- Identify default View Composer port settings
- Identify domain accounts used for QuickPrep
- Identify the vCenter Server system
- Identify necessary account domain permissions and domain trust relationships
- Enable View Composer from View Administrator and add domain account(s)
We installed View Composer in Objective 1.1, now it’s time to configure this badboy!
Identify Default View Composer Port Settings
This is quite an easy one, the default port to allow View Composer to speak to vCenter is 18443.
Identify Domain Accounts Used For QuickPrep
So what is quick prep, well it’s VMware’s version of sysprep but on steroids You may have noticed that when you perform a sysprep it does take quite a while as the VM goes through various stages of configuration and performs a full clone of the template VM. QuickPrep doesn’t go into the same level of detail, instead it:
- Creates a new Computer Account in Active Directory in the relevant OU
- Gives each Virtual Desktop a unique name
- Joins the Virtual Desktop to the domain
Interestingly, according to VMware KB 2003797 Quick Prep doesn’t create a new SID.
Let’s create a Service Account with the relevant rights to use Quick Prep. In Active Directory create a new user, I’m going to call mine service.viewcomposer
Next we need to give this Service Account rights to Create and Delete Computer Objects in Active Directory. Depending on how Organisational Unit structure you might do this on specific OU’s or on the whole domain. I’m going to do it on the whole domain as it’s easier for lab purposes.
TOP TIP: Ensure View > Advanced Features is ticked
Right Click your Domain in Active Directory Users & Computers and Click Properties
Select the Security Tab and click Advanced (I don’t know why but hitting Advanced gives me a sense of power!)
Enter in your Service Account name, Check the name and then Hit OK
Ensure that ‘Apply to’ is ‘This object and all descendant objects ‘ and Permissions are ‘Create Computer Objects’ and ‘Delete Computer Objects’. Once you have done this Click On Properties
We are going to apply the permissions to ‘Write all properties’ Hit OK. You will notice that various other permissions are auto populated.
Identify The vCenter Server System
Login to your View Connection Server and go to View Configuration > Servers > vCenter Servers which will tell you your vCenter Server. Mine is VMF-ADMIN01
Identify Necessary Account Domain Permissions & Domain Trust Relationships
View Composer requires specific permissions within Active Directory which are:
- List Contents
- Read All Properties
- Write All Properties
- Read Permissions
- Create Computer Objects
- Delete Computer Objects
Using the methodology above, we need to create an Service Account with these permissions. As I don’t want to repeat myself, I bit like Blue Peter, here is one I made earlier which is called service.view
Enable View Composer From View Administrator & Add Domain Account(s)
Awesome, now it’s time to enable View Composer.
Login to your View Connection Server and go to View Configuration > Servers > Select your vCenter Servers > Edit
Click Enable View Composer (I have already done this) so I can only Click on Edit
We are going to use View Composer co-installed with vCenter Server on Port 18443
Lastly, we are going to add in our Active Directory Domain by Click Add
Enter in your Domain Name as an FQDN and type your View Composer Service Account credentials in. Then Hit OK.
2 thoughts on “VMware View – Objective 2.1 Configure View Composer”
WELL MADE LAB
Why you don’t add an objective for adding certificate to vCenter and Connection Server from a Microsoft Windows based Certificate Authority (CA).
This is very helpful and needed in real environment.
Good spot, for some reason my How To: Replace Horizon View Connection & Security Server Certificates wasn’t listed under the Horizon View Misc https://vmfocus.com/view/
It is now 🙂