VMware Horizon DaaS 9.2.0 | 27 APR 2023

Check for additions and updates to these release notes.

Product Documentation - All product documentation for Horizon DaaS is located on the VMware Horizon DaaS documentation landing page.

Compatibility Information - For the most recent information about compatibility between this product and other VMware products, see the VMware Product Interoperability Matrices.

Software Versions Required for Upgrade

Before upgrading to Horizon DaaS 9.2.0, confirm that the service provider and tenant appliances in your environment are running Horizon DaaS 9.0.0, 9.0.1, 9.0.2, 9.1.0, 9.1.1, 9.1.2, 9.1.3, or 9.1.4. These are the versions required for upgrade.

Note Regarding Appliance Restore After Upgrade

Restoring Horizon DaaS platform appliances to previous versions after upgrading to the 22.1.0/9.2.0 release is supported.

To ensure that the platform setup can support anticipated/unexpected restores of any appliances of version 20.2.x/9.0.x or 21.1.x/9.1.x, before performing the Restore you must copy the entire directory (/opt/vmware/horizon/link/transfer/xx.x.x.xxxx.x) from the 20.2.x/9.0.x or 21.1.x/9.1.x Horizon Air Link appliance to the new 22.1.0/9.2.0 Horizon Air Link appliance at the same path (/opt/vmware/horizon/link/transfer/). This can be done at any point in time after installing the 22.1.0/9.2.0 Horizon Air Link appliance, including after upgrading the platform Management appliances (SPs and RMs).

New Features

This release includes the following new features.

  • Migrating Deployments to NSX-T Environment - If you currently use VMware NSX for vSphere (also known as NSX-V) to manage your Horizon DaaS networks, this release supports a migration path to VMware NSX (also known as NSX-T). For instructions on how to migrate your virtual networking infrastructure, see Horizon DaaS 9.2.x Migration to VMware NSX-T.

  • New version of the Horizon DaaS appliance template - The Blue/Green upgrade to Horizon DaaS 9.2 includes a new appliance template, based on a more recent version of the underlying appliance OS. The newer version allows longer-term support for the core services used by the platform, and will be the basis for the product updates in the future.

  • New version of the Horizon Version Manager (HVM) appliance - The HVM appliance update offers additional options, specifically for error logging and rollback control. HVM administrators can now collect logs for the Horizon Air Link, resource manager, service provider, tenant, and desktop manager appliances in a single step.

  • Default domain option for user login - Tenant administrators can now can use the display.default.domain.at.top tenant policy to specify the default domain for client (user) login. This allows updated clients to display the default user domain as preselected at the top of the domain list.

  • Improved Active Directory (AD) support - New tenant policies have been added to this release, specifically designed to help CSP administrators in situations where tenant AD authentication causes issues with AD servers across slow links or complex AD sites.

Best Practices

Knowledge of the following facts is useful before using Horizon DaaS.

Agent Update for Assignment with 1 VM - If you are performing Agent Update for an assignment with only 1 VM, you must set Available VMs to Users to 0.

Moving VMs in vCenter - Moving appliance VMs to other folders in vCenter is not recommended because there are checks performed during resync and upgrades that fail if the appliance VM is not in the folder in which it was created.

Replacing Platform Files Before Upgrade - The platform files on the Customer Connect site are sometimes updated for bug fixes and improvements. When this happens, you should replace the files on HVM with the new ones so you can avoid known issues during upgrade.

  • Confirm that the files on HVM are the same as those on Customer Connect site by the comparing hash values on each file before upgrading Service Provider, Resource Manager, and Tenant.

  • If the hash values do not, match download the new files from the Customer Connect site and put them into HVM.

Deploying Horizon DaaS at Scale - The following are best practices for building and scaling a Horizon DaaS production deployment:

  • Each Tenant Resource Manager (RM) supports a maximum of 18 tenants (with 12 tenants as the recommended maximum).

  • Each Tenant RM manages a single vCenter Server instance. 

    • The vCenter Server instance manages a maximum of 10,000 VMs, across multiple clusters.

  • When a tenant requires multiple Desktop Managers (the Tenant Appliance being also a Desktop Manager), each DM must be assigned to a separate vCenter cluster but can be assigned to the same vCenter. As such for large tenants with two DMs, they must be assigned to two separate vCenter clusters, but those can be managed by the same Tenant RM that is managing the vCenter Server instance for both clusters. Please do keep in mind the best practices for vCenter Server scalability (including recommendations when using VMware App Volumes for application lifecycle management). 

Example: A Horizon DaaS production deployment with 60 tenants each needing only the Tenant Appliances, with a single capacity collection assigned to the Tenant, and each Tenant running fewer than 2,000 VMs.

For this environment the recommended setup would be:

  • Datacenter Service Provider appliances pair.

    • The Service Provider connects to a vCenter Server for the management appliances.

    • Although this vCenter is only for the platform management function, it doesn't need to be dedicated to that task and can be used for other management functions. 

    • The Service Provider does not connect directly to vCenter but uses the HAL appliance for the any operations towards vCenter. 

  • Five Tenant RMs, each managing 12 tenants.

  • To support the tenant desktop workloads, five (5) vCenter Servers with clusters, and the number of clusters depending on whether dedicated or partitioned clusters are used.

    • Recommended maximum of 10,000 VMs per vCenter Server.

    • Each Tenant Appliance or Desktop Manager manages a maximum of 2,000 desktops or sessions.

    • For large tenants, it is recommended to dedicate the vCenter Server cluster.

  • 60 Tenant Appliance pairs (and most likely 60 Unified Access Gateway pairs as well).

  • If some of those tenants need another DM, then those DMs can be assigned to an existing Tenant RM, but not to the vCenter cluster that is assigned to the Tenant Appliance of the same tenant.

    • Keep in mind the recommended maximum of 12 tenants supported per Tenant RM.    

Browser Experience - The Administration Console is compatible with recent versions of Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, and Microsoft Edge. Even though you can try using Apple Safari, use of the Administration Console in Apple Safari is not supported in this release.

Creating a Template Desktop VM - When you are creating a template VM, after you have finished configuring it run the following command in Windows PowerShell: Get-AppxPackage|Remove-AppxPackage. This prevents a possible sysprep issue that leads to image publish failure.

Refreshing Desktop Capacity Information on Tenant Quotas Tab - When editing a tenant, if the Desktop Capacity information on the Quotas tab is not correct, then refresh the page to correct this. In particular, the In Use value for Std Capacity may sometimes display incorrectly and need to be refreshed.

Supported GPU Cards

This section of the release notes lists the GPU cards supported by Horizon DaaS. The list will be updated as new cards are verified.

Note: If you want to use a card that is not currently listed, create a ticket with VMware Global Support Services.






NVIDIATesla P100








NVIDIATesla V100




NVIDIAQuadro RTX 8000






NVIDIA Quadro RTX 6000

NVIDIA Quadro RTX 8000

Known Limitations

Customer Appliance Configuration Changes Do Not Persist After Upgrade - After you upgrade your environment, custom configuration settings that you made (for example, modifying disk timeout) do not persist and need to be re-applied manually when the upgrade is complete. 

User Activity License Report - Data Does Not Persist After Upgrade - After you upgrade your environment, data for User Activity License Reports (formerly known as Concurrent Users License Reports) run before the upgrade is no longer available. To avoid this issue, it is recommended that you save any data you want to keep before performing the upgrade.

Horizon Version Manager - Connection to vCenter Server Using FQDN - If your Active Directory and DNS Server are running on the same machine, you may find that Horizon Version Manager cannot reach the vCenter Server by its Fully Qualified Domain Name (FQDN) while still being able to connect using its IP address. The workaround for this is to add host entries to the /etc/hosts file for the FQDN. For example: vc1dc1.newdaas.local xx.xxx.xx.xx

After Failed Deployment - Manual Clean-Up Required - For security reasons, after a failed Horizon DaaS deployment you are required to perform a manual clean-up of the primary service provider appliance (SP1). During deployment, Horizon Air Link establishes temporary SSH trust between the installing node and SP1 by copying the node's SSH public key to the SP authorized keys list. In a successful deployment these keys are removed automatically after the deployment is complete. But when there is an unexpected deployment failure, you need to remove these keys manually.

Migrating Between Clusters in Multi-DM Environment - In a multi-DM environment with two clusters assigned to different (but linked) vCenters, if you migrate a VM from one cluster to the other, the migrated VM is marked as deleted in the tenant FDB and is not available for use. The workaround for this is to wait for the system to perform a full inventory update. This can take up to 12 hours. [2187188]

Connecting to Administration Console Using Mozilla Firefox

  • Attempting to connect to the Administration Console via Mozilla Firefox can fail with a connection timeout due to a bug in Firefox. The workaround for this is to change the name of certificate file, which is located in the C:\Users\‹username›\AppData\Roaming\Mozilla\Firefox\Profiles\‹filename›.default directory and has a name similar to cert1.db, and then restart the browser.

  • Attempting to connect to the Administration Console via Mozilla Firefox fails when you are using a self-signed certificate (normally in a development environment). You can avoid this issue by using another browser.

DNS Server IP Edits for Domain Join Require Support Ticket - When editing an existing Active Directory Domain, you can no longer directly edit DNS Server IPs in the Administration Console. To change DNS Server IPs, file a ticket with VMware support.

Default Limit of 2,000 Desktops Per Pod - There is now a default limit of 2,000 VMs per pod, both in desktop assignments and in farms. This includes VMs created in earlier versions of the product but does not include Utility or Imported desktops. When you are creating or editing an assignment or farm and the remaining capacity displayed appears to be too low, it may be because this limit has been reached. The default limit of 2,000 can be adjusted on request. For more information, contact your VMware representative. Note to Service Providers: When registering or editing a tenant, you can change this setting by modifying the value in the new Max Desktop Count Per DM field on the General tab. 

Agent Upgrade to HAI 18.4 Requires Use of BAT File - When you upgrade from an older agent build to the HAI 18.4 using the HAI user interface, the installer creates the HAI-upgrade.bat file and then interrupts the upgrade, prompting you to close the user interface and complete the upgrade using the BAT file.

When the upgrade is complete, the VM will be rebooted automatically. You can prevent this reboot by doing either of the following:

  • Update the command-line options in the HAI user interface before the BAT file is generated, adding /norestart at the end of the command.

  • Manually update the generated HAI-upgrade.bat file, adding /norestart at the end of the command.

Note: The VM must be rebooted sometime after the upgrade in order for the Agent to be usable.

Updating Images Using Console Access - Performing updates to images (such as updating agents) using console access without taking the image offline and then accessing it via the Helpdesk Console (beta feature) is not supported and can cause issues with the image and subsequent pools spun up using this image. Do not attempt to perform image updates this way. Always duplicate the image from the Admin Console and then update it using the HACA Console.

Copying and Pasting Between Client System and VM With HTML Access - Copying and pasting text between a client system and a VM is supported by default when the user is connected via the Horizon Client. When the user is connected via HTML Access, however, you must configure this feature before the customer can use it. For more information, see the VMware Horizon HTML Access documentation.

Users Still Able to Log into Dedicated Desktops After Being removed From User Group - If a user is in an Active Directory group that is assigned to a dedicated desktop assignment, once the user has logged into a particular desktop they will be able to continue logging into that same desktop until the user is unassigned from that desktop in the Administration Console, unless either the user is removed entirely from the Active Directory or the desktop is deleted.

Wait Time for Generating Admin Activity Report - When you initiate an export on the Admins tab of the Activity page (Monitor > Activity > Admins), there is an interval of time as the system generates the report, during which you are not able to perform other tasks in the Administration Console. Depending on the number of records, this interval can be several minutes long. For the maximum report size (50,000 records), the wait time is approximately 10 minutes.

Data Sorting in Exported User Activity Report - When you export data from the Users tab of the Activity page (Monitor > Activity > Users), the data in the generated .csv file is not sorted by date. There are two options for correcting this:

  • Open the .csv file in Excel and set the date format for the cells containing dates to mm/dd/yy hh:mm AM/PM (e.g. 3/14/12 1:30 PM).

  • Create a new blank Excel workbook and then use the data import wizard to import the .csv file.

Converting a Desktop to an Image - If you initiate converting a desktop to an image but cancel before the task finishes, a second attempt to convert the desktop to an image may fail. To avoid this issue, you should power off the desktop and power it on again before attempting to convert it to an image a second time.

Time Interval Before Changes to Settings Take Effect - When you change one of the following settings, it can take up to 5 minutes for the change to take effect.

  • General Settings page (Settings > General):

    • Session Timeout - Client Heartbeat Interval, Client Broker Session, Client Idle User

    • HTML Access - Cleanup credentials when tab is closed

    • Pool/Farm Options - Enable Client Retry

  • Identity Management page (Settings > Identity Management):

    • Select item and click Configure - Force Remote Users to Identity Manager

Service Provider Information - When you change one of the following tenant policies, it can take up to 5 minutes for the change to take effect.

  • desktop.connection.corrective.action.required

  • desktop.connection.retry.count

  • client.retry.enabled

  • element.session.logontiming.enabled

  • jms.agent.allow.mmr

  • jms.agent.allow.usb

Resolved Issues

The following issues have been resolved in Horizon DaaS 9.2.0.

  • Failure to convert Windows Server 2019 to image with HAI 22.2

    When attempting to convert a Windows Server 2019 machine to an image with Horizon Agent Installer (HAI) 22.2, administrators faced the error message: "Error Unable to send message=SEAL, all sender types have been exhausted." This issue has been resolved and no longer occurs. [3095930]

  • Horizon DaaS console failed to display available vGPU profiles

    In the Service Center console, on the Quotas tab, the "Available vGPU Profiles" list was empty. This issue has been resolved and the console now displays the available vGPU profiles. [3085570]

  • Unavailability of tenant administration functions due to Internal Error

    Administrators could not perform tasks in the tenant console and encountered the error message: "Internal Error. Unexpected internal error occurred and system was unable to complete your request. Please try again later." This issue has been resolved and no longer occurs. [3079599]

  • Traditional clones booted to OOBE or entered a boot loop

    The virtual machines in a traditional cloned pool booted to Out Of Box Experience (OOBE) mode or got stuck in a boot loop. This issue has been resolved and no longer occurs. [3043629]

  • App Volumes 4.x not supported with Horizon DaaS

    In earlier releases, Horizon DaaS did not work properly with version 4.x of App Volumes. This issue has been resolved, and Horizon DaaS now supports App Volumes 4.x. [3064658]

  • New Spring API enables pool partitioning

    This release implements a new Spring API that makes it possible to create pool partitions. [3018499]

  • Memory usage values did not match between Service Center and vCenter Server

    There was a discrepancy between the memory usage values displayed in the Service Center portal and vCenter Server when virtual machines had multiple network interfaces. This issue has been resolved and no longer occurs. [3033772]

  • Traditional cloned desktops did not clone properly

    There was a problem with traditional cloned desktops where the desktops powered on with NICs in disconnected state. This issue has been resolved and no longer occurs. [2938977]

  • Environment unavailability due to /var partition reaching 100%

    The tenant environment became unavailable when the /var partition reached 100% on tenant appliances. This issue has been resolved and no longer occurs. [2815895]

  • Updated Spring framework

    The Spring framework has been upgraded to version 5.3.19. [2803741]

  • GIGC on all appliances

    The existing CMS GC has been replaced with G1GC on all appliances. [2803738]

Known Issues

  • TrueSSO configuration fails.

    After you pair a tenant with the TrueSSO Enrollment Server, the TrueSSO configuration fails. This issue arises from the updated OpenSSL libraries included with this release.

    VMware plans to fix this issue in an upcoming release.

    Workaround: None

  • Two-factor authentication with RSA fails after tenant upgrade to 9.2.0.

    If an existing tenant appliance uses RSA SecurID for two-factor authentication and then gets upgraded to Horizon DaaS 9.2.0, the connection to the RSA Authentication Manager fails.

    VMware plans to fix this issue in an upcoming release.

    Workaround: Move the two-factor authentication from the tenant appliance to the Unified Access Gateway instance that manages network traffic in front of the tenant.

  • Horizon Air Link logs must be downloaded separately.

    Horizon Version Manager provides options for collecting multiple appliance logs. However, the logs for the Horizon Air Link (HAL) appliance cannot be collected together with other appliance logs.

    Workaround: Collect the HAL appliance logs separately. On the Projects > Horizon-DaaS-Ops > Download-Logs page, specify the following settings only. Leave all other settings blank.

    • Enter the service provider information for Primary-SP-IP and SP-Appliance-Password.

    • Select the HAL check box.

    • Enter the Hal-Password.

check-circle-line exclamation-circle-line close-line
Scroll to top icon