12-07-2019 11:46 AM - edited 12-07-2019 12:00 PM
How are others monitoring their Vmware view / horizon environments for user-id?
I see there is a terminal services agent you can use, (looks like you can only install on windows and citrix) but I haven't found specifics on actually monitoring the vmware view environment/and what permissions that account would need in vmware. Can anyone point me in the right direction for monitoring a vmware view environment for user-id?
There is a vm information sources area, but I'm thinking that that is only for obtaining VM tags for use in security policy and DAG - NOT for user-id user to ip mapping specifically.
The below link talks about it - but doesn't give clear direction on how/what to look at for vdi view environments:
https://www.paloaltonetworks.com/solutions/initiatives/virtual-desktop-infrastructure
12-07-2019 10:03 PM
Can you explain how you actually have VMWare Horizon configured within your environment, because there are quite a few different ways you could be using this that would change how you would collect the user information. A lot of the time I see companies simply granting a user entitlement to a vm host and you can continue to pull user-id information directly from Active Directory as you are now. Again though, there are a lot of different ways you can configure Horizon and we need a bit more information on how you've actually got things configured.
Horizon itself though is generally not something I collect information from unless I'm using it as a user-id source or feeding login events in through the API. Generally, people are using it to allow a user access directly to a machine or a TS. You really only need to do things differently if you've enabled ThinApp.
05-20-2020 08:08 AM
If "turns out backend is mostly Windows" = remote desktop services on a terminal server, then the terminal server agent is the way to go. If "turns out the backend is mostly Windows" = users gaining access to full clone or linked clone or instant clone virtual machines, then your existing user-id infrastructure which monitors AD logins will work without installing the terminal server agent.
12-07-2019 10:03 PM
Can you explain how you actually have VMWare Horizon configured within your environment, because there are quite a few different ways you could be using this that would change how you would collect the user information. A lot of the time I see companies simply granting a user entitlement to a vm host and you can continue to pull user-id information directly from Active Directory as you are now. Again though, there are a lot of different ways you can configure Horizon and we need a bit more information on how you've actually got things configured.
Horizon itself though is generally not something I collect information from unless I'm using it as a user-id source or feeding login events in through the API. Generally, people are using it to allow a user access directly to a machine or a TS. You really only need to do things differently if you've enabled ThinApp.
12-08-2019 12:10 PM
let me check and get back to you on the exact application here. Should have the answer shortly. Thank you for the quick reply!
12-10-2019 10:17 AM
Turns out the backend is mostly Windows. Terminal services agent it is. Hoping this solves the problem.
05-20-2020 08:08 AM
If "turns out backend is mostly Windows" = remote desktop services on a terminal server, then the terminal server agent is the way to go. If "turns out the backend is mostly Windows" = users gaining access to full clone or linked clone or instant clone virtual machines, then your existing user-id infrastructure which monitors AD logins will work without installing the terminal server agent.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
