While setting up the Horizon pods that you plan to integrate with Workspace ONE Access through virtual apps collections, make sure that you meet the requirements listed here.
- Deploy Horizon Connection Servers on the default port 443 or on a custom port.
- Verify that you have a DNS entry and an IP address that can be resolved during reverse lookup for each Horizon Connection Server in your setup. Workspace ONE Access requires reverse lookup for the Horizon Connection Servers, Horizon Security Server, and the load balancer. If reverse lookup is not properly configured, the Workspace ONE Access integration with Horizon fails.
- Ensure that the Horizon Connection Servers have valid certificates signed by a trusted Certificate Authority (CA). If you have not obtained CA-signed certificates and are using self-signed certificates temporarily for testing purposes, you must upload the root certificates to the Virtual App service trust store using the Workspace ONE Access connector installer, and then restart the Virtual App service. See Set up Your Workspace ONE Access Environment for Horizon Integration for more information.
- Deploy and configure Horizon desktop and application pools with entitlements set for Active Directory users and groups. Ensure that users have the correct entitlements.
- While configuring desktop pools, ensure that in Remote Settings, you set the Automatically log off after disconnect option to 1 or 2 minutes instead of immediately.
- You can create pools in any access group in the Horizon environment. Ensure that the admin user account that you use to sync Horizon assignments to Workspace ONE Access has admin permissions on the Horizon root access group so that pools and resources from all access groups can be synced to Workspace ONE Access.
- Extending the SAML metadata expiration period on the Horizon Connection Servers to 1 year is recommended. See Change the Expiration Period for Service Provider Metadata on View Connection Server for information.
- If you integrate Horizon 7.13 or later versions with Workspace ONE Access, end users always see the option in Intelligent Hub to launch applications and desktops in a browser. However, if HTML Access is not installed on the Horizon Connection servers, browser launch fails. For Horizon 7.13 and later versions, you must install HTML Access on the Horizon Connection servers. See the VMware Horizon HTML Access documentation for information.