Setting Up Desktop and Application Pools in View
Table Of Contents
- Setting Up Desktop and Application Pools in View
- Contents
- Setting Up Desktop and Application Pools in View
- Introduction to Desktop and Application Pools
- Preparing Unmanaged Machines
- Creating and Preparing Virtual Machines
- Creating Virtual Machines for Remote Desktop Deployment
- Create a Virtual Machine for Remote Desktop Deployment
- Install a Guest Operating System
- Prepare a Guest Operating System for Remote Desktop Deployment
- Prepare Windows Server Operating Systems for Desktop Use
- Install Desktop Experience on Windows Server 2008 R2
- Install Desktop Experience on Windows Server 2012 or 2012 R2
- Configure the Windows Firewall Service to Restart After Failures
- Install View Agent on a Virtual Machine
- Install View Agent Silently
- Configure a Virtual Machine with Multiple NICs for View Agent
- Optimize Guest Operating System Performance for All Windows Versions
- Optimize Windows 7 and Windows 8 Guest Operating System Performance
- Optimizing Windows 7 and Windows 8 for Linked-Clone Virtual Machines
- Benefits of Disabling Windows 7 and Windows 8 Services and Tasks
- Overview of Windows 7 and Windows 8 Services and Tasks That Cause Linked-Clone Growth
- Disable Scheduled Disk Defragmentation on Windows 7 and Windows 8 Parent Virtual Machines
- Disable the Windows Update Service on Windows 7 and Windows 8 Virtual Machines
- Disable the Diagnostic Policy Service on Windows 7 and Windows 8 Virtual Machines
- Disable the Prefetch and Superfetch Features on Windows 7 and Windows 8 Virtual Machines
- Disable Windows Registry Backup on Windows 7 and Windows 8 Virtual Machines
- Disable the System Restore on Windows 7 and Windows 8 Virtual Machines
- Disable Windows Defender on Windows 7 and Windows 8 Virtual Machines
- Disable Microsoft Feeds Synchronization on Windows 7 and Windows 8 Virtual Machines
- Preparing Virtual Machines for View Composer
- Prepare a Parent Virtual Machine
- Activating Windows on Linked-Clone Virtual Machines
- Disable Windows Hibernation in the Parent Virtual Machine
- Configure a Parent Virtual Machine to Use Local Storage
- Keep a Record of the Parent Virtual Machine's Paging-File Size
- Increase the Timeout Limit of QuickPrep Customization Scripts
- Creating Virtual Machine Templates
- Creating Customization Specifications
- Creating Virtual Machines for Remote Desktop Deployment
- Creating Automated Desktop Pools That Contain Full Virtual Machines
- Creating Linked-Clone Desktop Pools
- Linked-Clone Desktop Pools
- Worksheet for Creating a Linked-Clone Desktop Pool
- Create a Linked-Clone Desktop Pool
- Desktop Pool Settings for Linked-Clone Desktop Pools
- View Composer Support for Linked-Clone SIDs and Third-Party Applications
- Keeping Linked-Clone Machines Provisioned and Ready During View Composer Operations
- Use Existing Active Directory Computer Accounts for Linked Clones
- Creating Manual Desktop Pools
- Setting Up Remote Desktop Services Hosts
- Remote Desktop Services Hosts
- Install Remote Desktop Services on Windows Server 2008 R2
- Install Remote Desktop Services on Windows Server 2012 or 2012 R2
- Install Desktop Experience on Windows Server 2008 R2
- Install Desktop Experience on Windows Server 2012 or 2012 R2
- Restrict Users to a Single Session
- Install View Agent on a Remote Desktop Services Host
- Enable Time Zone Redirection for RDS Desktop and Application Sessions
- Enable Windows Basic Theme for Applications
- Configure Group Policy to Start Runonce.exe
- RDS Host Performance Options
- Creating Farms
- Creating Application Pools
- Creating RDS Desktop Pools
- Provisioning Desktop Pools
- User Assignment in Desktop Pools
- Naming Machines Manually or Providing a Naming Pattern
- Manually Customizing Machines
- Desktop Pool Settings for All Desktop Pool Types
- Adobe Flash Quality and Throttling
- Setting Power Policies for Desktop Pools
- Power Policies for Desktop Pools
- Configure Dedicated Machines To Be Suspended After Users Disconnect
- How Power Policies Affect Automated Desktop Pools
- Power Policy Examples for Automated Pools with Floating Assignments
- Power Policy Example for Automated Pools with Dedicated Assignments
- Preventing View Power Policy Conflicts
- Configuring 3D Rendering for Desktops
- Prevent Access to View Desktops Through RDP
- Deploying Large Desktop Pools
- Entitling Users and Groups
- Configuring Remote Desktop Features
- Configuring Unity Touch
- Configuring Flash URL Redirection for Multicast or Unicast Streaming
- Configuring Real-Time Audio-Video
- Configuration Choices for Real-Time Audio-Video
- System Requirements for Real-Time Audio-Video
- Ensuring That Real-Time Audio-Video Is Used Instead of USB Redirection
- Selecting Preferred Webcams and Microphones
- Select a Default Microphone on a Windows Client System
- Select a Preferred Webcam on a Windows Client System
- Select a Default Microphone on a Mac OS X Client System
- Configuring Real-Time Audio-Video on a Mac OS X Client
- Configure a Preferred Webcam or Microphone on a Mac OS X Client System
- Select a Default Microphone on a Linux Client System
- Select a Preferred Webcam or Microphone on a Linux Client System
- Configuring Real-Time Audio-Video Group Policy Settings
- Real-Time Audio-Video Bandwidth
- Configuring Scanner Redirection
- Configuring Serial Port Redirection
- Managing Access to Windows Media Multimedia Redirection (MMR)
- Managing Access to Client Drive Redirection
- Using USB Devices with Remote Desktops and Applications
- Limitations Regarding USB Device Types
- Overview of Setting Up USB Redirection
- Network Traffic and USB Redirection
- Automatic Connections to USB Devices
- Deploying USB Devices in a Secure View Environment
- Using Log Files for Troubleshooting and to Determine USB Device IDs
- Using Policies to Control USB Redirection
- Troubleshooting USB Redirection Problems
- Reducing and Managing Storage Requirements
- Managing Storage with vSphere
- Reducing Storage Requirements with View Composer
- Storage Sizing for Linked-Clone Desktop Pools
- Storage Overcommit for Linked-Clone Virtual Machines
- Linked-Clone Data Disks
- Storing Linked Clones on Local Datastores
- Storing View Composer Replicas and Linked Clones on Separate Datastores
- Configure View Storage Accelerator for Desktop Pools
- Reclaim Disk Space on Linked-Clone Virtual Machines
- Using View Composer Array Integration with Native NFS Snapshot Technology (VAAI)
- Set Blackout Times for ESXi Operations on View Virtual Machines
- Configuring Policies for Desktop and Application Pools
- Setting Policies in View Administrator
- Using Active Directory Group Policies
- Using View Group Policy Administrative Template Files
- View ADM and ADMX Template Files
- View Agent Configuration ADM Template Settings
- View PCoIP Session Variables ADM Template Settings
- Using Remote Desktop Services Group Policies
- Add the Remote Desktop Services ADMX Files to Active Directory
- RDS Application Compatibility Settings
- RDS Connections Settings
- RDS Device and Resource Redirection Settings
- RDS Licensing Settings
- RDS Profiles Settings
- RDS Remote Session Environment Settings
- RDS Security Settings
- RDS Temporary Folders Settings
- Setting Up Location-Based Printing
- Active Directory Group Policy Example
- Configuring User Profiles with View Persona Management
- Providing User Personas in View
- Using View Persona Management with Standalone Systems
- Migrating User Profiles with View Persona Management
- Persona Management and Windows Roaming Profiles
- Configuring a View Persona Management Deployment
- Overview of Setting Up a View Persona Management Deployment
- Configure a User Profile Repository
- Install View Agent with the View Persona Management Option
- Install Standalone View Persona Management
- Add the View Persona Management ADM Template File
- Configure View Persona Management Policies
- Create Desktop Pools That Use Persona Management
- Best Practices for Configuring a View Persona Management Deployment
- View Persona Management Group Policy Settings
- Troubleshooting Machines and Desktop Pools
- Display Problem Machines
- Send Messages to Desktop Users
- Troubleshooting Desktop Pool Creation Problems
- Pool Creation Fails if Customization Specifications Cannot Be Found
- Pool Creation Fails Because of a Permissions Problem
- Pool Provisioning Fails Due to a Configuration Problem
- Pool Provisioning Fails Due to a View Connection Server Instance Being Unable to Connect to vCenter
- Pool Provisioning Fails Due to Datastore Problems
- Pool Provisioning Fails Due to vCenter Server Being Overloaded
- Virtual Machines Are Stuck in the Provisioning State
- Virtual Machines Are Stuck in the Customizing State
- Removing Orphaned or Deleted Linked Clones
- Troubleshooting Machines That Are Repeatedly Deleted and Recreated
- Troubleshooting QuickPrep Customization Problems
- Finding and Unprotecting Unused View Composer Replicas
- View Composer Provisioning Errors
- Troubleshooting Network Connection Problems
- Troubleshooting USB Redirection Problems
- Manage Machines and Policies for Unentitled Users
- Resolving Database Inconsistencies with the ViewDbChk Command
- Further Troubleshooting Information
- Index
You can prevent specific device families from being redirected to the remote desktop or application. For
example, you can block all video, audio, and mass storage devices:
ExcludeDeviceFamily o:video;audio;storage
Conversely, you can create a whitelist by preventing all devices from being redirected but allowing a
specific device family to be used. For example, you can block all devices except storage devices:
ExcludeAllDevices Enabled
IncludeDeviceFamily o:storage
Another risk can arise when a remote user logs into a desktop or application and infects it. You can prevent
USB access to any View connections that originate from outside the company firewall. The USB device can
be used internally but not externally.
To disable external access to USB devices, you can block TCP port 32111 from the security server to the
remote desktops and applications. For zero clients, the USB traffic is embedded inside a virtual channel on
UDP port 4172. Because port 4172 is used for the display protocol as well as for USB redirection, you cannot
block port 4172. If required, you can disable USB redirection on zero clients. For details, see the zero client
product literature or contact the zero client vendor.
Setting policies to block certain device families or specific devices can help to mitigate the risk of being
infected with BadUSB malware. These policies do not mitigate all risk, but they can be an effective part of an
overall security strategy.
Using Log Files for Troubleshooting and to Determine USB Device IDs
Useful log files for USB are located on both the client system and the remote desktop operating system or
RDS host. Use the log files in both locations for troubleshooting. To find product IDs for specific devices, use
the client-side logs.
If you are trying to configure USB device splitting or filtering, or if you are trying to determine why a
particular device does not appear in a Horizon Client menu, look in the client-side logs. Client logs are
produced for the USB arbitrator and the Horizon View USB Service. Logging on Windows and Linux clients
is enabled by default. On Mac OS X clients, logging is disabled by default. To enable logging on Mac OS X
clients, see Using VMware Horizon Client for Mac OS X.
When you configure policies for splitting and filtering out USB devices, some values you set require the VID
(vendor ID) and PID (product ID) for the USB device. To find the VID and PID, you can search on the
Internet for the product name combined with vid and pid. Alternatively, you can look in the client-side log
file after you plug in the USB device to the local system when Horizon Client is running. The following table
shows the default location of the log files.
Table 14‑2. Log File Locations
Client or Agent Path to Log Files
Windows client
%PROGRAMDATA%\VMware\VDM\logs\debug-*.txt
C:\Windows\Temp\vmware-SYSTEM\vmware-usbarb-*.log
View Agent
%PROGRAMDATA%\VMware\VDM\logs\debug-*.txt
Mac OS X client
/var/root/Library/Logs/VMware/vmware-view-usbd-xxxx.log
/Library/Logs/VMware/vmware-usbarbitrator-xxxx.log
Linux client
(Default location) /tmp/vmware-root/vmware-view-usbd-*.log
If a problem with the device occurs after the device is redirected to the remote desktop or application,
examine both the client- and agent-side logs.
Chapter 14 Using USB Devices with Remote Desktops and Applications
VMware, Inc. 185