You can add multiple View pods to VMware Identity Manager. After you add the pods, configure client access URLs for the different pods.
About this task
You add View pods in the View Pools page of the VMware Identity Manager administration console. You can return to the page at any time to modify the View configuration, or to add or remove View pods.
For each View pod, you need the credentials of a user who has the Administrators role.
- Log in to the VMware Identity Manager administration console.
- Click the Catalog tab.
- Click Manage Resource Types and select View Application.
- Check the Enable View Pools check box.
- Click Add View Pod for each View pod you want to add.
- Provide the configuration information specific to each View pod.
Enter the fully qualified hostname of the Horizon Connection Server instance, such as connectionserver.example.com. The domain name must exactly match the domain name to which you joined the Horizon Connection Server instance.
Enter the administrator username for this View pod. The user must have the Administrators role in View.
Enter the administrator password for this View pod.
Using Smart Card Authentication with Third-Party Identity Provider
If users use smart card authentication to sign in to this View pod instead of passwords, select the check box.
True SSO Enabled on Horizon View
This option only applies to Horizon versions that support the True SSO feature.
When True SSO is configured in View, users do not require a password to log into their Windows desktops. However, if users are logged into VMware Identity Manager using a non-password authentication method such as SecurID, when they launch their Windows desktops, they are prompted for a password. You can select this option to prevent a password dialog box from being shown to users in that scenario.
Sync Local Entitlements
If local entitlements are configured for the pod, select this option.
- From the Deployment Type drop-down list, select how View resources are made available to users in the user portal.
User-Activated View resources are added to the Catalog page in Workspace ONE. To use a resource, users must move the resource from the Catalog page to the Launcher page.
Automatic View resources are added directly to the Launcher page in Workspace ONE for users' immediate use.
The deployment type that you select here is a global setting that applies to all user entitlements for all the resources in your View integration. You can modify the deployment type for individual users or groups per resource, from the resource's Entitlements page.
Setting the global deployment type to User-Activated is recommended. You can then modify the setting for specific users or groups per resource.
For more information about setting the deployment type, Setting the Deployment Type for View Entitlements.
- Select the Do not sync duplicate applications check box to prevent duplicate applications from being synced from multiple servers.
When VMware Identity Manager is deployed in multiple data centers, the same resources are set up in the multiple data centers. Selecting this option prevents duplication of the desktop or application pools in your VMware Identity Manager catalog.
- Select the Configuring 5.x Connection Server check box if any of the View Connection Server instances that you have configured on this page is version 5.x.
Selecting this option enables an alternative way of syncing resources that is required for View 5.x.Note:
If you select the Perform Directory Sync option, the Configuring 5.x Connection Server option is also automatically selected as both options rely on the alternative way of syncing resources.
- Select the Perform Directory Sync check box if you want directory sync to be performed as part of View sync when any users and groups that are entitled to View pools in the View Connection Server instances are missing in the VMware Identity Manager directory.
The Perform Directory Sync option does not apply to Cloud Pod Architecture pod federations. If users and groups with global entitlements are missing in the VMware Identity Manager directory, directory sync is not triggered.
Users and groups synced through this process can be managed like any other users added by VMware Identity Manager directory sync.Important:
View sync takes longer when you use the Perform Directory Sync option.Note:
When this option is selected, the Configuring 5.x Connection Server option is also selected automatically as both options rely on an alternative way of syncing resources.
- From the Choose View Pool Sync Frequency drop-down list, select how often you want to sync from the View Connection Server.
You can set up a regular sync schedule or choose to sync manually. If you choose Manually, you must return to this page and click Sync Now whenever there is a change in your View resources or entitlements.
- From the Select Default Launch Client drop-down list, select the default client in which to launch View applications or desktops.
No default preference is set at the administrator level. If this option is set to None and an end user preference is not set either, the View Default display protocol setting is used to determine how to launch the desktop or application.
View desktops and applications are launched in a web browser by default. End user preferences, if set, override this setting.
View desktops and applications are launched in the Horizon Client by default. End user preferences, if set, override this setting.
This setting applies to all users and all resources in your View integration.
The following order of precedence, listed from highest to lowest, applies to the default launch client settings:
End user preference setting, set in the Workspace ONE portal. This option is not available in the Workspace ONE app.
Administrator Select Default Launch Client setting, set in the View Pools page in the VMware Identity Manager administration console.
Horizon View Horizon Administrator. For example, when the display protocol is set to PCoIP, the application or desktop is launched in the Horizon Client.setting for the desktop or application pool, set in
- Click Save.
- Click Sync Now.
Each time you change settings in View, such as add an entitlement or add a user, a sync is required to propagate the changes to VMware Identity Manager.
- Configure the Client Access URLs for the View pods.
- Click the Identity & Access Management tab, then click Setup.
- Click Network Ranges.
- Select a network range.
- In the Edit Network Range page, in the View Pod section, enter the View Pod client access URL host name and port number for that network range.
- In the IP Ranges section, specify the IP ranges to which you want to apply the settings.
- Click Save.