Tag Archives: view

Workaround for broken Windows 10 Start Menus with floating desktops

Last month, I wrote about a very annoying issue, that I discovered during a Windows 10 VDI deployment: Roaming of the AppData\Local folder breaks the Start Menu of Windows 10 Enterprise (Roaming of AppData\Local breaks Windows 10 Start Menu). During research, I stumbled over dozens of threads about this issue.

Today, after hours and hours of testing, troubleshooting and reading, I might have found a solution.

The environment

Currently I don’t know if this is a workaround, a weird hack, or no solution at all. Maybe it was luck that none of my 2074203423 logins at different linked-clones resulted in a broken start menu. The customer is running:

  • Horizon View 7.1
  • Windows 10 Enterprise N LTSB 2016 (1607)
  • View Agent 7.1 with enabled Persona Management

Searching for a solution

During my tests, I tried to discover WHY the TileDataLayer breaks. As I wrote in my earlier blog post, it is sufficient to delete the TileDataLayer folder. The folder will be recreated during the next logon, and the start menu is working again. Today, I added path for path to “Files and folders excluded from roamin” GPO setting, and at some point I had a working start menu. With this in mind, I did some research and stumbled over a VMware Communities thread (Vmware Horizon View 7.0.3 – Linked clone – Persistent mode – Persona management – Windows 10 (1607) – -> Windows 10 Start Menu doesn’t work)

User oliober did the same: He roamed only a couple of folders, one of them is the TileDataLayer folder, but not the whole Appdata\Local folder.

The “solution”

To make a long story short: You have to enable the roaming of AppData\Local, but then you exclude AppData\Local, and add only necessary folders to the exclusion list of the exclusion. Sounds funny, but it seems to work.

Feedback is welcome!

I am very interested in feedback. It would be great if you have the chance to verify this behaviour. Please leave a comment with your results.

As I already said: I don’t know if this is a workaround, a hack, a solution, or no solution at all. But for now, it seems to work. Microsoft deprecated TileDataLayer in Windows 10 1703. So for this new Windows 10 build, we have to find another working solution. The above described “solution” only works for 1607. But if you are using the Long Term Service Branch, this solution will work for the next 10 years. ;)

Horizon View: Server certificate does not match the external url

Certificates are always fun… or should I say PITA?  Whatever… During a small Horizon View PoC, I noticed an error message for the View Connection Server.

That’s right, Mr. Connection Server. The certificate subject name does not match the servers external URL, as this screenshot clearly shows.

But both settings are unused, because a VMware Access Point appliance is in place. If I remove the certificate, that was issued from a public certificate authority, I get an error message because of an invalid, self signed certificate.

I want to use the certificate on the Horizon View Connection Server, but I also want to get rid of the error message, caused by the wrong subject name. The customer uses split DNS, so he is using the same URL internally and externally, and the certificate uses the external URL as subject name.

Change the URLs

The solution is easy:

  1. Enable the checkboxes for the Secure Tunnel connection and the Blast Secure Gateway
  2. Change the hostname to the name, that matches the subject name of the certificate
  3. Uncheck the checkboxes again, and apply the settings

After a couple of secons, and a refresh of the dashboard, the error for the Connection Server should be gone.

VMware EUC Access Point appliance – Name resolution not working after deployment

As part of a project, I had to deploy a VMware EUC Access Point appliance. Nothing fancy, because the awesome VMware Access Point Deployment Utility makes it easy to deploy.

Unfortunately, the deployed Access Point appliance was not working as expected. When I tried to access my Horizon View infrastructure behind the Access Point appliance, I got a HTTP 504 error. The REST API interface was working. I was able to exclude invalid certificates, routing, or firewall policies. I re-deployed the appliance using the the IP address of the connection server, instead of the FQDN. And this worked… I checked the name resolution with nslookup and the name resolution failed. So that was probably the problem.

One per line

To make a long story short: The DNS server, I entered in the VMware Access Point Deployment Utility, were added in a single line to the /etc/resolv.conf

This is wrong, even if the VMware Access Point Deployment Utility claims something different.

euc_deployment_dnsThere must be a single “nameserver” entry for each DNS server.

You can easily change this after the deployment. Add only one DNS server during the deployment, and then add the second DNS server after the deployment.

I would like to highlight, that Chris Halstead mentioned this behaviour a year ago in his blog post “VMware Access Point Deployment Utility“. Chris is the author of the Deployment Utility.

VCP7-DTM certification beta exam experience

Nearly a month ago, a tweet caught my attention:

https://twitter.com/VMwareEducation/status/783374497827041280

These beta exams are a cost-effective way to achieve certifications. The last beta exam I took, was the VCP6-DCV beta. Because I already had the VCP6-DTM on my to-do list, the new VCP7-DTM beta exam was released just in the right moment.

As already mentioned in the blog post of the VMware Education and Certification Blog, there are primarly three reasons to take this beta exam:

  • get certified
  • low costs (only 50 USD)
  • identify strengths and weaknesses

Beside of this, VMware can test the questions and is getting feedback to increase the quality of their exams.

Exam preparation

The beta exam preparation guide is quite comprehensive.  Desktop and Mobility (DTM) is not only about VMWare Horizon View. VMware Horizon Mirage, App Volumes, User Environment Manager, Thin App, IDM/ Workspace are also part of the exam.

Section 1 – Install and Configure Horizon Server Components

  • Objective 1.1 – Describe techniques to prepare environment for Horizon
  • Objective 1.2 Determine procedures to install Horizon Components
  • Objective 1.3 – Determine steps to configure Horizon Components
  • Objective 1.4 – Analyze End User Requirements for Display Protocol Performance Knowledge
  • Objective 1.5 – Diagnose and solve issues related to connectivity between Horizon Server Components

Section 2 – Create and Configure Pools

  • Objective 2.1 – Configure and Manage Horizon Pools
  • Objective 2.2 – Build and Customize RDSH Server and Desktop Images

Section 3 – Configure and Administer VMware Mirage

  • Objective 3.1 – Install and Configure Mirage Components
  • Objective 3.2 – Configure and Manage Mirage layers
  • Objective 3.3 – Configure and Manage Mirage Endpoints

Section 4 – Configure and Manage Identity Manager

  • Objective 4.1 – Install and Configure VMware Identity Manager
  • Objective 4.2 – Manage VMware Identity Manager

Section 5 – Configure and Manage User Environment Manager

  • Objective 5.1 – Install and Configure VMware User Environment Manager
  • Objective 5.2 – Manage VMware User Environment Manager

Section 6 – Configure and Manager App Volumes

  • Objective 6.1 – Install and Configure VMware App Volumes
  • Objective 6.2 – Manage VMware AppStacks and writeable Volumes

Section 7 – Configure vRealize Operations for Horizon

  • Objective 7.1 – Manage VMware Workspace Portal

The preparation guide outlines some documents, which can be used to preapre for the exam. Although I’m working with Horizon View on a regular base, I had some “blind spots”. I used the official documentation and my lab to prepare for the exam.

The exam

The exam contained 175 questions, and I had 245 minutes to answer all the questions. I arrived early at the test center, because I had booked the first available slot for that day. I did not expect to be able to answer all the questions. View, Mirage, App Volumes, Workspace and IDM were the main topics, only a few questions about ThinApp and vROps for Horizon. Many questions were about administrative topics, where to click to achieve something, or where a specific option is located. There were also some questions about requirements, supported databases etc. As far as I can judge, these were all fair questions. If you have intensivly studied the documentation, you have do not have to fear this exam. Experience in administration is a great plus.

I really do not know if I have passed it. It will take some time. The results will be available after the beta phase. If I don not passed, I have at least gained experience.

vCenter Server Appliance as syslog target for Horizon View connection servers

Logging is essential for troubleshooting. VMware Horizon View allows you to configure a SQL database for event logging, and I really recommend to configure the event logging database (I have seen some deployments without). Beside the event logging database, it’s a great idea to configure a secondary log destination. With a event logging database, and logs sent to a syslog, you have two independent log destinations.

To configure a syslog destination, login to the Horizon View admin portal and go to “View Configuration > Event Configuration”.

view_connsrv_syslog_2

If you have a vCenter Server Appliance running in your environment, you already have a functional syslog server. There is no need to configure a dedicated syslog server. Just add your vCenter Server Appliance as syslog destination. After applying the settings, the connection servers will start to send logs to the syslog server. This is a capture of the vCenter Server Appliance running in my lab.

The host “connsrv1” is my Horizon View connection server (I only use a single connection server behind a Citrix NetScaler VPX – it’s a lab…).

And don’t forget: Syslog log rotation FTW!