Determine the type of users you have. Then perform the calculation below which will factor in 80% bandwidth utilization.
- Task User – 50-100Kbps.
- Standard User – 100-150Kbps
- Power User – 400-600Kbps
- Video User – 2Mbps per user running 480p video
Bandwidth in Kbps*.8/User type high value
(The .8 is factoring 80% utilization of total bandwidth)
User type = Standard User high value 150Kbps
Bandwidth = T1 = 1.5Mbps = 1500Kbps
1500*.8/150 = 8 concurrent users on a T1
Please see this link for more details.
It is recommended to use the Horizon Client and PCOIP for the best USB redirection experience. On the Horizon Client connection bar, you will see a USB. It is through this menu you can control the behavior when a USB device is connected. You can set to auto connect any USB device at startup or set it to auto connect any USB device when connected locally. These are not recommended as they can use more bandwidth unnecessarily.
It is recommended to manually connect the USB device. First connect a USB device locally, then open the USB menu, you will see the local device listed as an available device to redirect to the desktop. Select the device from the list and it will become available in your desktop.
RDP and the Horizon client will both attempt to install locally installed printers (USB and/or network) upon connecting to the desktop.
You may also choose to install printers as part of the pattern.
You can deploy printers to the dynamic desktops via group policy.
Log into the desktop portal and click the button to connect to the desktop using RDP. This will download a file named ‘RichClient.rdp’. Locate this file on your computer and open it with a text editor such as notepad.
Search the file for the line beginning with ‘full address’. If the port number listed is between 8001-8099 you are using the Access Point. If it is any other port, you are not using the Access Point for the connection.
Yes. User activity is available for download in a CSV format from the DaaS admin portal. On the dashboard page locate the link to ‘Download User Activity Log’. Enter the date range you wish to view the activity from.
This report is also useful when troubleshooting. It can provide useful information such as the source connection device, connection time and connection protocol.
The desktop portal can be branded using Cascading Style Sheets (CSS). Log into the admin portal and select ‘General’ from the ‘Configuration’ tab. Look for the field named ‘External style sheet URL’ in the section named ‘User Portal Configuration’. Enter the URL to the CSS style sheet.
For more information, see the following link from VMWare.
Yes. You can provide your own SSL certificate to be used with your DaaS tenant. The process will involve Green Cloud. Please contact Green Cloud at firstname.lastname@example.org to open a support ticket. You will need to provide Green Cloud with the following:
- CA Certificate: The public certificate from a certificate authority that was used to sign the tenant certificate. This file will have a .pem, .cer, or .crt extension.
- SSL Certificate: The public certificate, which was signed by the CA. This file has a .crt or .cer extension, which indicates that it is a certificate file.
- SSL Key: The private key used to decrypt the tenant’s SSL certificate. This is needed in order to be able to respond to certificate requests. This file has a .key file extension.
Yes, two-factor authentication is provided through the Horizon open standard extension interface. This allows third-party solutions to integrate advanced authentication extensions. For more information on this see DaaS Two-Factor Authentication.
The status of any task you run from the DaaS admin portal can be viewed under ‘Tasks and Events’ located under ‘Pool Management’. This will show the status of any currently running tasks as well as recent tasks. You can use the arrow to the left of the task to expand for more task details. You can also filter the list by pool or task status using the drop down menus.
In the admin portal on patterns you may notice an option to ‘backup’ the pattern. It says 0 used out of 0. This is on purpose. This feature has been disabled by Green Cloud. If you need a backup of your pattern, contact Green Cloud support at email@example.com.
In the event your issues require advanced troubleshooting, you will need to gather logs from the impacted desktop. This will require admin privileges. Perform the following commands from an elevated command prompt.
From the virtual desktop having issues locate the log file. Make a copy and send it to Green Cloud along with other logs.
C:\Program Files (x86)\VMware\VMware DaaS Agent\service\logs
From the virtual desktop having issues run the following command:
C:\Program Files\VMware\VMware View\Agent\DCT\support.bat
The log file should be output to the users’ desktop in a folder named vdm-sdct. If not present on the desktop, run a search on the computer for the folder.
Windows View Client
32-bit: C:\Program Files\VMware\VMware Horizon View Client\DCT\support.bat
64-bit: C:\Program Files (x86)\VMware\VMware Horizon View Client\DCT\support.bat
The log file should be output to the users’ desktop in a folder named vdm-sdct.
Mac clients do not have a script to collect logs. You must manually collect these files for diagnostic and troubleshooting purposes:
~/Library/Logs/VMware View Client.log
~/Library/Logs/VMware/VMware View Client/vmware-*.log
~/Library/Logs/VMware View Client/teradici-username/
/Library/Logs/VMware View Client Services.log
/Library/Logs/VMware/VMware View Client/*.log
Where ~ indicates the name of the user logged into the Mac client. These log files can be large.
On static desktops, yes. With dynamic desktops, please check with your AV vendor for support and deployment on dynamic desktops with a non-unique SID.
Below are some recommendations for optimizing AV in your DaaS environment.
- Check with your AV vendor for compatibility in a virtual desktop environment.
- Make sure to use the correct version for your OS (Windows Server)
- Install only the core virus scanner.
- Do not install any additional options such as firewall or content filters.
- Scan on write / incoming only. Do not scan on read.
- Disable Heuristic scanning
- Pre-scan the gold pattern
- Exclude the following:
C:\Program Files (x86)\VMware
- Mapped network drives
- USB Drives
- Do not use scheduled scans. Use real-time scanning.
- If you must use schedule scans, make sure to stagger them and perform them off hours.
- Disable startup scanning.
Users can change their passwords once logged into their virtual desktops. If your environment has password expirations, it is recommended the users change their passwords before they expire. If the password expires, the AD administrator will need to reset the password for the user.
Please see the following KB article for more information: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2100036
Occasionally, users will need the time out settings increased from the default settings. There are two places these settings are managed: in the pool, and under Configuration -> General Settings. While users may desire longer timeout values, it is recommended you keep the value lower rather than higher.
- In the enterprise admin portal, locate the pool you wish to increase the timeout settings on and choose ‘Edit’.
- Go to the ‘Pool Configuration’ section and adjust the session timeout.
- This setting controls the idle timeout on the desktop.
The information below is summarized from the help menu in the enterprise admin portal.
- In the enterprise admin portal, locate the ‘General Settings’ page under the ‘Configuration’ menu.
- On this page there are two sections with timeout settings: Desktop Portal and Enterprise Admin Portal and View Client Session timeout.
- Desktop / Admin Portal Settings
- This controls the idle times for sessions to the portals via a web browser.
- View Client Session
- These settings affect the sessions when using the View Client.
- The heartbeat reports the amount of idle time that has passed where there is no interaction with the end point device. This is different than the session time settings managed on the Pool which apply to the desktop.
- Desktop / Admin Portal Settings
- User Idle
- This controls the idle time for a user while connected to the tenant connection server. When reached the View client will disconnect requiring the user to re-authenticate with the connection server.
- This value should be at least double the value of the heartbeat.
- Broker Session
- This setting controls the amount of time the View Client can be connected to the tenant connection server before authentication expires. After the timeout, users will NOT be disconnected from their desktops unless the user performs an action within the View client that requires communication to the connection server such as changing settings in the View client.
- This value should be at least equal to the sum of the heartbeat and user idle settings.