If you are deploying Horizon 7 in a hybrid cloud environment by linking the on-premises pod with the VMware Cloud on AWS pod, you must prepare the on-premises Microsoft Active Directory (AD) to access the AD on VMware Cloud on AWS.

If the Horizon 7 pod on VMware Cloud on AWS is stand-alone, you can skip the preparation of the on-premises AD.

You can use the following scenarios to prepare AD for your hybrid cloud deployment:

  • If you want the on-premises AD domain controllers to service the Horizon 7 pod on VMware Cloud on AWS, the access time might be slow due to the latency between on-premises and VMware Cloud on AWS.

  • On VMware Cloud on AWS, deploy a read-only AD domain controller.

  • Configure a trust from the AWS Microsoft AD to your existing AD. When you allow the AWS Microsoft AD to access on-premises AD, the AWS Microsoft AD can serve as a resource domain. Configuring a trust enables your users to sign in with Single Sign-On using their existing corporate credentials to AWS services.