Leveraging AWS AD service with VMware Horizon on VMware Cloud on AWS
VMC on AWS is a great solution to use AWS native service and implement those native services into existing services. In this blog post series, I will explain how we can leverage Active Directory, RDS, FSx and other AWS native service with our EUC solutions. This will only show you how easy it is to implement AWS native service into existing services and is using ONLY for Demo purpose for this blog post.
Before we can start we need to make sure that we have set the right firewall rules on the VMC site but also in the AWS security group. We created a AWS out and AWS in policy on VMC and configured the security group on AWS site. Please make sure this connection is working before proceeding with the AWS native deployment. We will roll out an AWS managed Active Directory. This Active Directory will be used for our whole Horizon deployment on VMware Cloud on AWS. All Horizon Components are living in VMware Cloud on AWS but will attach AWS native services via the ENI for EventDatabases, Active Directory and other services. Let’s roll out our first AWS managed Active Directory. Go to your AWS account and click on Directory Services
I have used the Standard AD Service. You will see a clear description between Standard and Enterprise once you are on the AWS page to deploy the AD service. Fill in all the needed information, choose the VPC where you want to deploy this service and the subnets. Review your settings and deploy. Once the service is deployed we can see the information needed for our deployment of the horizon components. By clicking on the newly deployed directory we will get the information we need for the next steps:
Let’s check now that the connection from VMware Cloud on AWS to this newly created service is working. We will go back to our VMC vCenter and use a Windows Server to check the connection. What we need to do in the VM on VMC is to set the right networking settings. Specifically the DNS server. As we want to use the AWS DNS server we need to put in the information we gathered from the previous step.
We can see that the service we need is accessible from VMC to AWS native and vice versa. The question now is how do we manage this Active Directory service that runs in AWS. What we will do is activate the “Remote Server Administration Tools”.
With those tools we can manage the AD service like Accounts and DNS. Once the tools are installed we can open the Active Directory Users and Groups tool:
We will install the Horizon Components now on VMware Cloud on AWS.
Once the Connection Server is installed we can proceed with the configuration on the Horizon site. In my next blog post, I will show how we can leverage Route 53 to create an external DNS record to access the virtual desktops and RDS for the event database in Horizon.
Leave a Reply