To install Connection Server as a single server or as the first instance in a group of replicated Connection Server instances, you use the standard installation option.

When you select the standard installation option, the installation creates a new, local Horizon LDAP configuration. The installation loads the schema definitions, Directory Information Tree (DIT) definition, and ACLs and initializes the data.

After installation, you manage most Horizon LDAP configuration data by using Horizon Console. Connection Server automatically maintains some Horizon LDAP entries.

The Connection Server software cannot coexist on the same virtual or physical machine with any other VMware Horizon software component, including a replica server, Horizon Agent, or Horizon Client.

When you install Connection Server with a new configuration, you can participate in a customer experience improvement program. VMware collects anonymous data about your deployment in order to improve VMware's response to user requirements. No data that identifies your organization is collected. You can choose not to participate by deselecting this option during the installation. If you change your mind about participating after the installation, you can either join or withdraw from the program by editing the Product Licensing and Usage page in Horizon Console. To review the list of fields from which data is collected, including the fields that are made anonymous, see "Information Collected by the Customer Experience Improvement Program" in the Horizon Administration document.

By default, the HTML Access component is installed on the Connection Server host when you install Connection Server. This component configures the VMware Horizon user portal page to display an HTML Access icon in addition to the Horizon Client icon. The additional icon allows users to select HTML Access when they connect to their desktops.

For an overview of setting up Connection Server for HTML Access, see the VMware Horizon HTML Access Installation and Setup Guide document, located on the Horizon Client Documentation page.

Prerequisites

  • Verify that you can log in as a domain user with administrator privileges on the Windows Server computer on which you install Connection Server.
  • Verify that your installation satisfies the requirements described in Horizon Connection Server Requirements.
  • Prepare your environment for the installation. See Installation Prerequisites for Horizon Connection Server.
  • If you intend to authorize a domain user or group as the Administrators account, verify that you created the domain account in Active Directory.
  • Prepare a data recovery password. When you back up Connection Server, the Horizon LDAP configuration is exported as encrypted LDIF data. To restore the encrypted backup VMware Horizon configuration, you must provide the data recovery password. The password must contain between 1 and 128 characters. Follow your organization's best practices for generating secure passwords.
    Important: You will need the data recovery password to keep VMware Horizon operating and avoid downtime in a Business Continuity and Disaster Recovery (BCDR) scenario. You can provide a password reminder with the password when you install Connection Server.
  • Familiarize yourself with the network ports that must be opened on the Windows Firewall for Connection Server instances. See Firewall Rules for Horizon Connection Server.

Procedure

  1. Download the Connection Server installer file from the VMware download site at https://my.vmware.com/web/vmware/downloads.
    Under Desktop & End-User Computing, select the VMware Horizon download, which includes Connection Server.

    The installer filename is VMware-Horizon-Connection-Server-x86_64-y.y.y-xxxxxx.exe, where xxxxxx is the build number and y.y.y is the version number.

  2. To start the Connection Server installation program, double-click the installer file.
  3. Accept the VMware license terms.
  4. Accept or change the destination folder.
  5. Select the Horizon Standard Server installation option.
  6. Make sure that Install HTML Access is selected if you intend to allow users to connect to their desktops by using a Web browser.
    If IPv4 is selected, this setting is selected by default. If IPv6 is selected, this setting is not displayed because HTML Access is not supported in an IPv6 environment.
  7. Select the Internet Protocol (IP) version, IPv4 or IPv6.
    You must install all VMware Horizon components with the same IP version.
  8. Select whether to enable or disable FIPS mode.
    This option is available only if FIPS is enabled in Windows.
  9. Type a data recovery password and optional password reminder.
    This password is required when you recover a backup of Connection Server.
  10. Choose how to configure the Windows Firewall service.
    Option Action
    Configure Windows Firewall automatically Let the installer configure Windows Firewall to allow the required network connections.
    Do not configure Windows Firewall Configure the Windows firewall rules manually.

    Select this option only if your organization uses its own predefined rules for configuring Windows Firewall.

  11. Authorize a Horizon Administrators account.
    Only members of this account can log in to Horizon Console, exercise full administration rights, and install replicated Connection Server instances and other VMware Horizon servers.
    Option Description
    Authorize the local Administrators group Allows users in the local Administrators group to administer VMware Horizon.
    Authorize a specific domain user or domain group Allows the specified domain user or group to administer VMware Horizon.
  12. If you specified a domain Horizon Administrators account, and you are running the installer as a local administrator or another user without access to the domain account, provide credentials to log in to the domain with an authorized user name and password.
    Use domain name\user name or user principal name (UPN) format. UPN format can be [email protected].
  13. Choose whether to participate in the customer experience improvement program.
    If you participate, you can optionally select the type, size, and location of your organization.
  14. Select where you want to deploy Connection Server.
    Option Description
    General If you are deploying your connection servers on-premises or in any location other those listed below. This is the default selection.
    AWS If you are deploying your connection servers on AWS or on VMware Cloud on AWS
    Dell EMC If you are deploying your connection servers on VMC on Dell EMC
    Azure If you are deploying your connection servers on Azure or on Azure VMware Solution (AVS)
    Google If you are deploying your connection servers on Google or on Google Cloud VMware Engine (GCVE)
    Oracle Cloud If you are deploying your connection servers on Oracle Cloud or on Oracle VMware Cloud Solution (OCVS)
    Note: This option specifies where the Connection Server is deployed. In a later step, when you add vCenter, you can specify a separate location for deploying your virtual desktops.

    For example, if you want to deploy Connection Servers on native Microsoft Azure and your desktops in a VMware SDDC on the Azure VMware Solution, you would select Azure in the current step. And then when you add a vCenter, you would specify "Azure VMware Solution" as the deployment type.

  15. Click Install to complete the wizard and install Connection Server.
  16. Check for new patches on the Windows Server computer and run Windows Update as needed.
    Even if you fully patched the Windows Server computer before you installed Connection Server, the installation might have enabled operating system features for the first time. Additional patches might now be required.

Results

The following VMware Horizon services are installed on the Windows server computer:

  • VMware Horizon Connection Server
  • VMware Horizon Framework Component
  • VMware Horizon Message Bus Component
  • VMware Horizon Script Host
  • VMware Horizon Security Gateway Component
  • VMware Horizon PCoIP Secure Gateway
  • VMware Horizon Blast Secure Gateway
  • VMware Horizon Web Component
  • VMware VDMDS, which provides Horizon LDAP services

For information about these services, see the Horizon Administration document.

If the Install HTML Access setting was selected during the installation, the HTML Access component is installed on the Windows Server computer. This component configures the HTML Access icon in the VMware Horizon user portal page and enables the VMware Horizon Connection Server (Blast-In) rule in the Windows Firewall. This firewall rule allows Web browsers on client devices to connect to the Connection Server on TCP port 8443.

What to do next

Configure SSL server certificates for Connection Server. See Configuring TLS Certificates for VMware Horizon Servers.

Perform initial configuration on Connection Server. See Configuring VMware Horizon for the First Time.

If you plan to include replicated Connection Server instances in your deployment, you must install each server instance by running the Connection Server installer file.

If you are reinstalling Connection Server and you have a data collector set configured to monitor performance data, stop the data collector set and start it again.