VMware View – Objective 2.1 Configure View Composer

Knowledge

• Identify default View Composer port settings
• Identify domain accounts used for QuickPrep
• Identify the vCenter Server system
• Identify necessary account domain permissions and domain trust relationships
• Enable View Composer from View Administrator and add domain account(s)

We installed View Composer in Objective 1.1, now it’s time to configure this badboy!

Identify Default View Composer Port Settings

This is quite an easy one, the default port to allow View Composer to speak to vCenter is 18443.

Identify Domain Accounts Used For QuickPrep

So what is quick prep, well it’s VMware’s version of sysprep but on steroids  You may have noticed that when you perform a sysprep it does take quite a while as the VM goes through various stages of configuration and performs a full clone of the template VM.  QuickPrep doesn’t go into the same level of detail, instead it:

• Creates a new Computer Account in Active Directory in the relevant OU
• Gives each Virtual Desktop a unique name
• Joins the Virtual Desktop to the domain

Interestingly, according to VMware KB 2003797 Quick Prep doesn’t create a new SID.

Let’s create a Service Account with the relevant rights to use Quick Prep.  In Active Directory create a new user, I’m going to call mine service.viewcomposer

Next we need to give this Service Account rights to Create and Delete Computer Objects in Active Directory.  Depending on how Organisational Unit structure you might do this on specific OU’s or on the whole domain.  I’m going to do it on the whole domain as it’s easier for lab purposes.

TOP TIP: Ensure View > Advanced Features is ticked

Right Click your Domain in Active Directory Users & Computers and Click Properties

Select the Security Tab and click Advanced (I don’t know why but hitting Advanced gives me a sense of power!)

Hit Add

Enter in your Service Account name, Check the name and then Hit OK

Ensure that ‘Apply to’ is ‘This object and all descendant objects ‘ and Permissions are ‘Create Computer Objects’ and ‘Delete Computer Objects’.  Once you have done this Click On Properties

We are going to apply the permissions to ‘Write all properties’ Hit OK.  You will notice that various other permissions are auto populated.

Identify The vCenter Server System

Login to your View Connection Server and go to View Configuration > Servers > vCenter Servers which will tell you your vCenter Server.  Mine is VMF-ADMIN01

Identify Necessary Account Domain Permissions & Domain Trust Relationships

View Composer requires specific permissions within Active Directory which are:

• List Contents
• Read All Properties
• Write All Properties
• Read Permissions
• Create Computer Objects
• Delete Computer Objects

Using the methodology above, we need to create an Service Account with these permissions.  As I don’t want to repeat myself, I bit like Blue Peter, here is one I made earlier which is called service.view

Enable View Composer From View Administrator & Add Domain Account(s)

Awesome, now it’s time to enable View Composer.

Login to your View Connection Server and go to View Configuration > Servers > Select your vCenter Servers > Edit

Click Enable View Composer (I have already done this) so I can only Click on Edit

We are going to use View Composer co-installed with vCenter Server on Port 18443

Lastly, we are going to add in our Active Directory Domain by Click Add

Enter in your Domain Name as an FQDN and type your View Composer Service Account credentials in.  Then Hit OK.