To install Connection Server as a single server or as the first instance in a group of replicated Connection Server instances, you use the standard installation option.
When you select the standard installation option, the installation creates a new, local View LDAP configuration. The installation loads the schema definitions, Directory Information Tree (DIT) definition, and ACLs and initializes the data.
After installation, you manage most View LDAP configuration data by using Horizon Administrator. Connection Server automatically maintains some View LDAP entries.
The Connection Server software cannot coexist on the same virtual or physical machine with any other Horizon 7 software component, including a replica server, security server, View Composer, Horizon Agent, or Horizon Client.
When you install Connection Server with a new configuration, you can participate in a customer experience improvement program. VMware collects anonymous data about your deployment in order to improve VMware's response to user requirements. No data that identifies your organization is collected. You can choose not to participate by deselecting this option during the installation. If you change your mind about participating after the installation, you can either join or withdraw from the program by editing the Product Licensing and Usage page in Horizon Administrator. To review the list of fields from which data is collected, including the fields that are made anonymous, see "Information Collected by the Customer Experience Improvement Program" in the Horizon 7 Administration document.
By default, the HTML Access component is installed on the Connection Server host when you install Connection Server. This component configures the Horizon 7 user portal page to display an HTML Access icon in addition to the Horizon Client icon. The additional icon allows users to select HTML Access when they connect to their desktops.
For an overview of setting up Connection Server for HTML Access, see the VMware Horizon HTML Access Installation and Setup Guide document, located on the Horizon Client Documentation page.
Prerequisites
- Verify that you can log in as a domain user with administrator privileges on the Windows Server computer on which you install Connection Server.
- Verify that your installation satisfies the requirements described in Horizon Connection Server Requirements.
- Prepare your environment for the installation. See Installation Prerequisites for Horizon Connection Server.
- If you intend to authorize a domain user or group as the Administrators account, verify that you created the domain account in Active Directory.
- Prepare a data recovery password. When you back up Connection Server, the View LDAP configuration is exported as encrypted LDIF data. To restore the encrypted backup Horizon 7 configuration, you must provide the data recovery password. The password must contain between 1 and 128 characters. Follow your organization's best practices for generating secure passwords.
Important: You will need the data recovery password to keep Horizon 7 operating and avoid downtime in a Business Continuity and Disaster Recovery (BCDR) scenario. You can provide a password reminder with the password when you install Connection Server.
- Familiarize yourself with the network ports that must be opened on the Windows Firewall for Connection Server instances. See Firewall Rules for Horizon Connection Server.
- If you plan to pair a security server with this Connection Server instance, verify that Windows Firewall with Advanced Security is set to on in the active profiles. It is recommended that you turn this setting to on for all profiles. By default, IPsec rules govern connections between security server and Connection Server and require Windows Firewall with Advanced Security to be enabled.
- If your network topology includes a back-end firewall between a security server and the Connection Server instance, you must configure the firewall to support IPsec. See Configuring a Back-End Firewall to Support IPsec.
Procedure
Results
The Horizon 7 services are installed on the Windows Server computer:
- VMware Horizon Connection Server
- VMware Horizon View Framework Component
- VMware Horizon View Message Bus Component
- VMware Horizon View Script Host
- VMware Horizon View Security Gateway Component
- VMware Horizon View PCoIP Secure Gateway
- VMware Horizon View Blast Secure Gateway
- VMware Horizon View Web Component
- VMware VDMDS, which provides View LDAP directory services
For information about these services, see the Horizon 7 Administration document.
If the Install HTML Access setting was selected during the installation, the HTML Access component is installed on the Windows Server computer. This component configures the HTML Access icon in the Horizon 7 user portal page and enables the VMware Horizon View Connection Server (Blast-In) rule in the Windows Firewall. This firewall rule allows Web browsers on client devices to connect to the Connection Server on TCP port 8443.
What to do next
Configure SSL server certificates for Connection Server. See Configuring TLS Certificates for Horizon 7 Servers.
If you have an older version of vCenter Server, see Enable TLSv1.0 on vCenter Connections from Connection Server.
Perform initial configuration on Connection Server. See Configuring Horizon 7 for the First Time.
If you plan to include replicated Connection Server instances and security servers in your deployment, you must install each server instance by running the Connection Server installer file.
If you are reinstalling Connection Server and you have a data collector set configured to monitor performance data, stop the data collector set and start it again.