The first task to complete in the admin portal after provisioning is complete is to register a domain with the DaaS platform. This can be an existing domain or a new domain that was created during the provisioning process. In most cases, the utility server hosted in Green Cloud’s IaaS platform will be an AD, DNS and DHCP server.
- If you are using a Cisco virtual router, confirm the IP Helper address on the firewall. Run the following command on the Cisco firewall.
show ip helper-address
- Configure DHCP on the utility server. The utility server is the server which is defined as the IP Helper on the firewall.
- Set scope options
- 192.074 IRC. Enter Tenant appliance IP addresses. Green Cloud will have provided the tenant IP addresses during the provisioning process. Typically, the addresses are .11 and .12 of your desktop subnet that was identified in the pre-provisioning process. E.g. 192.168.101.11,192.168.101.12
- It is recommended to configure Active Directory for LDAP over SSL communication. This is the secure way to bind your DaaS tenant to your internal domain.
- For information on how to setup LDAP over SSL click here.
- Create a service account to bind the DaaS tenant to AD.
- Use a complex password and set it to never expire
- Create a service account to allow DaaS to join desktops to your domain
- Use a complex password and set it to never expire.
- Ensure this account has domain join rights in your domain policy.
- Click here for more information.
- Create an OU for desktop computer accounts to be placed by DaaS
- Create one or more user groups to assign to DaaS desktop pools.
- These users will be able to consume desktops in the pool in which they are assigned.
- Create a user group to assign DaaS admin rights.
- These users will be able to administer the DaaS tenant through the admin portal.
To register your domain in DaaS, log in to the Horizon Admin portal. Select Settings, then Active Directory.
Then select Register under the top heading.
Configure the registration as shown, entering a name for the AD instance, the DNS domain name, and the username/password for the domain bind account.
Enter the advanced configuration if necessary, then select “Domain Bind” to continue.
Once the Domain Bind is configured, select “Edit” next to “Domain Join” to configure the join account. Enter the username/password for the domain join account, enter the Desktop Account OU name, and select Save.
Domain Configuration Complete
At this point the DaaS Domain is configured. You may move on to begin assigning Roles & Permissions, or Image Management.