Category: Horizon

Blocking AD Logon Scripts

When starting a PoC or new VDI deployment, in terms of group policy, I want to isolate the new environment as much as possible.  I don’t want any existing user and computer settings applying.  Often, the project will involve optimization in this area (in this case the introduction of User Management products such as Citrix WEM or VMware UPM). I will block policy at the VDI OU level and create a loopback policy (REPLACE) so only settings from one place are applying.  I may well have to tackle enforced policy here too. However, this does not take login scripts defined...


Enable Flash Based Web Consoles in Windows 2019

Enable Flash Based Web Consoles in Windows 2016/2019 I first posted this short blog on the excellent Define Tomorrow website here.  I thought it handy to update it for Windows Server 2019. I thought I would do a quick post as I come across this frequently. Windows 2016/2019 has flash player available, but it is not enabled by default. Especially frustrating as many of the vmware consoles I use are still flash based. There are security concerns around installing flash player on a server, so I tend to limit this to lab environments, but it is a good to know....

A screenshot of a cell phone Description automatically generated

Horizon View 7.X – Branding the Logon Page

I’ve blogged about this for previous versions of Horizon over on Define Tomorrow and with version 7.7 now GA I thought I would put all of the information together and hopefully simplify the process by removing some peripheral information. The original post can be found here I think it is a nice visual to add some simple branding to the default Horizon landing and portal pages and it is relatively straightforward to accomplish. Let’s start with the default screens and elements. Landing Page HTML Portal Page I’ve marked the images we are going to change in red and the text...


Certificates for Horizon HTML Blast Agent and non-persistent desktops

Background If you wish to have the connection server hand off an HTML5 blast connection directly to the horizon agent then there is a requirement for there to be a trusted certificate on the desktop. When using the Connection server as a gateway this is not required. In addition, with UAGs providing external access you need to turn the Blast gateway off. You can use a dedicated Connection server(s) for external access, but this pairing requirement was a limitation of security server that was lifted with UAG so I don’t want to deploy additional servers. I also want to avoid...


Shutdown vSAN Cluster with Horizon Instant Clones

In previous versions of vSphere it has been necessary to run CLI commands or edit host config to remove parent VMs (for instant clones) before shutting down a cluster. This is not required in ESXi 6.7 so the process has become a little easier. Here is a bare bones process that I use to cleanly shut down then startup a vSAN cluster running instant clones (tested with Horizon 7.7/ESXi 6.7 u1). In this instance, the vCenter appliance is also running on the cluster so this will add some extra steps to the process. **I have also included a few powercli...