End User Computing

6. Deploying & Configuring an Instant Clone Desktop Pool

You must complete Lab 2 before starting this lab.

For a detailed step by step best practice approach to building a master image follow the guidance on Tech Zone authored by Hilko Latinga and Graeme Gordon

https://techzone.omnissa.com/resource/manually-creating-optimized-windows-images-horizon-vms

In this lab the base image has already been prepared with VMware tools installed. We will follow through on deploying All Agents required for Horizon and the OS Optimization tool. You might notice that the Master Image you are working with is already in Audit Mode. For a step by step breakdown on how this is done, review the above mentioned article on TechZone

Part 1. Deploying Dynamic Environment Manager Licensing

From Dynamic Environment Manager 2203, the MMC has to be licensed and we do not have to deploy the FlexEngine with an associated license when using NoAD mode.
For Horizon Virtual Environments the if the Horizon Agent is installed , the FlexEngine will see the environment as licensed. In non Horizon Environments where we want to use Dynamic Environment Manager, the Dynamic Environment Manager requires a license

On your ControlCenter server
- from the Taskbar
  - launch the Dynamic Environment Manager MMC shortcut

In the Omnissa Dynamic Environment Manager - Management Console
- in the top-left corner
  - select the round RED ICON
- from the dropdown
  - select License

In the License window
- bottom left corner
  - select Manage...

In the Manage License window
- next to License file
  - select Replace

In File Explorer window
- Quick Access Bar
  - select Desktop
    - in the right pane
      - select Software
      - in the Software folder
        
        select DEM
        
        in the DEM folder
        
        select Omnissa-DEM-10.14.0-GA.lic
    - in the bottom right-corner
    - select Open

In the License window
- select OK

Part 2. Deploying an Instant Clone Master Image

On your Controlcenter server
- Site 1 - Bangalore browser
  - from the Favourites bar
    - select the vcenter-01a shortcut

In the vSphere client
- in the username area
  - enter [email protected]
- in the password area
  - enter Pa$$w0rd
- enter LOGIN

In the vSphere client
- Host & Clusters inventory
  - expand the Bangalore datacenter
  - Select the W11BaseMaster and do a gracefull Shutdown if it's ON
    - select and right-click W11BaseMaster
      - in the dropdown
        
        select Clone > Clone to Virtual Machine

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- 1. Select a name and folder section
  - next to Virtual machine name:
    - enter

 W11INSTMaster

in the bottom right corner
- select NEXT

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- 2. Select a compute resource section
  - expand Region01A
    - expand Bangalore
      - select esxi-01a.techseals.co
- in the bottom right corner
  - select NEXT

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- In the W11BaseMaster - Clone Existing Virtual Machine wizard
  - 3. Select TPM provision policy section
    - accept the Defaults
  - in the bottom right corner
    - select NEXT

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- 4. Select storage section
  1. next to CorpLun-O1b
    - select the Radio button
  2. next to Select virtual disk format
    - from the dropdown
      - select Thin Provision
- in the bottom right corner
  - select NEXT

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- 5. Select clone options section
  - next to Power on virtual machine after creation
    - select the radio button
- in the bottom right corner
  - select NEXT

In the W11BaseMaster - Clone Existing Virtual Machine wizard
- 6. Ready to complete section
  - Review the selected options
- in the bottom right corner
  - select FINISH

Part 3. Setting and configuring the Master Image

Multiple steps are required to configure the Master Image

Our Master Image already has the VMware tools installed
Recommended Base Virtual Hardware configuration has already been completed
The Base Master Image has also been deployed in Audit Mode offering the greatest flexibility in terms of Configuration
We will run the following tasks:
1. Resolve Windows 11 Sysprep Issues
2. Deploy the Horizon Agent
3. Deploy the Dynamic Environment Manager FlexEngine
4. Run the OS Optimization tools
5. Deploy the App Volumes Agent

If you have an opportunity, follow this guide on TechZone and create your own version of the Master Image.

https://techzone.omnissa.com/resource/manually-creating-optimized-windows-images-horizon-vms

Task 1. Resolving SysPrep issues with Windows 11

Please read this Omnissa Knowledge Base related to Agent installation requirements https://kb.omnissa.com/s/article/2118048

In the vSphere Admin Console
- under Hosts & Clusters inventory
  - select W11INSTMaster

In the vSphere Admin Console
- to the right, note you are view the W11INSTMaster details
  - select the Summary tab
- in the Summary area
  - select LAUNCH WEB CONSOLE

From Microsoft Windows 22H2 onwards for both Windows 10 and 11 we have come across an issue with Sysprep. After lots of research we have found the following fix. Just something to note, there are several things in Windows 11 that causes Sysprep to fail. This is one of them. If we were to run Sysprep and we were to look at the error log in the Panther folder you would notice that Bitlocker in this case is the issue. We will process with disabling Bitlocker as part of the image preparation process.

Appx applications also cause Sysprep to fail and as part of the image preparation phase, we will execute a PowerShell command issued from our Global Support Services to mitigate an issue with freshly deployed Windows 11 base image when wanting to run Sysprep.

On the W11INSTMaster desktop
- on the System Preparation Tool 3.14
  - select Cancel

Your base image is in Audit Mode and as a result the System Preparation Tool automatically launches. We trigger Audit mode whilst installing the base image

On the W11INSTMaster desktop
- on the Taskbar
  - in the SEARCH area
    - enter Power
  - from the pop-up
    - select Windows PowerShell
  - in the Windows PowerShell area
    - select Run as administrator

In the Windows PowerShell window
- enter

Disable-BitLocker -MountPoint "C"

note that the Protection Status is now Off

please note, in testing this we had varying results. the decrypt process can anywhere up to minutes

On the W11INSTMaster desktop
- select the Control Panel shortcut
- in the Windows PowerShell area
  - select Open

In Control Panel
- select System and Security

In Control Panel
- under System and Security
  - select Bitlocker Drive Encryption

In Control Panel
- under Bitlocker Drive Encryption
- validate that BitLocker is off
- If its still decrypting wait for it to complete before moving onto the next step

In the Windows PowerShell console
- enter

Set-ExecutionPolicy Unrestricted

with your keyboard select ENTER
- If you get prompted , enter A

In the Windows PowerShell console
- enter

Get-AppxPackage -AllUsers | Where PublisherId -eq 8wekyb3d8bbwe | Remove-AppxPackage

with your keyboard select ENTER

What you will notice is the Windows PowerShell will execute and there will be a lot of errors occurring
The Windows PowerShell will then Bomb out
Relaunch the Windows PowerShell ,
- set the ExecutionPolicy to Unrestricted
- relaunch the above command
- you will notice on round 2, the Windows PowerShell does not quit

The purpose of fulfilling this task to remediate an APPX applications issue where some Apps are associated with individual users. This is a SysPrep issue and has to be resolved or SysPrep to work

In the Windows PowerShell window
- enter the next PowerShell string

Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

If we only executed the command in step 11. When a reboot occurs there is no Taskbar. We then run the command in step 12 to fix the Taskbar issue.
To continue with Task 2 remain on W11INSTMaster

Task 2. Installing the Horizon Agent

Note that your W11MasterDesktop should still be in Audit Mode

On the W11INSTMaster desktop
- select the Software Shortcut

In the File Explorer window
- browse to Horizon > 2412
  - select and right-click the Omnissa-Horizon-Agent-x86_64-2412-8.14.0-xxx
  - from the dropdown
    - select Open

In the Open File - Security Warning window
- select Run

In the Omnissa Horizon Agent deploy wizard
- Welcome Wizard
  - select Next

In the Omnissa Horizon Agent deploy wizard
- Network protocol configuration
  - select Next

In the Omnissa Horizon Agent deploy wizard
- Custom Setup configuration
  - next to USB Redirection
    - from the dropdown
      - select This feature, and all subfeatures, will be installed on local hard drive

In the Omnissa Horizon Agent deploy wizard
- Custom Setup configuration
  - next to Horizon Performance Tracker
    - from the dropdown
      - select This feature, and all subfeatures, will be installed on local hard drive
  - select Next

Note that Instant Clone functionality is enabled by default

In the Omnissa Horizon Agent window
- select OK

In the Omnissa Horizon Agent deploy wizard
- Remote Desktop Protocol Configuration
  - select Next

In the Omnissa Horizon Agent deploy wizard
- Ready to Install the program
  - next to Automatically restart system on successful completion
    - select the checkbox
      - select Install

Once the Horizon Agent has completed installation an Automatic reboot should occur.
To complete Task 3, remain on your W11INSTMaster

Task 3. Deploying the Dynamic Environment Manager FlexEngine in NOAD Mode.

In the W11INSTMaster window
- from the taskbar
  - open the Folder icon

In the W11INSTMaster window
- from the QuickAccess bar
  - select This PC > Local Disk (C:)
  - in the Local Disk (C:) area
  - select and right-click
    - from the dropdown
      - select New > Folder
    - In the folder name
      - enter DEM
  - select and right DEM
    - from the dropdown
      - select Open

On the W11INSTMaster desktop
- select the software shortcut

On the W11INSTMaster desktop
- In the Software folder
  - open the following path
    - open DEM > 2412 > Omnissa -DEM-Enterprise-2412-10.14
      - select and right-click Omnissa Dynamic Environment Manager Enterprise 2412 10.14 x64
      - from the dropdown
        
        select Copy

On the W11INSTMaster desktop
- switch to your C:\DEM folder
  - In the DEM folder
    - select and right-click
  - from the dropdown
    - select Paste

On the W11INSTMaster desktop
- switch back to your Software > DEM folder
- In the DEM folder
  - select and right-click NOADCMD
  - from dropdown
    - select Open

In the Notepad window
- using your keyboard,
  - select CTRL+A
  - select CTRL+C

On the W11INSTMaster desktop
- select and right-click the Command Prompt shortcut
  - from the dropdown
    - select Run as Administrator

In the Administrator: Command Prompt window
- enter

 cd c:\dem

with your keyboard
- Press Enter

In the Administrator: Command Prompt window
- Paste the copied data
  - with your keyboard
    - press CTRL+V
    - In the Warning window
      - select Paste anyway
  - with your keyboard
    - press ENTER

In the File Explorer window
- In the Quick Access bar
  - select This PC
  - under Devices and Drives
    - select and open Local Disk (C:)

In the File Explorer window
- Local Disk (C:)
  - open the Dem folder
- select and right-click InstallDEM
  - select Open

In the Notepad window
- scroll down to the bottom of the window
  - note that the Dynamic Environment Manager has installed successfully

To prepare for the next task, on the W11INSTMaster close the Notepad, File Explorer and Command Prompt windows

Task 4. Optimizing the Windows 11 base for Desktop Virtualization

On the W11INSTMaster desktop
- launch the software shortcut

In the Software folder
- open the Horizon > OSOptimization Tools folder
- in the OSOptimisation folder
  - select and right-click OmnissaHorizonOSOptimizationTool-x86_64-xxxx
    - from the dropDown
      - select Open

In the Open File - Security Warning window
- select Run

In the Windows OS Optimization Tool for Omnissa Horizon
- next to I accept the terms of the agreement
  - select the checkbox
    - select Next

On your W11INSTMaster virtual machine
- in the Windows OS Optimization Tool for Omnissa Horizon
  - select Analyze

In the Windows OS Optimization Tool for Omnissa Horizon
- select Common Options

In the Common Options window
- side Menu bar
  - select Visual Effect
  - In the Visual Effect area
    - next to Best performance
      - select the radio button

In the Common Options window
- side menu bar
  - select Update
    - we will leave all options as default

In the Common Options window
- side menu bar
  - select Background
- In the Background settings area
  - we leave the default checkboxes enabled
  - in the color pane
    - select a preferred color.

In the Common Options window
- in the side menu bar
  - select Security
  - below Choose Security Options
    - next to Disable Firewall
      - select the checkbox
    - next to Disable Antivirus
      - select the checkbox
    - next to Disable Security Center
      - select the checkbox
- to close the Common Options window
  - select OK

In the Windows OS Optimization Tool for Omnissa Horizon
- in the bottom right corner
  - select Optimize

Note, the current version throws an error which opens in the background.
On the Error window, select OK

With Automated Pool Deployments we either SysPrep or ClonePrep during the deployment. We will therefore Skip Generalize and move onto Finalize

In the Windows OS Optimization Tool for Omnissa Horizon
- Menu Bar
  - select Finalize

The Finalize process will take around 30 minutes to complete

One might consider starting chapter 7 or have a break and then coming back to complete the lab.

In the Windows OS Optimization Tool
- Overview area
- note the defaults
  - we will not change any configurations
- In the bottom right corner
  - select Finalize

In the Information window
- note the forthcoming steps
  - to close
    - select OK
- close the Windows OS Optimization Tool

We still have to Deploy the App Volumes Agent, then we can shutdown and take a virtual machine Snapshot before we move on to Desktop Pool creation

First we need to

Task 5. Deploying the App Volumes Agent

On the W11INSTMaster desktop
- select and right-click the Command Prompt
  - In the Command Prompt
    - enter Ipconfig /renew
  - close the Command Prompt window

In the Software folder
- On the W11INSTMaster desktop
  - select and open the software shortcut to
    - browse to App Volumes > 2412 > Installation

In the Installation folder
- select and right-click the Setup
  - select Open

On the Open File - Security Warning window
- select Run

In the App Volumes Installer Setup deploy wizard
- "Welcome Wizard"
  - select Next

In the App Volumes Installer Setup deploy wizard
- App Volumes Install Screen
  - note that Install App Volumes Agent is the default
  - select Install

In the App Volumes Agent Setup deploy wizard
- "Welcome Wizard"
  - select Next

In the App Volumes Agent deploy wizard
- below App Volumes Manager Address:
  - enter appvol-01a.techseals.co
    - select Next

Note, we are not going to select the check box next to Disable certificate validation for App Volumes Manager. For production environments this is considered best practice. We will demonstrate in a later lab for App Volumes how to update App Volumes manager with CA signed Certificates.

In the App Volumes Agent deploy wizard
- next to Non-persistent or multi-session machines
  - ensure the radio button is selected (default)
- select Next

From App Volumes 2406 virtual machines that are not deleted or refreshed at log off are now supported

In the App Volumes Agent deploy wizard
- Ready to Install App Volumes Agent
  - select Install

In the App Volumes Agent Setup wizard
- select Finish

In the App Volumes Agent Setup window
- select Yes

On the W11INSTMaster desktop
- select and right-click the Command Prompt
  - In the Command Prompt
    - enter Ipconfig /flushdns
    - enter Ipconfig /release
    - enter shutdown /s /t 0

Task 6. Configuring the Windows 11 Master Image for vTPM integration

For a full in depth consideration regarding vTPM read the following Omnissa KB

https://kb.omnissa.com/s/article/85960

On your Site 1 vCenter Admin console
- in the Host & Clusters Inventory
  - select and right-click W11INSTMaster
    - in the drop menu
      - select Edit Settings.....

In the Edit Settings window
- in the Virtual Hardware tab
  - expand Security Devices
- to the right and In line with Virtual TPM
  - select the 3 dot icon
    - select Remove device
- In the Warning: data loss window
  - select DELETE
- to close the Edit Settings window
  - select OK

In the vSphere client
- In the Host & Clusters inventory
  - select and right-click W11INSTMaster
- from the pop-out menu
  - select Snapshots > Take Snapshot

In the Take Snapshot window
- next to Name
  - enter Production ready version 1.0
- select CREATE

Task 7: Creating a vSphere Customization specification file

In the vSphere client
- top-left corner
  - select the Hamburger Icon
- from the drop-down
  - select Policies and Profiles

In the vSphere client
- Policies and Profiles area
  - select VM Customization Specifications

In VM Customization Specifications area
- select NEW...

In the New VM Customization Specification wizard
- 1 Name and target OS area
  - next to Name
    - enter Full Clone - Developers
- select NEXT

In the New VM Customization Specification wizard
- 2 Registration information area
  - next to Owner name
    - enter Student
  - next to Owner organization
    - enter Omnissa
- select NEXT

In the New VM Customization Specification wizard
- 3 Computer name area
  - leave everything DEFAULT
- select NEXT

In the New VM Customization Specification wizard
- 4 Windows license area
  - next to Include server license information
    - uncheck the checkbox
- select NEXT

In the New VM Customization Specification wizard
- 5 Administrator password area
  - next to Password
    - enter Pa$$w0rd
  - next to Confirm password
    - enter Pa$$w0rd
- select NEXT

In the New VM Customization Specification wizard
- 6 Time zone area
  - select (UTC) Coordinated Universal Time
- select NEXT

In the New VM Customization Specification wizard
- 7 Commands to run once area
  - at this time there is nothing to enter
- select NEXT

Note for UEM enrollments of FULL Clone Horizon Desktops into Workspace ONE UEM we use this interface

In the New VM Customization Specification wizard
- 8 Network area
  - accept the DEFAULTS
- select NEXT

In the New VM Customization Specification wizard
- 9 Workgroup or domain area
  - next to Windows Server domain
    - select the radio button
    - enter techseals.co
  - next to Username
    - enter administrator
  - next to Password
    - enter Pa$$w0rd
  - next to Confirm password
    - enter Pa$$w0rd
  - next to OU path
    - enter OU=Corp,OU=Computers,DC=techseals,DC=co
- select NEXT

In the New VM Customization Specification wizard
- 10 Ready to complete
  - review the summary of settings
- select FINISH

Part 4. Configuring and Deploying a Windows based Instant Clone Pool

On your Controlcenter server
- Site 1 - Bangalore browser
  - from the Favourites bar
    - select the Horizon Site 1 shortcut
  - In the Horizon Login window
    - Username area
      - enter Administrator
    - Password area
      - enter Pa$$w0rd
    - select Sign in

In the Horizon Admin console
- in the menu pane
- below Settings
  - select Domains

In the Horizon Admin console
- Domains area > Domain Accounts tab
  - select ADD

In the Add Domain Admin window
- next to * Username
  - enter Instant
- next to * Password
  - enter Pa$$w0rd
- select OK

In the Horizon Admin Console
- In the left pane
  - under Inventory,
    - select Desktops

In the Desktop Pools area
- select ADD

In the Add Pool wizard
- step 1. Type
  - leave all default
    - select NEXT

In the Add Pool wizard
- step 2. vCenter Server
  - leave all default
    - select NEXT

In the Add Pool wizard
- step 3. User Assignment
  - next to Floating
    - select the radio button
  - select NEXT

In the Add Pool wizard
- step 4. Storage Optimization
  - next to Use Separate Datastores for Replica and OS Disks
    - select the checkbox
  - in the bottom right-corner
    - select NEXT

In the Add Pool wizard
- step 5 Desktop Pool Identification,
  - update the following areas:-
    - under ID
      - enter W11-BLR-INST
    - under Display Name
      - enter W11INST
    - select Next

In the Add Pool - W11-BLR-INST wizard
- Provisioning Settings
  - under Use a Naming Pattern
    - enter W11INST-
  - under Desktop Pool sizing > Maximum Machines
    - enter 2
- at the bottom fo the window
  - below Virtual Device
    - next to Add vTPM Device to VMs
      - select the checkbox
    - In the Warning window
      - select OK
- select NEXT

In the Add Pool - W11-BLR-INST wizard
- step 7 vCenter Settings
  - configure the following:-
    - in line with Golden Image in vCenter:

BROWSE to W11INSTMaster and SUBMIT
- under Snapshot
BROWSE to Production ready version 1.0 and SUBMIT
- under Virtual Machine Location
BROWSE to RegionA01 and SUBMIT

In the Add Pool - W11-BLR-INST wizard
- step 7 vCenter Settings
  - continue configuring the following:-
    - under Resource Settings > Cluster
      - BROWSE to Bangalore and SUBMIT
        
        under Resource Settings > Resource Pool
      - BROWSE to Bangalore and SUBMIT
        
        under Resource Settings > Instant Clone Datastores
      - BROWSE to CorpLUN-01a and SUBMIT
        
        In the Warning window
        
        select OK
        
        under Resource Settings > Replica Disk Datastore
    - BROWSE to CorpLUN-01b and SUBMIT
      - In the Warning window
        
        select OK
- select NEXT

In the Add Pool - W11-BLR-INST wizard
- step 8 Desktop Pool Settings
  - under Log off After Disconnect:
    - from the dropdown
      - select Immediately
  - under Allow Users to Restart Machines
    - from the dropdown
      - select Yes
- select NEXT

In the Add Pool - W11-BLR-INST wizard
- step 9 Remote Display Settings
  - accept the defaults
- select NEXT

In the Add Pool - W11-BLR-INST wizard
- step 10 Guest Customization
  - below Domain
    - validate that techseals.co(Instant) is selected
  - below AD Container
    - select BROWSE
      - expand OU=Corp,
        
        select OU=Computers,OU=Corp
      - select Submit
    - next to Allow Reuse of Existing Computer Accounts
      - select the checkbox
    - next to Use a customization specification (SysPrep)
      - select the radio button
    - below Name, next to Developers
      - select the radio button
  - select NEXT

In the Add Pool - W11-BLR-INSTwizard
- step 11 Ready to Complete
  - next to Entitle Users After Adding Pool
    - select the checkbox
  - select SUBMIT

In the Add Entitlements window
- select ADD

In the Find User or Group window
- next to Domain,
  - from the dropdown,
    - select techseals.co
- next to Name/User Name,
  - to the right of Starts with,
    - enter developers
- select Find
  - under Find
    - next to Developers
      - select the CheckBox
- to close Find User or Group
  - select OK
- to close Add Entitlements
  - select OK

In the Info window
- select OK

In the Desktop Pools area
- Refresh the Admin Console
  - select the Refresh button
- select W11-BLR-INST

under the Summary tab,
- scroll down to Secondary Image
  - view the progress of the pool being Provisioned
- To the right notice the State is Publishing
  - When complete this will report as Published
- you will need to have to wait until the Pool is Published

NOTE: The page does not dynamically update. You will have to refresh periodically.

In the Horizon Admin Console
- under Inventory
  - select Machines

In Machines area
- to view the Machine Status ,
  - use the scroll bar at the bottom of the window
    - scroll right.
- wait until the Status shows Available for your Machines

Omnissa Product Specialist and Technical Enablement

End User Computing

6. Deploying & Configuring an Instant Clone Desktop Pool

0 Comments

Add your comment

Topics

Last Updated