Deploying Horizon Workspace 4

You are ready to deploy Horizon Workspace. You can use the deployment checklists you filled in to
complete the installation.

Prerequisites

n If the ESX host is part of a cluster, enable DRS in the cluster. If an ESX host belongs to a non-DRS
cluster, all resource pool functionality is disabled. Deploying a multi-virtual machine vApp creates a
resource pool automatically. No reservation settings are added to the resource pool, so, it does not have
an impact on the other hosts/virtual machines in the cluster.

n Deploy Horizon Workspace using vCenter server. If you deploy Horizon Workspace on an ESX
host directly, the installation will fail.

This chapter includes the following topics:

n “Deploying the OVA File in the vSphere Client,” on page 23

n “Running the Configurator's Virtual Appliance Interface,” on page 24

n “Running the Horizon Workspace Setup Wizard,” on page 26

n “Updating to the Latest Horizon Workspace Desktop Client,” on page 33

Deploying the OVA File in the vSphere Client

To start the Horizon Workspace installation, you must deploy the OVA file using vSphere Client.

Prerequisites

n Log in to the vSphere Client.

Procedure

1 Select File > Deploy OVF Template.

Respond to the prompts with information specific to your deployment.

Table 4-1. Deploy OVF Template Information
Option Description
Source Type a URL or navigate to the OVA package location.
OVF template details Verify that you pointed to the correct OVA template for this installation.
End user license Accept the end user license agreement.
agreement
Name and location Name the vApp.

VMware, Inc. 23
Installing Horizon Workspace

Table 4-1. Deploy OVF Template Information (Continued)

Option Description
Storage Select the location to store the virtual machine files.
Provisioning Select the provisioning type.
Network mapping Select the network for each virtual machine to use. Ensure you select the virtual machine
network associated with the IP pool you created.
IP address allocation Select Fixed and type a static IP address.
NOTE DHCP and transient IP addresses are not supported in Horizon Workspace. Only static
IP addresses with reverse lookup are enabled.
Properties  Select the correct time zone.
 Type the static IP address for each virtual appliance. The configurator-va, service-va,
connector-va, data-va, and gateway-va virtual machines each use a static IP address.

2 Click Power On After Deployment and click Finish.

NOTE Depending on your network speed, this deployment can take 30 minutes or more.

3 Verify that the configurator-va virtual machine is fully powered on.

What to do next

Run the Configurator's virtual appliance interface to start the initial Horizon Workspace configurations,
such as the network, SSL, and vCenter extension configuration.

Running the Configurator's Virtual Appliance Interface

Use Horizon Workspace virtual appliance interface to make initial configurations to Horizon Workspace,
such as the network, SSL, and vCenter extension configuration.

The Configurator virtual appliance interface leads you through the basic configuration. Once you complete
the wizard, you must run the Web-based Horizon Workspace Setup wizard. You can return to the
Configurator's virtual appliance interface at any time to update these settings or to perform other
configurations. The advanced configuration tasks are discussed in Chapter 6, “Advanced Configuration for
Horizon Workspace Virtual Machines,” on page 53.

IMPORTANT During deployment, leave the virtual appliances, except the configurator-va virtual machine,
powered off. Before deployment finishes, the virtual appliances will be powered on automatically. If the
virtual appliances are already on, an error occurs.

Prerequisites

n Log in to vSphere Client.

Procedure

1 Select the vApp you deployed.

2 Open the Console tab.

3 Type y to start the configuration.

24 VMware, Inc.
 Chapter 4 Deploying Horizon Workspace

4 Respond to the wizard prompts with information specific to your deployment.

Table 4-2. Configurator Virtual Appliance Information

Option Action
Global root password Type and confirm the global root password you want to use for all five virtual
appliances in Horizon Workspace.
SMTP server name Type the SMTP server name. See “Configuring an SMTP Server to Work with
Horizon Workspace,” on page 25. If you want to change your SMTP settings
after you install Horizon Workspace, see the CLI Commands for Horizon
Workspace Data Guide.
SMTP port number Type the SMTP port number.
Horizon Workspace FQDN Type the Horizon Workspace FQDN. This domain will be the entry point for
end users.
IMPORTANT After you install Horizon Workspace, you cannot reconfigure an
internal gateway as an external gateway or change the name. If you want to
reconfigure the gateway as external or change the name of the gateway, you
must reinstall the vApp.
Horizon Workspace port number Type the Horizon Workspace port number. The default port number is 443.
vCenter IP address Type the vCenter IP address.
NOTE Configurator virtual appliance registers a vCenter extension and queries
the vCenter server periodically to check the status of the other virtual machines
in the vApp.
vCenter port number Type the vCenter port number.
vCenter admin username Type the vCenter administrator's username. The vCenter administrator only
needs privileges to Horizon Workspace vApp or the resource pool that contains
Horizon Workspace vApp. See
http://pubs.vmware.com/vsphere-51/index.jsp?topic=
%2Fcom.vmware.vsphere.security.doc%2FGUID-93B962A7-93FA-4E96-
B68F-AE66D3D6C663.html for instructions on how to assign the administrator
role.
vCenter admin password Type and confirm the vCenter administrator's password.
Is this correct? Type y if all the information is correct.

The Configurator virtual appliance processes your information. Depending on your network speed,
this process can take up to 20 minutes or more. Once it successfully runs, you must run Horizon
Workspace Setup wizard.

CAUTION If, for example, a networking error occurs and the hostname cannot be uniquely resolved using
reverse DNS, the Configurator virtual appliance wizard will stop. In that case, you must fix the
networking problems, and reboot the configurator-va virtual machine. Then, you can continue with the
wizard. It is important to reboot so the new network settings are available to the Configurator.

Configuring an SMTP Server to Work with Horizon Workspace

You must configure the SMTP server to allow the data-va virtual machine to send emails and alerts.

If the data-va node is not on the same subnet as the SMTP server, your mail transfer agent (MTA) cannot
relay email. When you configure your SMTP server to use the IP address or the subnet of the data-va node,
your MTA can relay mail.

If you use a Microsoft Exchange Server as your SMTP server, see

http://technet.microsoft.com/en-us/library/bb232021(v=exchg.80).aspx? for instructions.

VMware, Inc. 25
Installing Horizon Workspace

If you use a Zimbra server as your SMTP server, configure the Zimbra server using the Zimbra Admin Console.

NOTE Depending on the version of Zimbra you are using, the names for buttons, fields, and so on might be
different.

Prerequisites

In your DNS server, ensure that the SMTP server hostname has a reverse DNS lookup.

Procedure

1 Click Configure Servers > MTA > MTA Trusted Networks.

2 Type the IP address or subnet address of the data-va node.

Increasing the vCenter Timeout Settings

In an environment with heavy traffic, a vCenter quiesce timeout problem can occur that might cause your
deployment to fail. When this happens, an "Unable to execute command," error appears.

The vSphere logs show that this was caused by a, "Failed to quiesce virtual machine," error. You can prevent
the error by increasing the vCenter timeout settings. See the KB article Increasing vCenter Server Timeout
Settings at ttp://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1002721. The default values range from 30 to 120 seconds.
Increase the timeout values and redeploy.

Deleting Unused Extensions from vCenter

If you deploy Horizon Workspace multiple times after failures or upgrades, Horizon Workspace
creates multiple extensions in vCenter.

You can remove the unused extensions using this procedure.

Procedure

1 Log in to this URL as a vCenter administrator at https://vcenterFQDN/mob/?moid=ExtensionManager.

2 Use the UnregisterExtension to remove the unused extension.

3 Look at the most recent heartbeat to determine the current extension.

If a deployment fails or you upgrade Horizon Workspace, run this procedure to remove unused vCenter
extensions.

Running the Horizon Workspace Setup Wizard

The Horizon Workspace Setup wizard makes the initial configurations to Horizon Workspace.

Start the Horizon Workspace Setup Wizard

The Horizon Workspace Setup wizard runs in your browser using the configurator-va virtual machine
hostname, for example, https://configurator-va.company.com.

Security Exceptions
You must set a security exception when you see the message, “This Connection is Untrusted.” See the
instructions for your browser on setting security exceptions.

26 VMware, Inc.
 Chapter 4 Deploying Horizon Workspace

Setup
After you enter the license key provided by VMware, you create an administrator password.

This administrator account is a special account outside of your enterprise directory. If your connection to
Active Directory is unavailable, you can use this account. You will also use this username and password to
access the Horizon Workspace Administrator, Configurator, and Connector Web interfaces directly. See
“Horizon Workspace URLs,” on page 33 for more information.

After you have performed the initial configuration of Horizon Workspace, you can use the Configurator
Web interface to perform advanced configuration tasks, such as to change the administrator password.

Database Connection Setup

You can select an Internal Database or an External Database. If you choose an external database, see
Configure an External Database.

IMPORTANT In reference to database storage, you can use the internal database for the proof-of-concept phase.
Do not use the internal database server in production. For production, install and configure an external
database server.

Directory
You enter your configuration information on the Directory page to establish a connection to Active
Directory, which is used to verify a user's credentials when they attempt to log in to Horizon Workspace.

If your deployment uses a multi-domain Active Directory Domain Server (AD DS) forest, see “Configuring
a Multi-domain Active Directory Domain Service Forest,” on page 39.

After you select the correct Directory Type in the Horizon Workspace Setup wizard, you must enter the
correct directory information for your environment. Horizon Workspace includes the directory types, Active
Directory and Demo User Store (for evaluation only).
Table 4-3. Active Directory Information
Directory Information Description
Server host The text box for the Active Directory host address.
Server port The text box for the port number for the Active Directory host.
For a single domain Active Directory Domain Service, the default port for LDAP is 389 while
the default port for LDAP over SSL is 636.
For a multi-domain Active Directory Domain Service (AD DS) forest, the default ports for the
global catalog are 3268 without SSL and 3269 with SSL.
Use SSL You can select the Use SSL check box if that’s what you use for your directory connection.
Search attribute The drop-down menu for the Active Directory attribute that contains the username.
For a single domain Active Directory Domain Service, the appropriate selection is
sAMAccountName.
For a multi-domain Active Directory Domain Service (AD DS) forest, the appropriate selection
is userPrincipalName.

VMware, Inc. 27
Installing Horizon Workspace

Table 4-3. Active Directory Information (Continued)

Directory Information Description

Base distinguished name The text box for the Base DN, which is the starting point for directory server searches.
(DN) You can use either Active Directory or Demo User Store (for evaluation only) directory types.
See the following examples for best practices when selecting the Base DN and Bind DN:
 Base DN: dc=example, dc=com (It is recommended that you use the topmost level for Base
DN so you include all users and groups.)
 Bind DN : cn=admin user, ou=users, dc=example, dc=com (Ensure that Bind DN is included
in the Base DN you select.)
You can promote other Active Directory users to the administrator role using
Horizon Workspace Administrator Web interface.
For a single domain Active Directory Domain Service, this is the text box for the DN of the
starting point for directory server searches. For example: DC=mycompany,DC=com. The
Connector starts from this DN to create master lists from which you can later filter out
individual users and groups.
For a multi-domain Active Directory Domain Service (AD DS) forest, the appropriate action is
to leave this text box blank.
Bind DN The text box for the Bind distinguished name (DN), including common name (CN), of an Active
Directory user account that has privileges to search for users.
You can use either Active Directory or Demo User Store (for evaluation only) directory types.
The Bind DN account becomes the first administrative account for Horizon Workspace that
supports Active Directory. The Bind DN account user record in Active Directory must include
a username, first name, last name, email address, any required extended attributes, and a
distinguishedName attribute defined in Active Directory. See the following examples for best
practices when selecting the Base DN and Bind DN:
 Base DN: dc=example, dc=com (It is recommended that you use the topmost level for Base
DN so you include all users and groups.)
 Bind DN : cn=admin user, ou=users, dc=example, dc=com (Ensure that Bind DN is included
in the Base DN you select.)
You can promote other Active Directory users to the administrator role using
Horizon Workspace Administrator Web interface.
For a single domain Active Directory Domain Service, the Bind DN entry must be located in
the same branch and below the Base DN.
For a multi-domain Active Directory Domain Service (AD DS) forest, because you leave the
Base DN text box empty, the restrictions that apply for a single domain do not apply for a multi-
domain forest.
Bind password The text box for the Active Directory password for the Bind DN account.

Map User Attributes

During the push process, Horizon Workspace maps the attributes you select from your directory to
Horizon Workspace.

IMPORTANT If you plan to integrate with View , you need to select the Required checkbox for UPN. See
“Integrating VMware View,” on page 46.

Select Users
Use the Select Users page to filter the users you want to sync with Horizon Workspace. You can filter users
using three different methods. First, you start with the base DNs that you want to sync with
Horizon Workspace. Next, you can filter by including or excluding users. Using an exclude filter is best
when you want to exclude a smaller number of users. This method extracts all the users defined by DN first,
and then based on the filters you create, excludes the users you do not want to sync with Horizon
Workspace. If you want to exclude hundreds of users, it is best to add additional user attributes to your
query to include them rather than trying to exclude large numbers individually.

28 VMware, Inc.
 Chapter 4 Deploying Horizon Workspace

You can sync users from multiple DNs. However, only users under the Base DN that you defined in
the Directory step can be authenticated.

If you include additional user attributes to the basic query you create when you enter your base DN, you
can restrict users without having to create multiple exclusion filters. For example, by using the include
method, you can include 100 users and exclude 900 users without having to determine the correct filter to
create to exclude the 900 users. When you add user attributes to your query, processing occurs at the LDAP
level rather than in Horizon Workspace. Processing an inclusion query optimizes the memory and resources
of Horizon Workspace.

In some case, you might need to use include and exclude filters together.
Table 4-4. Type of Queries

Type of Query Action

Base DN with exclude filter 1 Enter the DN where the users are located. For example, if you want to
include all the users in the base DN for Company A’s Active Directory,
use the following query:
ou=Users,DC=testDC,DC=acme,DC=com
2 Create filters to exclude users you don't want to sync to
Horizon Workspace, for example:

name contains John Smith

Base DN with user attributes to include 1 Enter the DN where the users are located.
2 Append a semicolon after the user base DN you want to filter.
3 After the semicolon, add attribute information to narrow your query
and include only the users you want to sync with Horizon Workspace.
For example, if you want to include only the sales team in Company A,
use the following query:
ou=Users,DC=testDC,DC=acme,DC=com;(&(objectClass=user)
(objectCategory=person)( department=Sales))

NOTE If you do not want to include additional user attributes in your query, do not use the default filter
(&(objectClass=user)(objectCategory=person)) in the Enter the DN for Users field.

Select Groups
You add group information from your directory type that you want to import to Horizon Workspace
during the synchronization. You can assign a new name to your Directory group in Horizon Workspace.

NOTE When you select a group, all members of the group are synced to Horizon Workspace. You can sync
users from multiple DNs. However, only users under the Base DN that you defined in the Directory step
can be authenticated.

Configure Scheduling
You schedule a sync to run as frequently as every hour or as infrequently as once a week. If you select
Manually as the frequency, your directory and Horizon Workspace will only sync when you trigger a push.

Push to Horizon
You review the number of directory users and groups you want to add, remove, or update based on your
changes.

IMPORTANT Do not log into Horizon Workspace until after the Push operation is complete. If you add a large
number of users, the synchronization process can take time. Verify that the users and groups are under the
Base DN for successful authentication.

VMware, Inc. 29
Installing Horizon Workspace

SSL Setup
You paste an SSL certificate and a private key for external access service. See “Using SSL Certificates in
Horizon Workspace,” on page 75.

IMPORTANT (Optional) You must include the entire certificate chain in the SSL certificate section. You can
upload a trusted certificate later. Horizon Workspace includes a self-signed certificate.

Select Modules
You click Enable this module for each module you want to enable. The modules described below are
available. Table 4-5. Module Information

Module Description
Data module The data module is available in the catalog-services section. After it is enabled, the
administrator can entitle users or groups to upload and share files with enterprise
and non-enterprise users.
Webapps and mobile apps You can add or import SAML-based Webapps or referred mobile apps from a
published global catalog (hosted by VMware) from Google Play and iTunes
applications stores. Then the administrator can grant users and groups access to
these applications. Users can use single sign-on to access the SAML-based Web
applications or install referred mobile applications on their mobile devices.
ThinApp packages You can download ThinApp packages from a Windows network share. You must
log in to the Connector and load the ThinApp packages. The administrator can
entitle ThinApp packages to users and groups from the Manager Administrator
Web interface, and end users can launch these applications using the
Horizon Workspace Client for Windows.
View pools While enabling the module, the administrator can sync information about the
available View pools and entitlements from the View Connection Server. Once
enabled, end users can launch the View desktops they have access to from the
Horizon Workspace Web interface. If you want to enable the View module, you
must join the Active Directory domain, sync the View Connection Server with it,
and enable SAML authentication. See “Integrating VMware View,” on page 46 for
more information on View integration.

Go to Horizon Workspace
When the setup wizard finishes, you can click Go to Horizon Workspace to open the Horizon Workspace
Web interface.

Clicking this button opens the login page for the Horizon Workspace Administrator Web interface. The log
in requires the Bind DN username and password that you entered for the Directory step. If you can log into
the Horizon Workspace Administrator Web interface, your Horizon Workspace deployment was successful.

Now, you can continue with resource entitlement. See the Horizon Workspace Administrator Guide for details.

Configurator Information
After you run the Horizon Workspace Setup wizard, you can open the Configurator to update your
configuration or perform advanced configuration tasks. You can use the Connector to perform specialized
Connector configurations.

System Information
Find system information about each of the following virtual appliances:

n Connector (connector-va)

30 VMware, Inc.
 Chapter 4 Deploying Horizon Workspace

n Data (data-va)

n Manager (service-va)

n Configurator (configurator-va)

n Gateway (gateway-va)

The system information provided includes:

Hostname DNS resolved label assigned to uniquely identify each virtual appliance.

Software Version Installed version of the application.

VM Time Date and time on the virtual machine.

Relative Drift Time difference between the virtual appliance time and the configurator-va
virtual machine time. A large time drift can cause issues with the
authentication and certification process.

IP Address IP address for the specified virtual appliance.

MAC Address MAC address for the specified virtual appliance.

Status Powered On – virtual appliance is turned on.

Powered Off – virtual appliance is turned off.
Maintenance Mode – virtual appliance might be powered on, but it is not
available to serve any user requests. Only certain virtual appliances can use
maintenance mode, such as the connector-va virtual machine with the role of
directory-based load balancing, data-va virtual machine, and service-va
virtual machine. The configurator-va, gateway-va, and connector-va virtual
machines with the authentication role cannot use maintenance mode.
Status Unknown – virtual appliance is not responding.

Database Connection
You must select an internal or external database. You can choose either the internal database installed by the
Horizon Workspace Setup wizard, or you can use your own external database. If you use an external
database, you must point to an initialized, populated database. For example, a database configured during a
successful run of the Horizon Workspace Setup wizard, a database from a backup, or an existing database
from a recovered snapshot.

NOTE You cannot switch from an external to an internal database to create a new install of Horizon
Workspace or vice versa.

IMPORTANT In reference to database storage, you can use the internal database for the proof-of-concept phase.
Do not use the internal database server in production. For production, install and configure an external
database server.

SSL Certificate
If you require external access service, you must paste an SSL certificate and a private key. See “Using
SSL Certificates in Horizon Workspace,” on page 75.

IMPORTANT This step is optional. You must include the entire certificate chain in the SSL certificate section.
You can upload a trusted certificate later. Horizon Workspace includes a self-signed certificate. If you are
using an external gateway or a load balancer, you must manually copy the certificate to the end point.

VMware, Inc. 31
Installing Horizon Workspace

Module Configuration
Click on each module you want to enable. After you enable a module, you cannot disable it. The modules
are described as follows:

Data Module The data module is available in the catalog-services section. After it is enabled,
the administrator can entitle users or groups to upload and share files with
enterprise and non-enterprise users.

Webapps and Mobile You can add or import SAML-based Webapps or referred mobile apps from a
Apps published global catalog (hosted by VMware) from Google Play and iTunes
applications stores. Then the administrator can grant users and groups access
to these applications. Users can use single sign-on to access the SAML-based
Web applications or install referred mobile applications on their mobile
devices.

ThinApp You can download ThinApp packages from a Windows network share. You
must log in to the Connector and load the ThinApp packages. The
administrator can entitle ThinApp packages to users and groups from the
Manager Administrator Web interface, and end users can launch these
applications using the Horizon Workspace Client for Windows.

View Pools While enabling the module, the administrator can sync information about the
available View pools and entitlements from the View connection server.
Once enabled, end users can launch the View desktops they have access to
from the Horizon Workspace Web interface. If you want to enable the View
module, you must join the Active Directory domain, sync the View
Connection Server with it, and enable SAML authentication.

License Key
Type the license key provided by VMware.

Password
You are changing the administrator user password on the service-va, configurator-va, and connector-va virtual
machines. This process takes time. The system validates that the password you type in the Old Password field
matches the administrator user password on the service-va, configurator-va, and connector-va virtual machines.
Then the system changes the old password to the password you specify in the New Password field.

Logging
Horizon Workspace provides log files for you to use during testing and troubleshooting. See more
information on logging at “Logging Information,” on page 50.

Changing vCenter Administrator Password

If you change your vCenter administrator password, you must use the hznAdminTool to change it on the
configurator-va virtual machine as well.

You must update your password on the configurator-va virtual machine. Otherwise, when you log in to
the Horizon Workspace Configurator Web interface, you can only see the System Information page.

Procedure

1 Log in to the configurator-va.

32 VMware, Inc.
 Chapter 4 Deploying Horizon Workspace

2 Run the following command:

hznAdminTool editproperty --fileName=/usr/local/horizon/conf/horizon-configurator.properties --
set=secure_vim_password:<yournewpassword>

3 Run the configurator-tc restart command to restart the configurator-va virtual machine.

What to do next

Log in to the Horizon Workspace Configurator Web interface and verify that the System Information page
appears.

Horizon Workspace URLs

You use different URLs to access the different Horizon Workspace Web interfaces.

Each interface gives you access to different functions. Each Web interface URL listed uses a placeholder,
such as HorizonWorkspaceFQDN, ConnectorHostname, and ConfiguratorHostname for the hostname. Replace the
placeholder names with the actual values.
Table 4-6. Horizon Workspace URLs

URL User Interface What you can do here

https://HorizonWorkspaceFQDN/admin Administrator Web interface (Active Manage the Catalog, users and groups,
Directory user) entitlements, reports, etc. (Login as
Active Directory user with
administrator role.)
https:// Administrator Web interface (non- Use this URL if you cannot login as the
HorizonWorkspaceFQDN/SAAS/login/0 Active Directory user) Active Directory user with the
administrator role. (Log in as an
administrator using the username
admin and the password you set during
configuration.)
https://HorizonWorkspaceFQDN/web Web Client (end user) Manage files, launch applications, or
launch View pools. (Login as an Active
Directory user or virtual user.)
https://ConnectorHostname/hc/admin/ Connector Web interface Configure additional ThinApp settings,
View pool settings, check directory sync
status, or alerts. (Log in as an
administrator using the password you
set during configuration.)
https://ConfiguratorHostname/cfg Configurator Web interface See system information, check modules,
set license key, or set admin password.
(Log in as an administrator using the
password you set during
configuration.)

Updating to the Latest Horizon Workspace Desktop Client

You can download native clients, such as Windows and Mac, by going to the Horizon Workspace
Download page at https://HorizonWorkspaceFQDN/download.

When VMware releases new versions of these clients, administrators can test the clients and then update the
download links to the latest clients. Afterward, end users can download the latest clients using the
instructions that follow.

NOTE End users must download Android and iOS clients from the app stores, GooglePlay and iTunes
respectively.

VMware, Inc. 33
Installing Horizon Workspace

Installing Horizon Workspace Client for Windows

Download and install the current version of the Horizon Workspace Client for Windows. For the latest file,
go to the VMware Horizon Workspace download page. Install this file on each data-va virtual machine.

Procedure

1 Copy the Horizon Workspace file to each data-va virtual machine's download directory.

scp VMware-Horizon-Workspace-<#.0.0-######>.exe
root@yourDataServer:/opt/zimbra/jetty/webapps/zimbra/downloads

2 Ensure the file has the correct permissions.

# chmod a+r VMware-Horizon-Workspace-<#.0.0-######>.exe

3 Change to the Zimbra user.

su - zimbra

4 Edit the ZoMsg properties file at /opt/zimbra/jetty/webapps/zimbra/WEB-INF/classes/messages .

5 Update the winSyncClientUrl parameter value to the downloaded file name and version number.

winSyncClientUrl = /data/downloads/VMware-Horizon-Workspace-<#.0.0-######>.exe

(Optional) Update the windowsClientVersion parameter value with the version number, -<#.0.0-
######>.

6 Restart the server.

zmmailboxdctl restart

Installing Horizon Workspace Client for Mac

Download and install the current version of the Horizon Workspace Client for Mac. Install this file on each
data-va virtual machine.

Procedure

1 Copy the Horizon Workspace file to each data-va virtual machine's download directory.

scp VMware-Horizon-Workspace-<#.0.0-######>.dmg
root@yourDataServer:/opt/zimbra/jetty/webapps/zimbra/downloads

2 Ensure the file has the correct permissions.

# chmod a+r VMware-Horizon-Workspace-<#.0.0-######>.dmg

3 Change to the Zimbra user.

su - zimbra

4 Edit the ZoMsg properties file at /opt/zimbra/jetty/webapps/zimbra/WEB-INF/classes/messages .

5 Update the macSyncClientUrl parameter value to the downloaded file name and version number.

macSyncClientUrl = /data/downloads/VMware-Horizon-Workspace-<#.0.0-######>.dmg

(Optional) Update the macClientVersion parameter value with the version number, -<#.0.0-######>.

6 Restart the server.

zmmailboxdctl restart
34

VMware, Inc.