View LDAP is the data repository for all Horizon 7 configuration information. View LDAP is an embedded Lightweight Directory Access Protocol (LDAP) directory that is provided with the Connection Server installation.

View LDAP contains standard LDAP directory components that are used by Horizon 7.

  • Horizon 7 schema definitions
  • Directory information tree (DIT) definitions
  • Access control lists (ACLs)

View LDAP contains directory entries that represent Horizon 7 objects.

  • Remote desktop entries that represent each accessible desktop. Each entry contains references to the Foreign Security Principal (FSP) entries of Windows users and groups in Active Directory who are authorized to use the desktop.
  • Remote desktop pool entries that represent multiple desktops managed together
  • Virtual machine entries that represent the vCenter Server virtual machine for each remote desktop
  • Horizon 7 component entries that store configuration settings

View LDAP also contains a set of Horizon 7 plug-in DLLs that provide automation and notification services for other Horizon 7 components.

Note: Security server instances do not contain a View LDAP directory.

LDAP Replication

When you install a replicated instance of Connection Server, Horizon 7 copies the View LDAP configuration data from the existing Connection Server instance. Identical View LDAP configuration data is maintained on all Connection Server instances in the replicated group. When a change is made on one instance, the updated information is copied to the other instances.

If a replicated instance fails, the other instances in the group continue to operate. When the failed instance resumes activity, its configuration is updated with the changes that took place during the outage. With Horizon 7 and later releases, a replication status check is performed every 15 minutes to determine whether each instance can communicate with the other servers in the replicated group and whether each instance can fetch LDAP updates from the other servers in the group.

You can use the dashboard in Horizon Administrator to check the replication status. If any Connection Server instances have a red icon in the dashboard, click the icon to see the replication status. Replication might be impaired for any of the following reasons:
  • A firewall might be blocking communication
  • The VMware VDMDS service might be stopped on a Connection Server instance
  • The VMware VDMDS DSA options might be blocking the replications
  • A network problem has occurred

By default, the replication check occurs every 15 minutes. You can use ADSI Edit on a Connection Server instance to change the interval. To set the number of minutes, connect to DC=vdi,DC=vmware,DC=int and edit the pae-ReplicationStatusDataExpiryInMins attribute on the CN=Common,OU=Global,OU=Properties object.

The pae-ReplicationStatusDataExpiryInMins attribute value should be between 10 minutes and 1440 minutes (one day). If the attribute value is less than 10 minutes, Horizon 7 treats it as 10 minutes. If the attribute value is greater than 1440, Horizon 7 treats it as 1440 minutes.