Use the Horizon Universal Console's Broker page to modify broker-related settings that apply to your overall Horizon Cloud tenant environment.

As described in First-Gen Tenants - Tour of the First-Gen Horizon Universal Console, the console dynamically reflects the current state of your tenant environment. As a result, the console displays sections on this page and the various settings based on which ones are relevant and appropriate for the current, up-to-the minute state of your tenant environment.

Note: When changing any of the following settings described in the sections below, it can take up to 5 minutes for the update to take effect.
  • The settings in the Session Timeout sections.
  • The Clean Up HTML Access Credentials When Tab is Closed setting.

Universal Broker

The console displays this section when your tenant is configured to have your cloud-connected pods use the Universal Broker to broker end users' clients to their entitled pod-provisioned resources. When the Universal Brokersettings are already saved to the system, those current settings are displayed in this section. To change those settings, click the pencil icon next to the Universal Broker label and then follow the on-screen prompts. For additional details about the on-screen settings, see the information described in Configure Universal Broker Settings.

Depending on the tenant's up-to-date configuration, the Broker page might display some additional tabs, such as the following items.

Single-Pod Broker

The console displays this section when your tenant is configured to have your Horizon Cloud pods in Microsoft Azure use the service's classic pod-based brokering method to broker end users' clients to their entitled pod-provisioned resources. These pods are the ones running the Horizon Cloud pod-manager technology.

As of the v2111 service release, use of single-pod brokering is not available to greenfield customer tenant environments. In this context, greenfield means a tenant environment in which the console's enablement procedure was never previously initiated within the console's Broker page for the tenant's Horizon Cloud pods.

Session Timeout

These settings govern the end users' connections made from their endpoint devices using Horizon Client, Horizon HTML Access, and Workspace ONE. You can adjust these timeout settings to allocate enough time to avoid a user unexpectedly finding that they need to re-authenticate to Horizon Cloud. These settings are associated with the connection between the client running on the entitled end user's endpoint device and the pod that provisions VDI desktops, RDS session desktops, and remote applications to that entitled end user. These settings are separate from the users' logged-in session to the underlying Windows operating system of those desktops and applications. When the pod detects the conditions determined by these settings have occurred, it expires the user's authenticated Horizon Client, Horizon HTML Access, or Workspace ONE connection.

Timeout Description
Client Heartbeat Interval Controls the interval between Horizon Client heartbeats and the state of the endpoint's connection to the pod manager in the pod. These heartbeats report to the pod manager the amount of idle time that has passed in the connection to the endpoint. Idle time occurs when no interaction occurs with the endpoint device, as opposed to idle time in the Windows operating system session that underlies the user's desktop or remote application usage. In large desktop deployments, setting the activity heartbeats at longer intervals might reduce network traffic and increase performance.
Client Idle User Pertaining to the connection between an end user's endpoint device and the pod's pod manager, the maximum time that the end user can be idle in that connection, such as when no keyboard or mouse activity on the client device is detected. When this maximum is reached, the connection's authentication to the pod manager expires and all active Horizon Client, Horizon HTML Access, and Workspace ONE remote (RDS-based) application connections are closed.
  • The single sign-on (SSO) credentials at the pod manager are discarded. The user must re-authenticate in their client to reopen a connection from their end-point device to connect to the pod manager within that pod.
  • RDS-based application sessions are disconnected.
Note: Set the Client Idle User timeout to be at least double the Client Heartbeat Interval setting to avoid your end users seeing unexpected disconnects.
Client Broker Session Pertaining to the connection between an end user's endpoint device and the pod's pod manager, the maximum time that a Horizon Client, Horizon HTML Access, or Workspace ONE connection can be connected to the pod manager before the connection's authentication expires. The timeout count starts each time the user authenticates to the pod in the client on their endpoint device. When this timeout occurs, the user can continue to work in their existing session that is currently assigned from the pod manager. If the user performs an action in the client on their endpoint device that requires communication to the pod manager, such as changing a client setting, the pod manager requires a re-authenticated connection. The end user must log back in to the client on their endpoint device (Horizon Client, Horizon HTML Access, or Workspace ONE).
Note: The Client Broker Session timeout must be at least equal to the sum of the Client Heartbeat Interval setting and the Client Idle User timeout.
HTML Access
The Clean Up HTML Access Credentials When Tab is Closed setting affects system security and ease of use when end users use HTML Access to access their desktops or applications. The setting determines if end users must enter their credentials again.
  • A value of Yes, the option that emphasizes security, prompts end users to again enter their credentials when they reconnect.
  • A value of No, the option that emphasizes ease of use, does not prompt end users to enter their credentials when they reconnect.
Pool/Farm Options
The Allow Client To Wait For Powered-Off VM option governs what happens if the end user uses Horizon Client to try to connect to a desktop or remote application when the underlying VDI or RDSH virtual machine is powered off in the cloud. As a result of an assignment's or RDSH farm's power management settings, there might not be enough powered-on virtual machine capacity to serve the client's request. When the connection is initiated, Horizon Cloud starts powering on the underlying virtual machine needed to fulfill the request. However, although the underlying virtual machine is powering on, the Horizon Cloud agent in the virtual machine has not yet started up and cannot respond to the Horizon Client connection request. Because it can take some time between the client connecting and the agent starting, you can use this option to have the client retry the connection and inform the end user of the estimated time. For this scenario, when the Enable Client Retry toggle is set to Yes, the client presents a message to the end user that describes the estimated waiting time.
  1. Horizon Cloud starts powering on the underlying virtual machine in the cloud that will serve the end user's client request.
  2. Horizon Cloud notifies Horizon Client to retry the connection when the agent in the virtual machine is up and running.
  3. The client prompts the user with a message that describes the wait time estimated before the client retries the connection.