Step By Step, Install VMware Horizon 8 – Part 5

Mohammad Hossein Khoshraftar Yari

Hi, today I want to config this topic:

1- Create the Domain Admin User

2- Create OUs for Instant-Clone Desktops and RDSH Servers and Delegate Control

3- Add an instance – Clone Domain Administrator

4- Add Domain Bind

Create the Domain Admin User

Note: This step is optional.

1- On the Active Directory Domain Controller machine, log in as an administrator, and go to the Start button > Administrative Tools > Active Directory Users and Computers.

2- Add a user: Expand the domain, right-click Users, select New, and select User.

3- Complete the New Object – User dialog box that appears.

Note: my username that was created is Horizon-domain-user. You can choose your username.

Create OUs for Instant-Clone Desktops and RDSH Servers and Delegate Control

1- On the Active Directory Domain Controller machine, log in as an administrator, and go to the Start button > Administrative Tools > Active Directory Users and Computers.

2- Right-click the domain name, select New, and select Organizational Unit.

3- In the New Object – Organizational Unit dialog box, enter a name, such as Instant Clones, and click OK.
This OU is the Active Directory container in which the instant-clone computer accounts will be created. After you complete the text box, you can find the OU under the domain.

4- Right-click this OU you just created (which is the container) and selected Delegate Control.
The Delegation of Control wizard appears.

5- Click Next on the Welcome page and Add on the Users or Groups page.

6- Enter the name of the domain user you just created; click Check Names, to verify that the name can be found in Active Directory, and click OK.

7- When you are returned to the Users or Groups page, click Next.

8- On the Tasks to Delegate page, select Create a custom task to delegate, and click Next.

9- On the Active Directory Object Type page, select the following checkboxes before clicking Next:

  • – Computer objects
  • – Create selected objects in this folder
  • – Delete selected objects in this folder

10- On the Permissions page, select the following checkboxes in the Permissions section before clicking Next:

  • – Create All Child Objects
  • – Delete All Child Objects
  • – Read All Properties
  • – Write All Properties
  • – Reset password

11- On the last page of the wizard, click Finish. The user account now has the following complete list of required permissions, including permissions that are assigned by default:

  • – List Contents
  • – Read All Properties
  • – Write All Properties
  • – Read Permissions
  • – Reset password
  • – Create Computer Objects
  • – Delete Computer Objects

How to add an instance – Clone Domain Administrator?

You use the Horizon Console to specify the user account for joining instant-clone VMs to the Active Directory domain.

In my case, I have two domains:

1- for management domain: That name is khoshraftar.com

2- for client domain: that name is abc.local

For this purpose, I used an account that we created in this post.

1- In the Horizon Console, navigate to Settings > Instant Clone Domain Accounts, and click the Add button.

2- On the Add Domain Admin page that appears, select the domain from the list, and enter the username and password for the user you created. I used administrator user account.

Click ok.

How to add Domain Bind

Before that, the first step is we define each domain as a conditional forwarder in each DNS servers.

1- open the DNS console khoshraftar.com and add a conditional forwarder :

2- open the DNS console abc.local and add a conditional forwarder :

Check with PowerShell commands:

1- In the Horizon Console, navigate to Settings > Domains > Domain Bind, and click the Add button.

2- Add data abc.local domain

Finish 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *