The Enrollment Server (ES) is a Horizon Cloud component that you install on a Windows Server machine as the last step in setting up infrastructure for True SSO. By deploying the Enrollment Agent (Computer) certificate onto the server, you are authorizing this ES to act as an Enrollment Agent and generate Certificates on behalf of users.

Procedure

  1. Install the Enrollment Server.
    1. Download the Enrollment Server .exe file from the My VMware site. The file name should be similar to VMware-HorizonCloud-TruessoEnrollmentServer-x86_64-7.3.0-xxxxx.exe.
    2. Confirm that the system is running Windows Server 2008 R2 or 2012 R2 machine and has a minimum of 4GB memory.
    3. Run the installer and follow the wizard.
  2. Deploy the Enrollment Agent (Computer) Certificate.
    1. Open the Microsoft Management Console (MMC).
    2. On the File menu, click Add/Remove Snap-in.
    3. Under Available snap-ins, double-click Certificates.
    4. Select Computer account and click Next.
    5. Select Local computer and click Finish.
    6. On the Add or Remove Snap-ins dialog, click OK.
    7. In the MMC, right-click the Personal folder under Certificates and select All Tasks > Request New Certificates.
    8. In the Certificate Enrollment dialog, select the check box for the Enrollment Agent (Computer) and click Enroll.
  3. Import the pairing bundle.
    1. In the MMC, right-click the Certificates sub-folder under the VMware Horizon Cloud Enrollments Server Trusted Roots folder and select All Tasks > Import.
    2. Click Next.
    3. Navigate to the location where you unzipped the certificate files from the pairing_bundle.7z bundle.
    4. Import the two certificate files one at a time.
    5. Click Next, then click Finish.

What to do next

Complete the remaining steps to configure True SSO in the administration console. See Configure True SSO for an Active Directory Domain.