06-03-14

VCAP-DTA – Objective 3.2 – Configure and Manage Pool Tags and Policies

This objective is relatively short and only has one skill being measured, the ability to correctly configure tags. As a refresher, tags can be used to provide a level of security on connection servers and pools and gives the ability to provide what VMware refers to as “Restricted Entitlement”, which means Connection Servers can only access certain pools. The most obvious and common use case for tagging is when Security Servers are in play, and you want to restrict incoming users from the internet to only use particular Connection Servers.

So then, with only one skill/ability being measured in this section, let’s get to it!

  • Configure tagging for specific Connection Server or security server access – Tagging is done from within View Administrator. You can set tags on Connection Servers and also on pools. One thing you need to be aware of is tag matching – this defines whether or not a user is permitted access to a desktop and will most likely be something you’ll be tested on in the exam.
    • To set a tag on a Connection Server, go to View Administrator and View Configuration, Servers, Connection Servers, choose your Connection Server, click Edit and in the top box, assign the tags you want to use. The example below illustrates two tags in use. This is an internal Connection Server, so it’s been tagged as “Internal” and “Secure”. Note a comma separating multiple tags.

tags

    • To add tags to an existing pool, in View Administrator go to Inventory, Pools, select the Pool you wish to tag, click Edit and then Pool Settings. At the top of this screen is General and Connection Server Restrictions. Click Browse and click the Restricted to these tags radio button. Select the appropriate tag as per below :-

pool-tags

    • Click OK to apply the setting.
    • To apply a tag during pool creation, when you get to the Pool Settings screen, you basically access the same dialog screen. So under the General heading at the top, go to Connection Server Restrictions, click Browse and select the appropriate tag as shown above.
  • In respect of tag matching, be aware of the following matrix as you may be asked to troubleshoot an access issue during the exam which may be caused by incorrect tagging :-
    • Connection Server no tags – Pool no tags – access permitted
    • Connection Server no tags – Pool tags  – one or more tags – access denied
    • Connection Server one or more tags – Pool no tags – access permitted
    • Connection Server one or more tags – Pool one or more tags – access depends on tags matching

VCAP-DTA – Objective 3.3 – Administer View Desktop Pools

This objective is the guts of spinning up virtual desktops for users, and covers the full range of desktop pool types available. So full and linked clone pools, assignment types, Terminal Services or manual pools, user and group entitlements and finally refreshing, recomposing and rebalancing pools. Sounds like a lot, but actually there’s a nice flow to this objective and it should be quite straight forward.

  • Create and modify full or linked-clone pools – To create a new pool in View Administrator, go to  Inventory, Pools, Add. The pool creation wizard is generally pretty easy to follow and there’s not much value I can to it here. Click Next until you reach the third screen of the wizard, entitled vCenter Server. This screen provides the option for Full virtual machines or View Composer Linked Clones. Select the appropriate radio button for the type you want and continue on through the screens to finish the pool creation wizard. The choice selection screen is shown below :-

pool-type

    • To modify an existing pool, go to Inventory, Pools, select the pool you are interested in and click Edit. You can change various settings on an existing pool, such as the pool display name, remote protocol settings, power management, storage accelerator etc. You cannot change the pool type once it has been created.
  • Create and modify dedicated or floating Pools – To create a floating pool, you can only select Automated Pool or Manual Pool in the initial pool definition type screen. When you click Next, you then get presented with the choice of creating a Dedicated or Floating pool. Remember dedicated pools mean once a user is assigned a desktop, they own it “forever” whereas a floating pool is in essence the “next cab off the rank” and is not persistently tied to a single user. Each type has their own use case. From here, complete the wizard with the required settings to provision the pool.
    • To modify an existing pool, go to Inventory, Pools and select the pool you wish to modify. Click Edit and make changes as appropriate. With a dedicated pool, your only option is to enable/disable automatic assignment. A floating pool has additional options for editing settings, including vCenter Settings (changing datastores etc.) and also Guest Customizations.
  • Build and maintain Terminal Server or manual desktop pools – Manual and Terminal Services pools are an extension of View by adding in the View Agent to an existing virtual machine, Terminal Server or even a physical PC or blade PC.
    • To add a manual pool, ensure the agent is installed on the endpoint (and you may be tested on this!), go to Inventory, Pools, Add, Manual Pool. Again the wizard is pretty straight forward, populate all the settings you need.
    • To add a Terminal Services pool, again make sure the View Agent is installed on the endpoint before you proceed.
  • Entitle or remove users and groups to or from pools – Once you’ve built your pools, you also need to add an entitlement. This is simply users and/or groups from Active Directory that you want to grant access to desktops to. This can be done in one of two ways – either when the pool is created (final wizard screen, tick the box for entitle users after this wizard finishes) or afterwards if you forget during pool creation, or if you want to add additional users or groups. If you select to entitle on completion, click Add and use the search box to find the users or groups you want to entitle, as shown below :-

entitlements

    • To add entitlements retrospectively, go to Inventory, Pools, Entitlements and this brings you into the same dialog as above where you simply repeat the same steps to add users and/or groups.
  • Refresh, recompose or rebalance pools – Depending on your design or operational procedures (or if you’re asked to by the exam!), you will need to refresh, recompose or rebalance your desktop pools. As a refresher, this is what each term means :-
    • Refresh – Reverts the OS disk back to the original snapshot of the clone’s OS disk
    • Recompose – Simultaneously updates all linked clone machines from the anchored parent VM, so think Service Pack rollout as a potential use case
    • Rebalance – Evenly redistributes linked clone desktops among available datastores
    • To perform these operations, the desktops must be in a logged off state with no users connected. Go to View Administrator, Inventory, Pools and select the pool you want to manage. Under the Settings tab, click the View Composer button and choose the operation – refresh, rebalance or recompose
    • When you choose the refresh action, you specify when you want the task to run and whether you want to force users to log off or wait for them to log off. You can also specify a logoff time and message, this is customisable from Global Settings. Check your settings and hit Finish to start the operation.
    • When you select recompose, select the snapshot you want to use and whether or not to change the default image for new desktops. Again run through the scheduling page and choose your settings, click Next and Finish.
    • When you select rebalance, you simply fill out the scheduling page and click Finish.
    • Remember if you’re asked to set a custom logoff message, this is done from View Configuration, Global Settings, Display warning before forced logoff.
Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s