Your overall Horizon Cloud environment consists of the VMware-hosted cloud service, your provided capacity, and VMware software deployed into that capacity and connected to the cloud service. When the VMware software installed in that capacity is appropriately configured and connected to the cloud service, that configured entity is now a cloud-connected pod. Having at least one cloud-connected pod and completing the Active Directory registration process unlocks use of the cloud- and web-based Horizon Universal Console for management and administrative tasks involving those pods, including health monitoring, and help desk services.
For an overall introduction, see Introduction to Horizon Cloud and Onboarding Pods to Become Cloud-Connected Pods. Supported capacity environments are ones such as Microsoft Azure cloud or a VMware-supported SDDC. Each of these capacity environments provides for a specific pod type:
- Pod in Microsoft Azure cloud
- Horizon pod connected using Horizon Cloud Connector — a Horizon pod deployed in a VMware-supported SDDC
Having at least one cloud-connected pod and completing the Active Directory registration process opens up use of the console for performing administrative tasks in the environment. The console provides an integrated view and centralized access to the cloud-based services that Horizon Cloud provides. This web-based console works in an industry-standard Web browser. For the list of supported Web browser types and versions, see Tour of the Cloud-Based Horizon Universal Console for Administrative Tasks in Horizon Cloud.
Depending on the type of capacity you have access to, you can use this same console for an automated pod deployment into that capacity and configure that pod for connection to Horizon Cloud. For some types of pods, even though they cannot be automatically deployed and configured, you can still cloud-connect those pods and work with them in this same administrative console, after performing some required connection steps.
Before you can use any cloud-hosted services or the console with a Horizon Cloud pod, you must:
- Connect your first pod to Horizon Cloud. Depending on the pod type you want to deploy first, see
- Horizon pods — High-Level Workflow for Horizon Pods.
- Horizon Cloud pods into Microsoft Azure — High-Level Workflow for Deploying a Pod into Microsoft Azure
- Register at least one Active Directory domain and grant the Super Administrator role to at least one of your Active Directory groups.
Registering the domain involves providing both:
Note: In this release, the domain-join account is used by system operations primarily with pods in Microsoft Azure. Cloud-connected Horizon pods do not make use of the domain-join account that you specify in the Active Directory domain registration steps. However, even when you have only cloud-connected Horizon pods for your environment, it is prudent to complete the domain-join account step to ensure that the subsequent prompt to assign the Super Administrators role is activated. Assigning that role to an Active Directory domain group is a required step for all types of cloud-connected pods.
- A primary domain-bind account and an auxiliary domain-bind account, used by Horizon Cloud to perform lookups in the Active Directory. By providing an auxiliary domain-bind account when you first register the domain, you prevent locking your administrator users out of the console if the primary bind account becomes inaccessible.
- A domain-join account, used by Horizon Cloud in pod operations that require joining virtual machines to the domain, such as when importing a VM from the Microsoft Azure Marketplace, creating farm RDSH instances, creating VDI desktop instances, and so on.
For the requirements on these domain-bind and domain-join accounts, see Service Accounts That Horizon Cloud Requires for Its Operations.
For details about the domain registration workflow , see Performing Your First Active Directory Domain Registration in the Horizon Cloud Environment.
Afterwards, a best practice is to follow the recommended actions displayed in the Getting Started wizard.
- Use the Unplug action in the web-based Horizon Cloud Connector configuration portal to remove the connection between each of the cloud-connected pods until you are down to a single cloud-connected pod.
- Use the Horizon Universal Console to remove the failed registration, by following the steps in remove the failed Active Directory domain registration from Horizon Cloud.
- Complete the first Active Directory domain registration process, related to that pod.
- In the web-based Horizon Cloud Connector configuration portal, re-run the connector's cloud-pairing workflow on the other pods.
After the first Active Directory domain is registered with Horizon Cloud for the pod's use, you can subsequently register additional Active Directory domains. Registering additional Active Directory domains provides for the ability to specify those domains' user accounts within the various Horizon Cloud workflows that you perform using the administrative console, such as entitling your end users to pod-provisioned resources and assigning administrative roles to your administrative users. After the first Active Directory domain is registered, you can also configure additional auxiliary domain bind accounts and an auxiliary domain join account.
When you are expecting to see a feature in the administrative console and do not see it, contact your VMware account representative to verify whether your license and tenant account configuration entitles its usage.