Feb 01 2016

VMware Horizon View – USB Smart Card Reader Redirection

USB Smart Card Readers can be redirected from the end-users device to a VMware Horizon View Virtual Desktop, however this is blocked by default.

To allow USB Smart Card reader redirection s it is necessary to set a few settings in the VMware Horizon View Group Policy applied to the Horizon View Desktops. The settings are depicted in the below screenshot:
On top of the above settings TCP port 32111 needs to be opened:
Applicable in this Design
VMware Horizon View Security Server * View Desktop 32111 TCP USB Redirection YES
VMware Horizon View Client * View Desktop 32111 TCP USB redirection if direct connections are used instead of tunnel connections NO
VMware Horizon View Connection Server * View Desktop 32111 TCP USB redirection if tunnel connections via the View Connection Server are used NO

Permanent link to this article: https://ituda.com/vmware-horizon-view-usb-smart-card-reader-redirection/

Jan 29 2016

VMware vRealize Operations Manager – Scaling up a 2-node HA enabled vROps cluster

This blog post describes the steps to follow to scale up a 2-node HA enabled VMware vROps cluster:

Start Situation:

  • SMALL1 and SMALL2 are deployed and are configured in HA mode
  • SMALL1 is the Master node
  • SMALL2 is the Master Replica node

Process to scale-up 2 HA enabled nodes

  • Deploy 2 additional nodes (MEDIUM1 and MEDIUM2)
  • Add MEDIUM1 and MEDIUM2 to the HA cluster as additional data nodes.
  • Take the master replica node (SMALL2) offline
  • Remove the master replica node (SMALL2) from the HA cluster
  • Select one of the newly added nodes (MEDIUM1) as the new master replica
  • Take the master node (SMALL1) offline
  • Remove the master node (SMALL1) from the cluster
  • vROps will promote node MEDIUM1 as its master node
  • Select the second new node (MEDIUM2) as the new replica node.


  • During this process the cluster will restart several times, so dataloss is to be expected.
  • This migration process is not officially documented by VMware, but is currently the only way to scale-up a VMware vROps environment. VMware advises a well-thought sizing before deploying any VMware vROps nodes.
  • Having a cluster with mixed node sizes is not recommended and should only occur during a scale-up process
  • In order to make an accurate sizing estimation of your environment, VMware designed a spreadsheet to calculate the vROps environment size. The link to download the spreadsheet can be found in VMware KB 2140551

Permanent link to this article: https://ituda.com/vmware-vrealize-operations-manager-scaling-up-a-2-node-ha-enabled-vrops-cluster/

Jan 28 2016

VMware Horizon View – Windows 10 Golden Image Creation

In this blog post I describe the steps required to create a Virtual Machine template using Windows 10 from scratch.

Only optimizations of the core OS are described, the impact of installed applications within the guest will also need to be evaluated.

Below are the steps to follow to create an optimized Golden Image for VDI

STEP 1: VMware Template Configuration

Create a new Virtual Machine using the vSphere Web client

  • Name: depending on naming convention standards (Note: use a name of less then 15 characters)
  • Location: depending on the environment
  • Compute Resource: depending on the environment
  • Storage: depending on the environment
  • Compatibility (=Hardware version): ESXi 6.0 and later (=Hardware version 11)
  • Reference: http://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.vm_admin.doc/GUID-789C3913-1053-4850-A0F0-E29C3D32B6DA.html
  • Guest OS Family: Windows
  • Guest OS Version: Microsoft Windows 10 (64-bit)
  • Customise Hardware – Virtual Hardware Tab
  • vCPUs: 2
  • Memory: 3072 MB
  • Reserve all guest memory
  • HDD: 32 GB (disk size depends on the size of expected locally installed applications)
  • SCSI Controller: LSI Logic SAS
  • Network:
  • VLAN depending on the environment
  • Connect at Power On: YES
  • Adapter Type: VMXNET3
  • CD/DVD Drive:
  • Select “Datastore ISO File”
  • browse to the appropriate OS iso file
  • Connect at Power On: YES
  • Floppy Drive: Remove
  • Video Card:
  • Select “Specify Custom Settings”
  • Number of displays: 4
  • Total Video Memory: 128 MB
  • Enable 3D support: ONLY enable when you have a GPU card installed in the ESXi hosts
  • 3D renderer: Automatic
  • 3D Memory: 256 MB
  • Customise Hardware – VM Options tab
  • Boot options:
  • Force BIOS setup: Enable “The next time the virtual machine boots, force entry into the BIOS setup screen”
  • Advanced:
  • Settings:
  • Ensure “Enable logging” is unchecked
  • Configuration Parameters:
  • Edit Configuration Parameters
  • Add Row
  • Name: devices.hotplug
  • Value: false
  • Reference: See VMware KB 1012225
  • Click Finish

Power on the newly created VM and open the console from within the vSphere client to change the BIOS settings

  • Go to the Advanced tab – I/O Device Configuration and disable Serial Ports, Parallel Ports and Floppy Disk Controllers
  • Go to the Boot tab and change the boot order so the Hard Disk is 1st and the CD-ROM drive is the 2nd boot device
  • Save and exit (F10)

STEP 2: Win10 OS Installation

Boot the VM from the Win10 iso file

Ensure the language, time/currency format and keyboard/input method selections are correct and click “Next”

Click  “Install Windows”

Accept License terms and click “Next”

Read the rest of this entry »

Permanent link to this article: https://ituda.com/vmware-horizon-view-windows-10-golden-image-creation/

Oct 16 2015

VMware Horizon View – Authenticate with your fingerprint

Since VMware Horizon 6.2 a new functionality has been introduced to be able to log in to your VDIs and RDSH applications using the Touch ID on iPhones and iPads.

This feature is only supported with Horizon 6.2 when using Horizon Client 3.5.  The mobile device must also be running IOS 8 or later and obviously have the Touch ID hardware present.

TouchID_01 TouchID_02 TouchID_03

This functionality is however not enabled by default, but it is very easy to enable the functionality:

  • Open ADSI Edit on any connection server
  • Connect to the View ADAM database (See VMware KB 2012377)
  • Open the object DC=vdi, DC=vmware, DC=int
  • Go to Properties – Global – Common
  • Edit Attribute “pae-ClientConfig” attribute
  • Add the value “BioMetricsTimeout=-1”

There is no need to restart the connection server. The settings are active immediately.TouchID_04

See also VMware Horizon View 6.2 Documentation

Also added as an item in my blog post VMware Horizon View – Settings I should not forget


Permanent link to this article: https://ituda.com/vmware-horizon-view-authenticate-with-your-fingerprint/

Sep 20 2015

Nutanix – Installation of Nutanix Community Edition on VMware Fusion (VIDEO)

This post shows the steps to take to download and install the free Nutanix Community Edition on VMware Fusion.


Go to http://my.nutanix.com, register, check the “Community Edition” section and follow the link to download the software.




Version 2015.06.08: http://download.nutanix.com/ce/2015.06.08-beta/ce-2015.06.08-beta.img.gz

Version 2015.07.16: http://download.nutanix.com/ce/2015.07.16/ce-2015.07.16-beta.img.gz

Unpack the downloaded gzip file

Rename the unoacked *.img file to ce-flat.vmdk

Download the disk descriptor file from here or here

Rename the disk descriptor file to ce.vmdk


Installation Video




Permanent link to this article: https://ituda.com/nutanix-installation-of-nutanix-community-edition-on-vmware-fusion-video/

Jul 20 2015

VMware Horizon View – Using ZEN Loadbalancer to loadbalance Connection Server Traffic


Zen loadbalancer (ZLB) is as simple and easy to use open source loadbalancer. It can be used to loadbalance a variety for solutions, but here I describe how to configure it to load balance VMware Horizon View connection servers.

The Zen Loadbalancer can also be configred in an HA pair as described here, but I am limiting this article to a single load-balancer appliance.

Software Links and Versions

Server Names and IP addresses

  • Load balancer:
    • Name: ZLB01
    • IP:
  • Horizon View load balancing address:
    • URL: view.yourcompany.com
    • IP:
  • Horizon View Connection servers:
    • HVCS01:
    • HVCS02:

Step-by-Step installation guide

Follow the below instructions to install the Zen Load Balancer 3.0.5

  • Create a DNS record for ZLB01 pointing to
  • Create a new zone “view.yourcompany.com” and add an A-Host record pointing to
  • Download the ZEN Load Balancer ISO image from the download link mentioned above
  • Upload the downloaded iso image to one of the available vSphere datastores
  • Create a new virtual machine

Permanent link to this article: https://ituda.com/vmware-horizon-view-using-zen-loadbalancer-to-loadbalance-connection-server-traffic/

Jun 05 2015

VMware Horizon View – Upgrade Order

Today VMware Horizon 6.1.1 was released. The upgrade procedure is described in length at https://pubs.vmware.com/horizon-61-view/index.jsp#com.vmware.horizon-view.upgrade.doc/GUID-CE9531F4-6E70-494B-BE42-EF4666719F24.html

Important is that you must complete the upgrade process in a specific order.

Below a summary of the steps to take to upgrade your Horizon View environment to 6.1.1

  • Stop/halt all View scheduled tasks
  • Disable provisioning of all linked-clone desktop pools
  • Edit Desktop/pools settings: set “Refresh OS disk on logoff” to never
  • Upgrade View composer server
  • Upgrade View Connection Server
  • Upgrade View Security Server
    • Specify a security server pairing password on the Connection server that will be paired with the security server you are upgrading
    • Select “prepare for upgrade of reinstallation” to remove the existing IPsec rules
  • Upgrade GPOs
  • Upgrade View Agent on parent virtual machines
  • Edit Desktop/pools settings: set “Refresh OS disk on logoff” to “Refresh immediately” (or whatever setting you had before)
  • Enable provisioning of all linked-clone desktop pools
  • Recompose linked clone Pools
  • Upgrade View Clients

The upgrade is fairly simple and does not take too much time. I upgraded my demo environment which consists of 1 composer server, 2 connection servers, 1 security server and 1 rdsh host within 1 hour.


Permanent link to this article: https://ituda.com/vmware-horizon-view-upgrade-order/

Jun 03 2015

VMware Horizon View – Script to enable the Windows Aero Interface

The other day I got a request from a customer to enable the Windows Aero interface on their linked clone VDIs. Personally I do not see any benefit in doing this (on the contrary), but apparently some users really like it, they even say they “need” it.

Due to the optimizations I do on the golden image, the necessary services to enable Windows Aero are not enabled by default. Windows Aero also requires that the Windows Experience Index score has been determined.

To enable Windows aero, run the below commands on your non-aero golden image with an elevated command prompt:

sc config uxsms start= auto
sc start uxsms
sc config themes start= auto
sc start themes
winsat formal -restart
REG LOAD "hku\temp" "%USERPROFILE%\..\Default User\NTUSER.DAT"
REG DELETE "hku\temp\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v Wallpaper /f
REG ADD "HKU\Temp\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects" /v VisualFXSettings /t REG_DWORD /d 1 /f
REG UNLOAD "hku\temp
REG ADD "HKCR\Directory\Background\shell\Aero OFF \command" /ve /t REG_SZ /d "sc stop uxsms" /f
REG ADD "HKCR\Directory\Background\shell\Aero ON \command" /ve /t REG_SZ /d "sc start uxsms" /f

The first two lines will enable and start the “Desktop Window Manager Session Manager” service

The next two lines will enable and start the “Themes” service

The fifth line established the Windows Experience Index score and runs a full set of assessments (this takes a couple of minutes)


The next four lines enables back the wallpaper and sets the visual effects to “Best performance” for the default profile.

The last two lines are optional and will add two context menus when right-clicking the desktop so you can easily enable/disable the Windows aero interface



Permanent link to this article: https://ituda.com/vmware-horizon-view-script-to-enable-the-windows-aero-interface/

Apr 22 2015

VMware Horizon View – Script to create Persona Management Repositories, Shares and Permissions

When setting up VMware Horizon View Persona Management, one of the task to do is to create a remote repository to store the user data and settings, application-specific data, and other user-generated information in user profiles.

Required persona management remote repository permissions

The minimum required NTFS and share level permissions are:


User Account Minimum permission required
Creator Owner Full Control==> Subfolders and Files Only
Administrator None.

Enable the Windows group policy setting “Add the Administrators security group to the roaming user profiles. In the Group Policy Object Editor, this policy setting is located Computer Configuration\Administrative Templates\System\User Profiles\. ==> This policy setting must be configured on the client computer, not the server, for it to have any effect, because the client computer sets the file share permissions for the roaming profile at creation time.

Security Group of users needing to put data on the share List Folder/Read Data, Create Folders/Append Data, Read Attributes==> This Folder Only
Everyone No Permission
Local System Full Control==> This Folder, Subfolders and Files


User Account Minimum permission required
Everyone No permission
Security group of users needing to put data on share Full Control

See also



Persona Management Configuration

The persona management configuration is done through Group policy by adding the VMware Horizon View Persona Management Administrative Template (Viewpm.ADM) which can be located in the VMware Horizon 6 GPO bundle


The settings I normally use are the following:

Roaming & Synchronization

Manage User Persona: Enabled

Profile Upload Interval: 10 minutes

Persona Repository Location: Enabled

Share Path: \\fileserver\VDI_Profiles$\%username%.%userdomain%

Override Active Directory User Profile Patch if it is configured: YES

Roam Local Settings Folder: Enabled

Folders to Background Download: Enabled

Folders to download: %APPDATA%\Thinstall

Folder Redirection

Desktop: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\Desktop

Downloads: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\Downloads

Favorites: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\Favorites

My Documents: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\MyDocuments

My Music: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\MyMusic

My Pictures: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\MyPictures

My Videos: Enabled

Redirect to the following location: \\fileserver\VDI_UserFolders$\%username%.%userdomain%\MyVideos

Desktop UI

Show progress when downloading large files: Enabled

Minimum file size to show progress window (MB): 10

As you can see in the above, the settings require two shares to be available:

  • \\fileserver\VDI_Profiles$ ==> This will store the users profile
  • \\fileserver\VDI_UserFolders$ ==> This will store the redirected folders

Also Enable the following GPO settings on the OU where your VDIs live:

Computer Configuration\Administrative Templates\System\User Profiles\Add the Administrators security group to the roaming user profiles


Script to create Persona Management repositories, shares & permissions

To create the repositories and to set the permissions on NTFS and share level correct, you can execute the following commands from a command prompt on the fileserver.

md D:\VDI\VDI_Profiles
net share VDI_Profiles$=D:\VDI\VDI_Profiles /grant:domainname\eucusergroup,FULL
icacls D:\VDI\VDI_Profiles /inheritance:r
icacls D:\VDI\VDI_Profiles /grant "CREATOR OWNER":(OI)(CI)F
icacls D:\VDI\VDI_Profiles /remove Administrators
icacls D:\VDI\VDI_Profiles /grant domainname\eucusergroup:(NP)(RD,AD,RA)
icacls D:\VDI\VDI_Profiles /grant everyone:D
icacls D:\VDI\VDI_Profiles /grant System:(OI)(CI)F

md d:\VDI\VDI_UserFolders
net share VDI_UserFolders$=d:\VDI\VDI_UserFolders /grant:domainname\eucusergroup,FULL
icacls D:\VDI\VDI_UserFolders /inheritance:r
icacls D:\VDI\VDI_UserFolders /grant "CREATOR OWNER":(OI)(CI)F
icacls D:\VDI\VDI_UserFolders /remove Administrators
icacls D:\VDI\VDI_UserFolders /grant domainname\eucusergroup:(NP)(RD,AD,RA)
icacls D:\VDI\VDI_UserFolders /grant everyone:D
icacls D:\VDI\VDI_UserFolders /grant System:(OI)(CI)F


  • The domainname\eucusergroup referenced in the above commands is an Active Directory group containing all the user accounts that will be using Persona Management.
  • I chose to create the repositories on the D: drive of the fileserver, but this could of course be any drive of your choice
  • I also chose to create hidden shares ($), but this is not a necessity to do this


Permanent link to this article: https://ituda.com/vmware-horizon-view-script-to-create-persona-management-repositories-shares-and-permissons/

Mar 06 2015

VMware Horizon View – Maximum concurrent connections within a certain period

Last week, I received the question from a client wether it was easy to see the maximum concurrent connections in VMware Horizon View between two distinct dates.

There are several ways to do this:

  • Through vRealize operations manager for Horizon
  • In the standard VMware Horizon View console you can see the maximum number of concurrent connections from the time of installation or from the last time you reset the value, so this is not really that useful


  • By executing some PowerCLI commands: See this post From Ivo Beerens
  • By executing some SQL commands.
    • The SQL command I use to get this information is
as date
as 'Maximum concurrent sessions'
FROM [yourvieweventdatabasename].[dbo].[event.historical]
and [Time]<=DATEADD(dd,-15,getdate())
and [Time}>=DATEADD(dd,-30,getdate())
ORDER BY [Maximum concurrent sessions]

This query will return the maximum number of concurrent connections between 30 days ago and 15 days ago.


Permanent link to this article: https://ituda.com/vmware-horizon-view-maximum-concurrent-connections-within-a-certain-period/

Older posts «

» Newer posts

Fetch more items

%d bloggers like this: