Connection Servers are one of the most important components in any Horizon environment, and they come in three flavors – the standard Connection Server, the Replica Connection Server, and the Security Server.
You may have noticed that I listed two types of connection servers. The Standard and Replica Connection Servers have the same feature set, and the only difference between the two is that the standard connection server is the first server installed in the pod. Both connection server types handle multiple roles in the Horizon infrastructure. They handle primary user authentication against Active Directory, management of desktop pools, provide a portal to access desktop pools and published applications, and broker connections to desktops, terminal servers, and applications. The connection server’s analog in Citrix environments would be a combination of Storefront and the Delivery Controller.
The Security Server is a stripped down version of the regular Connection Server designed to provide secure remote access. It is designed to operate in a DMZ network and tunnel connections back to the Connection server, and it must be paired with a specific Connection Server in order for the installation to complete successfully. Unlike previous versions of this walkthrough, I won’t be focusing on the Security Server in the remote access section as VMware now provides better tools.
Installing the First Connection Server
Before you can begin installing the Horizon View, you will need to have a server prepared that meets the minimum requirements for the Horizon View Connection Server instance. The basic requirements, which are described in Part 2, are a server running Windows Server 2008 R2 or Server 2012 R2 with 2 CPUs and at least 4GB of RAM.
Note: If you are going have more than 50 virtual desktop sessions on a Connection Server, it should be provisioned with at least 10GB of RAM.
Once the server is provisioned, and the Connection Server installer has been copied over, the steps for configuring the first Connection Server are:
1. Launch the Connection Server installation wizard by double-clicking on VMware-viewconnectionserver-x86_64-7.x.x-xxxxxxx.exe.
2. Click Next on the first screen to continue.
3. Accept the license agreement and click Next to continue.
4. If required, change the location where the Connection Server files will be installed and click Next.
5. Select the type of Connection Server that you’ll be installing. For this section, we’ll select the Horizon 7 Standard Server. If you plan on allowing access to desktops through an HTML5 compatible web browser, select “Install HTML Access.” Select the IP protocol that will be used to configure the Horizon environment. Click Next to continue.
6. Enter a strong password for data recovery. This will be used if you need to restore the Connection Server’s LDAP database from backup. Make sure you store this password in a secure place. You can also enter a password reminder or hint, but this is not required.
7. Horizon View requires a number of ports to be opened on the local Windows Server firewall, and the installer will prompt you to configure these ports as part of the installation. Select the “Configure Windows Firewall Automatically” to have this done as part of the installation.
Note: Disabling the Windows Firewall is not recommended. If you plan to use Security Servers to provide remote access, the Windows Firewall must be enabled on the Connection Servers to use IPSEC to secure communications between the Connection Server and the Security Server. The Windows Firewall should not be disabled even if Security Servers and IPSEC are not required.
8. The installer will prompt you to select the default Horizon environment administrator. The options that can be selected are the local server Administrator group, which will grant administrator privileges to all local admins on the server, or to select a specific domain user or group. The option you select will depend on your environment, your security policies, and/or other requirements.
If you plan to use a specific domain user or group, select the “Authorize a specific domain user or domain group” option and enter the user or group name in the “domainname\usergroupname” format.
Note: If you plan to use a custom domain group as the default Horizon View administrator group, make sure you create it and allow it to replicate before you start the installation.
9. Chose whether you want to participate in the User Experience Improvement program. If you do not wish to participate, just click Next to continue.
10. Click Install to begin the installation.
11. The installer will install and configure the application and any additional windows roles or features that are needed to support Horizon View.
12. Once the install completes, click Finish. You may be prompted to reboot the server after the installation completes.
Now that the Connection Server and Composer are installed, it’s time to begin configuring the Horizon application so the Connection Server can talk to both vCenter and Composer as well as setting up any required license keys and the events database. Those steps will be covered in the next part.