Skip to content
Home » VMware Horizon

VMware Horizon

Horizon View Blast Secure Gateway service paused

Also known as: “Problems renewing the Horizon Connection server certificate” When renewing the Certificate used for the Horizon Connection server, it’s important that you use the correct settings. If not, the Horizon Connection server service will be running, but you won’t be able to access the Horizon Admin Console or even be able to logon to Horizon. After renewing the Horizon Connection server certificate you need to restart the Horizon… Read More »Horizon View Blast Secure Gateway service paused

VMware Horizon authentication using AzureAD (with multifactor) – Part 5: TrueSSO Setup

This is part of a series of post for setting up VMware Horizon authentication using AzureAD. Part 1: Setup sub-CA(s) Part 2: Certificate Template Part 3: Enrollment Servers Part 4: SAML Setup Part 5: True SSO Setup TrueSSO setup We are almost there! So far we have created our sub-CAs, setup certificate templates, installed the enrollment server and configured the SAML authentication. At this point, Connecting to the UAG will… Read More »VMware Horizon authentication using AzureAD (with multifactor) – Part 5: TrueSSO Setup

VMware Horizon authentication using AzureAD (with multifactor) – Part 4: SAML Setup

This is part of a series of post for setting up VMware Horizon authentication using AzureAD. Part 1: Setup sub-CA(s) Part 2: Certificate Template Part 3: Enrollment Servers Part 4: SAML Setup Part 5: True SSO Setup SAML setup In the next part, we will set up the SAML authentication. This consists of 3 steps: First, we need to create the SAML application on Azure, then we will configure the… Read More »VMware Horizon authentication using AzureAD (with multifactor) – Part 4: SAML Setup

VMware Horizon authentication using AzureAD (with multifactor) – Part 3: Enrollment Servers

This is part of a series of post for setting up VMware Horizon authentication using AzureAD. Part 1: Setup sub-CA(s) Part 2: Certificate Template Part 3: Enrollment Servers Part 4: SAML Setup Part 5: True SSO Setup Enrollment server(s) Repeat all steps in this part on both enrollment/sub-CA servers! On the enrollment/sub-CA server, open the local machine certificate manager: Right-click the Personal node, choose All Tasks > Request New Certificate… Read More »VMware Horizon authentication using AzureAD (with multifactor) – Part 3: Enrollment Servers

VMware Horizon authentication using AzureAD (with multifactor) – Part 2: Certification Template

This is part of a series of post for setting up VMware Horizon authentication using AzureAD. Part 1: Setup sub-CA(s) Part 2: Certificate Template Part 3: Enrollment Servers Part 4: SAML Setup Part 5: True SSO Setup Certification Template The way TrueSSO works is it is using a certificate issued for the user after a successful SAML authentication and authenticates against AD using a smartcard type logon with that certificate.… Read More »VMware Horizon authentication using AzureAD (with multifactor) – Part 2: Certification Template

VMware Horizon authentication using AzureAD (with multifactor) – Part 1: Setup sub-CA(s)

This is part of a series of post for setting up VMware Horizon authentication using AzureAD. Part 1: Setup sub-CA(s) Part 2: Certificate Template Part 3: Enrollment Servers Part 4: SAML Setup Part 5: True SSO Setup Sub-CA(s) First, we are going to set up a subordinate certification authority on our 2 servers. I’m using Windows server 2022, but 2019 or 2016 also works fine. By using a sub-CA, all… Read More »VMware Horizon authentication using AzureAD (with multifactor) – Part 1: Setup sub-CA(s)

VMware Horizon authentication using AzureAD (with multifactor)

Securing external connections to your VMware Horizon environment is not always easy. However, you might already have all the tools necessary to allow external users to access your VMware Horizon environment in a secure way, by which I mean, using multi-factor authentication. If you have: A VMware Horizon environment using Unified Access Gateway for external access A MS 365 or Office 365 subscription AzureAD synced with on-premises AD MFA set… Read More »VMware Horizon authentication using AzureAD (with multifactor)

Cannot complete customization…

A while ago I was experimenting with Packer to automate the creation and updating of my VMware Horizon master images. More details about this in a next post. During my testing however, I needed to clone a Windows VM and apply a customization to it using sysprep. If I tried that using Packer, I got the error “cannot complete customization”. The same error message appeared in the vCenter. To be… Read More »Cannot complete customization…

HAProxy health checks for VMware Horizon & AppVolumes

A while ago I wrote a blog post about using HAProxy and Keepalived to make VMware Horizon connection servers and AppVolumes managers high available. The load balancing config used in that post was a basic one who just checked if the connection servers or appvolumes managers were running by checking if the webserver on the servers responded. The drawback of this is when you set a connection server “disabled”, the… Read More »HAProxy health checks for VMware Horizon & AppVolumes

OneDrive grey cross with Horizon Instant Clones, AppVolumes and FSLogix

Some time ago, I encountered two similar cases using OneDrive on a non-persistent VDI environment. Both environments were already using AppVolumes for most applications, Dynamic Environment Manager for user profiles and FSLogix Office container for Outlook cache. After installing OneDrive using the machine-wide installation option /allusers, I was able to configure OneDrive using the users’ credentials so there was no need to provide an additional user and password. However, once… Read More »OneDrive grey cross with Horizon Instant Clones, AppVolumes and FSLogix