the entry and set to a value similar to
  8. In the View Administrator portal, refresh the dashboard to confirm the name change you made.
    Do note that changes are reflected at two different location.
  9. In View Configuration > Servers > vCenter Server, add an entry for the proper
  10. Open the properties page for each vCenter Server entry.
  11. Manually copy these values from the new vCenter Server entry to the old vCenter Server entry:

    Note: Take a note of the entries before copying. When copying these values, copy and paste directly between properties sheets or copy to a plain text editor that does not add any formatting such as Windows Notepad.exe.

    • pae-SVISslCertThumbprint
    • pae-SVISslCertThumbprintAlgorithm
    • pae-SVIUserName
    • pae-SVIUserPassword
    • pae-VCSslCertThumbprint
    • pae-VCSslCertThumbprintAlgorithm
    • pae-VCUserName
    • pae-VCUserPassword
  12. Remove the new vCenter Server entry from the View Administrator webpage.
  13. Undo the three changes you made at the beginning of the process, including adding the UNIQUEID=XX value back into pae-NameValuePair and rename the pae-SVIURL and pae-VCURL.
  14. Reboot all Connection Servers in the replicated group.
  15. In the View Administrator webpage, refresh the Dashboard page again and confirm vCenter Server and Composer are both shown correctly and are now showing as green status.
  16. Proceed with testing provisioning and recomposing, as well as login functionality.