In the base virtual machine (VM), after running the Horizon Agents Installer, you must configure some DaaS agent properties to manually pair the VM with the pod before Horizon Cloud can convert the VM into an assignable image that can be used in Horizon Cloud.

Prerequisites

  • From the pod's summary page in the Horizon Cloud Administration Console, obtain the pod's tenant appliance IP address. In the Administration Console, navigate to Settings > Capacity and click on the pod's name. On the Summary page, locate the Tenant appliance IP address property and note down that IP address.
    Location of the tenant appliance IP address in the pod's Capacity page

  • Verify that the agent-related components were installed in the base VM as described in Install the Agent-Related Software Components in the Base Virtual Machine.
  • Verify that the DaaS SSL bootstrap file was downloaded to the VM, as described in Prepare the Master Server VM for Agent Installation. The file is named image_bootstrap.7z by default.
  • In the base VM's Windows operating system, confirm that you can access the Keytool.exe file in C:\Program Files (x86)\VMware\Horizon Agents\Horizon DaaS Agent\service. Open a command prompt as administrator, navigate to C:\Program Files (x86)\VMware\Horizon Agents\Horizon DaaS Agent\service, and issue the command Keytool.exe -h. If the command returns information about running Keytool to import the bootstrap credentials, you have the required access.

Procedure

  1. In the Microsoft Azure portal, connect to the base VM and log in to the VM's Windows operating system if you are not already connected.
  2. Verify the setting of the DaaS agent's EnableBootstrap registry key is set to 1 (one), and not 0 (zero).
    1. Run regedit.
    2. In the Registry Editor, navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VMware, Inc.\VMware DaaS Agent entry.
    3. Verify the value of the EnableBootstrap key is set to 1 (one).
      If EnableBootstrap key is not set to 1 (one), then modify the key to set it to 1 (one).
  3. Create a registry key for the desktop manager address.
    1. In the Registry Editor, navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VMware, Inc.\VMware DaaS Agent entry.
    2. Add a new string value key named DesktopMgrAddresses.
    3. Set the new key's value to the pod's Tenant appliance IP address value that you obtained from the pod's details page in the Administration Console.

      New registry key for DaaS agent's tenant appliance IP address

  4. Restart the DaaS agent service.
    The DaaS agent waits for the bootstrap credentials to be imported in the next step.
  5. Import the DaaS SSL bootstrap credentials.
    1. Open a command prompt as administrator and navigate to C:\Program Files (x86)\VMware\Horizon Agents\Horizon DaaS Agent\service.
    2. Run Keytool.exe using the downloaded DaaS SSL bootstrap file (image_bootstrap.7z) as an argument.
      Keytool.exe –f absolute-path-to-bootstrap-file/image_bootstrap.7z
      When prompted, enter the encryption password that you set when you downloaded the DaaS SSL bootstrap file.
      Note: Ensure that step 2 to add the registry key is completed before you run the Keytool utility. If the registry key does not exist, the Keytool command might fail with the message Cannot find the file specified.
      The Keytool utility performs the bootstrap and moves the certificate to the cert folder. If you see a message that the file is successfully decrypted, this step is complete.
  6. Close your RDP connection.
  7. In the Microsoft Azure portal, click Stop on the VM.
  8. When the portal indicates the VM is completely stopped, click Start on the VM.

What to do next

At this point, the base VM conforms to the Horizon Cloud environment's requirements to create an assignable image, also referred to as a sealed image. To confirm that this VM can be converted into a sealed image, in the Horizon Cloud Administration Console, navigate to Inventory > Imported VMs and check that an ACTIVE status is displayed in the Agent Version column for this VM.

If you joined the VM to your Active Directory domain, you can use domain accounts to connect to the VM to customize the image. If you did not join the VM to your Active Directory domain, you can use the local administrator account to connect to the VM to customize the image.

Customize the image's Windows operating system, including configuring things like wallpapers and installing the applications you want this VM to provide to your end users. If you enabled a public IP address for the VM, you can connect to the created VM by using the IP address displayed on the Imported VMs page in an RDP client like Microsoft Remote Desktop Connection. For details, see Customize the Master Image VM's Windows Operating System and its subtopics:
Important: It is strongly recommended that you optimize the image VM, including removing AppX packages from Window 10 images, as described in Customize the Master Image VM's Windows Operating System, Deciding to Optimize the Windows Image When Using the Import Desktop Wizard, and Deciding to Remove Windows Store Apps When Using the Import Desktop Wizard.

If you selected a NV-series VM type, you must log into the VM's operating system and install the supported NVIDIA graphics drivers to get the GPU capabilities of the GPU-enabled NV-series VM. You install the drivers after the VM is created and the Imported VMs page shows the DaaS agent is active. See Install NVIDIA Graphics Drivers in a GPU-Enabled Master Image.

After you are finished customizing the master VM, use the New Image workflow to convert the master VM to an assignable image. See Convert a Configured Master Virtual Machine to an Assignable Image.