End User Computing

App Volumes Automated Entitlement Replication

Deploying App Volumes in a multi-site scenario takes proper planning and consideration. You need to consider a lot of different factors that will influence the level of availability. For example, how quickly must your users be up and running in case the main site goes down?

VMware explains the two main options for an App Volumes multi-site deployment in the VMware Horizon 7 Enterprise Edition Multi-Site Reference Architecture. The second option covered in the Reference Architecture is to have two App Volumes Manager instances with separate SQL databases. The main drawback to this option is that the entitlements must be reproduced in both sites.

There might be other reasons why you also need this kind of setup, even with a single site (entitlement replication between different staging environments, for example). The configuration in the previous diagram is for two sites, but the following information applies to either a single-site or multi-site deployment.

A simple but very effective way of replicating entitlements is to use a PowerShell script. We want to provide the script to be able to do this. You can either run this script manually or program it through Windows Scheduler.

Prerequisites

There are a few things you need for this script to work. Always keep in mind that this script can be run locally on the server, but also can be ran remotely, from an account with proper permissions.

  • Windows Management Framework 4.0
  • Microsoft .NET Framework 4.5

The script replicates entitlements, but it does not copy AppStacks, so you must make sure that the AppStacks are present in both sites. You can easily do this manually with a simple copy, but you can also automate the copy by creating storage groups (more information in the App Volumes Deployment Considerations paper) and having a setup that resembles the configuration in the previous image.

App Volumes Replication Script

We have posted thesuggested App Volumes replication script here

Copy and paste thescript, then edit the username, password, source server, and destination server to match your environment. Remember to save the file with a ps1 extension. As mentioned, you can run this script manually by opening a PowerShell window.

We recommend you try this script at least once to see how it works for you, and then, after you are satisfied with the results, you can schedule the script to run at regular intervals by creating a scheduled job.

Important: If you are doing a multi-site deployment and want both sites to be available and have matching entitlements, follow the recommendations in the VMware Horizon 7 Enterprise Edition Multi-Site Reference Architecture. This script will help you to replicate entitlements when using separate databases in multiple sites or in a single site.

The post App Volumes Automated Entitlement Replication appeared first on VMware End-User Computing Blog.

Read more..

VMware Named a Leader in Gartner Magic Quadrant for Enterprise Mobility Management (EMM)

VMware was named a leader in Gartner Magic Quadrant for Enterprise Mobility Management (EMM).

“The EMM landscape has changed considerably over the past seven years and we have maintained a rapid pace of innovation to help customers prepare for the next generation of digital transformation,” said Sumit Dhawan, senior vice president and general manager, End-User Computing, VMware in today’s press release.

“Using our industry-leading AirWatch EMM as the foundation for VMware Workspace ONE—the platform for delivering a secure digital workspace—customers can turn to proven solutions from VMware at any point of their digital transformation journey, whether they need EMM, unified endpoint management (UEM) or a digital workspace strategy.”

Download the report: 2017 Gartner Magic Quadrant for Enterprise Mobility Management

Source: Gartner, Inc., Magic Quadrant for Enterprise Mobility Management Suites, Rob Smith, et al, June 6, 2017.
Gartner Disclosure: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner&#rsquo;s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The post VMware Named a Leader in Gartner Magic Quadrant for Enterprise Mobility Management (EMM) appeared first on VMware End-User Computing Blog.

Read more..

Il meglio di due mondi: come l’integrazione fra le soluzioni VMware e Dell EMC accelererà la trasformazione della forza lavoro

Mentre i nostri clienti sono alle prese con il percorso di trasformazione della forza lavoro, anche noi intraprendiamo un viaggio in parallelo, alla scoperta di nuovi modi per supportarli.

Le aziende cercano soluzioni che le aiutino ad accelerare la trasformazione digitale sia dal punto di vista dell&#rsquo;IT che della forza lavoro, trasformazione che oggi non può prescindere dall&#rsquo;adozione di tecnologie e processi capaci di garantire che il lavoro possa essere svolto con modalità nuove, in qualunque luogo e in qualsiasi momento. Abilitare tutto questo è fondamentale, ma desideriamo farlo senza dover aggiungere un ulteriore strato di complessità a costi eccessivi.

Ecco perché, nel nostro viaggio, stiamo collaborando con Dell EMC per migliorare le soluzioni di End-User Computing. Saremo in grado di aiutare i clienti a realizzare i vantaggi della trasformazione del posto di lavoro tramite tecnologie mobili, desktop e cloud. Insieme, supporteremo quelle aziende che si sentono ostacolate e stanche di gestire molteplici contratti di fornitori, SLA e console di gestione delle soluzioni, che contribuiscono tutti ad accrescere il TCO.

Cosa stiamo facendo esattamente?

In primo luogo, abbiamo integrato VMware AirWatch con Dell Client Command – gli strumenti di gestione dei sistemi client Dell - per estendere le funzionalità di gestione remota per le caratteristiche chiave del sistema hardware di Dell e migliorare AirWatch Unified Endpoint Management (UEM). Questa integrazione aiuta l&#rsquo;IT a valutare la sicurezza del BIOS e a intraprendere azioni per migliorare l’allineamento con i requisiti di conformità.

In secondo luogo, abbiamo voluto fornire un modo economico, chiaro e semplice per implementare soluzioni di virtualizzazione client con VDI Dell EMC powered by VMware Horizon, che offre una soluzione completa per la virtualizzazione desktop e delle applicazioni con un’infrastruttura ottimizzata di carico, software integrato e thin client Dell Wyse. I clienti possono sfruttare una sola soluzione pronta per essere implementata con tutti i componenti necessari per fornire desktop e applicazioni virtuali in metà dei passaggi e dei tempi rispetto alla distribuzione delle singole soluzioni.

In entrambi i casi, volevamo ridurre i costi; lo stiamo facendo agendo sul costo totale di gestione dei PC e riducendo per questi ultimi i costi di implementazione del software VDI. Ma non si tratta solo di costi, il nostro obiettivo è abbattere le barriere della gestione di software e hardware dei nostri clienti, supportando così le organizzazioni nel loro processo di trasformazione della forza lavoro.

 

Read more..

The best of both worlds: integrating VMware & Dell EMC solutions will accelerate workforce transformation

While our customers are in the midst of a workforce transformation journey, we&#rsquo;ve been on our own voyage, in a bid to find ways to help them.

Organizations are going through digital transformation – both in their IT, but also in their workforce. The modern workforce requires the technology and processes in place to ensure they can work in any way, in any place and at any time they choose. But they also want to be able to do this in a way which doesn&#rsquo;t add a layer of complexity, or proves to be costly.

This is why, as part of our journey, we&#rsquo;re teaming up with Dell EMC to enhance VMware End-User Computingsolutions. We&#rsquo;ll be able to help customers realise the benefits of workplace transformation through mobile, desktop and cloud technologies. Together, we&#rsquo;ll be in a position to help businesses that are sick and tired of managing multiple vendor contracts, service level agreements and solution management consoles, all of which drive up the total cost of ownership (TCO).

So, what exactly are we doing?
Firstly, we&#rsquo;re integrating VMware AirWatch with Dell Client Command Suite. This will help IT administrators to proactively manage Dell commercial PCs directly with AirWatch – giving them the ability to query and retrieve critical system attributes, configure basic input/output systems (BIOS) settings, and take remediation actions from the same AirWatch console that is used to manage all Windows OS policies, apps and endpoints across an organisation.

Secondly, we wanted to provide an inexpensive, clear and easy way to implement client virtualization solutions. So, we&#rsquo;re using VMware Horizon to power Dell EMC VDI Complete, an end-to-end desktop and application virtualization solution. Why? So that organizations can benefit from a single, ready-to-deploy solution with all the components necessary to provision virtual desktops and applications in half of the time it would take to deploy individual solutions.

In both cases, we wanted to reduce costs; for the former we&#rsquo;re doing so by reducing the total cost of managing PCs, and for the latter, we&#rsquo;re reducing the cost of implementing VDI software. But it&#rsquo;s not just about costs – we&#rsquo;re keen to break down the barriers of managing client software and hardware, and in doing so, help organisations in their workforce transformation journeys.

Read more..

The best of both worlds: integrating VMware & Dell EMC solutions will accelerate workforce transformation

While our customers are in the midst of a workforce transformation journey, we&#rsquo;ve been on our own voyage, in a bid to find ways to help them.

Organizations are going through digital transformation – both in their IT, but also in their workforce. The modern workforce requires the technology and processes in place to ensure they can work in any way, in any place and at any time they choose. But they also want to be able to do this in a way which doesn&#rsquo;t add a layer of complexity, or proves to be costly.

This is why, as part of our journey, we&#rsquo;re teaming up with Dell EMC to enhance VMware End-User Computingsolutions. We&#rsquo;ll be able to help customers realise the benefits of workplace transformation through mobile, desktop and cloud technologies. Together, we&#rsquo;ll be in a position to help businesses that are sick and tired of managing multiple vendor contracts, service level agreements and solution management consoles, all of which drive up the total cost of ownership (TCO).

So, what exactly are we doing?
Firstly, we&#rsquo;re integrating VMware AirWatch with Dell Client Command Suite. This will help IT administrators to proactively manage Dell commercial PCs directly with AirWatch – giving them the ability to query and retrieve critical system attributes, configure basic input/output systems (BIOS) settings, and take remediation actions from the same AirWatch console that is used to manage all Windows OS policies, apps and endpoints across an organisation.

Secondly, we wanted to provide an inexpensive, clear and easy way to implement client virtualization solutions. So, we&#rsquo;re using VMware Horizon to power Dell EMC VDI Complete, an end-to-end desktop and application virtualization solution. Why? So that organizations can benefit from a single, ready-to-deploy solution with all the components necessary to provision virtual desktops and applications in half of the time it would take to deploy individual solutions.

In both cases, we wanted to reduce costs; for the former we&#rsquo;re doing so by reducing the total cost of managing PCs, and for the latter, we&#rsquo;re reducing the cost of implementing VDI software. But it&#rsquo;s not just about costs – we&#rsquo;re keen to break down the barriers of managing client software and hardware, and in doing so, help organisations in their workforce transformation journeys.

Read more..

VMware User Environment Manager 9.2 Technical Deep Dive

We are excited about the newest release of VMware User Environment Manager - version 9.2. This release includes some great new features that enhance the product functionality and continue to offer administrators more flexibility in managing the user experience. We have put together a series of videos that will help you learn about User Environment Manager, get up to speed on the new features, and see demos of some of those features.

User Environment Manager 9.2 Technical Overview

Before you dive into the new features, this brief technical-overview video will introduce you to User Environment Manager, provide some details about how it works, and examine the architecture. If you are new to the product, or want a short refresher, this is a great place to begin.

User Environment Manager 9.2 – What&#rsquo;s New

Two videos explain the new features of User Environment Manager 9.2. The first video focuses on the privilege elevation feature and publisher-based rules for application blocking and privilege elevation.

The second video discusses the additional new features of automation with new environment variables, new config file templates for better personalization, and several additional topics.

Privilege Elevation

This video discusses and demonstrates the new privilege elevation feature of User Environment Manager 9.2. Privilege elevation is designed as a tool for IT administrators to mitigate risks in their privilege-management strategy. Applications that are already installed and require elevated privileges to run, as well as application installers, can have privileges elevated.

Publisher-Based Application Blocking and Privilege Elevation

User Environment Manager 9.2 added the ability to use a software publisher&#rsquo;s certificate to configure application blocking or privilege-elevation rules. This enables the IT administrator to allow all applications or elevate privileges for all applications from a software publisher. This video provides the details and a demo of how this works.

Scripting Variables

This video looks at and demonstrates the use of environment variables automatically created by User Environment Manager. These environment variables can be leveraged for automation scripting.

Summary

We hope you learn a lot from these videos covering new features in VMware User Environment Manager. User Environment Manager 9.2 is available for download today.

To comment on any of the videos, contact VMware End-User-Computing Technical Marketing ateuc_tech_content_.

 

The post VMware User Environment Manager 9.2 Technical Deep Dive appeared first on VMware End-User Computing Blog.

Read more..

NEW WHITEPAPER: VMware AirWatch Product Provisioning Microsoft Office 2016 for macOS Best Practices

TheVMware AirWatch ProductProvisioning Office 2016 for macOS document is now available! This white paper provides configuration best practices for provisioningMicrosoft Office 2016 zmacOS. VMware AirWatch product features that can help you Using easy-to-follow steps and screenshots, it walks you through leveraging custom settings XML, custom attributes, files, actions, and products. Concepts demonstrated in this white paper can be extended to deploy additional non-AppStore applications from other 3rd party software vendors.

Document Overview

Each section contains screenshots and descriptions to help you understand the features and how to leverage them:

Introduction

The introduction starts by introducing VMWare AirWatch and the Product Provisioning feature and how it helps with deploying large or complex non-Appstore applications. It also lays out the use-case parameters for whichthe document illustrates a solution.

Skip Splash Screens with Custom Settings XML

The next section describeshow to skip the first-run splash screens by delivering custom settings XML to macOS devices. This section demonstrates how to use custom XML to modify configurable parameters supported by an application.

Custom Settings XML Payload for macOS

Report Devices Running Microsoft Office 2016

In the following section, learn how to create a custom attributes profile payload to control delivery of Office 2016 for macOS. By using the custom attribute, you can determine any exclusions for product assignment and prevent re-install over top of devices where the app was installed out-of-band by the user.

Configure Files and Actions for the Product Application Suite

To provision Microsoft Office 2016 to macOS devices, the Office installersmust become a product within VMware AirWatch. Files and actions serve as the product&#rsquo;s building blocks. For Product Provisioning, files refer to a literal file, and actions refer to a behavior associated with a specific file. This section walks you step-by-step through a repeatable process that could be used for other, similar non-Appstore applications.

Files and Actions are the building blocks for AirWatch Product Provisioning

Create the Microsoft Office 2016 for Mac Product

The final section of the guide covers the Product creation process in a step-by-step manner. The product references all the individual application files and actions, along with a manifest that lays out the order of operations. Product provisioning deploys these files and performs the actions on the managed device, allowing you to install non-Appstore applications on managed macOS devices.

To comment on this paper, contact VMware End-User-Computing Technical Marketing at euc_tech_content_.

The post NEW WHITEPAPER: VMware AirWatch Product Provisioning Microsoft Office 2016 for macOS Best Practices appeared first on VMware End-User Computing Blog.

Read more..

VMware AirWatch – NSX Integration

 

Integrate VMware AirWatch Enterprise Mobility Management with VMware NSX Network Virtualization and Security Platformto extend security policies from the data center to mobile application endpoints. VMware AirWatch – NSX Integration brings speed and simplicity to networking and micro-segmentation capabilities. By creating policies that dynamically follow mobile applications, it eliminates the need to dotime-consuming network provisioning. Keep reading to learn how to integrate NSX with VMware AirWatch.

Next Level Per-App VPN

While per-app VPN addresses some of the security concerns ofdevice-level VPN, it still exposes all the domain’s endpoints and services to an application. In comparison,micro-segmentation takes endpoint management to the next level,restricting application-level access to a specified endpoint on the datacenter.

[Related: VMware AirWatch 101: Per-App VPN]

What is NSX Micro-Segmentation?

NSX micro-segmentation is a logical, bi-directional firewall thatmonitors inbound and outbound access controls for individual endpoints. It uses the NSX virtualization tool, making it a streamlined, cost-effective alternative to a physical firewall.

VMware AirWatch – NSX Integration Health Care Use Case

Considera doctor referencing patient health records from an enterprise health app.In this use case, only the health app, and not any of the device’s other applications, can establish a per-app VPN connection. Then, micro-segmentation dictates a designated endpoint for the health app. In this case, a patient database.

This level of restriction means that the healthcare app cannot access the e-mail server, an inventory database, or other unrelated services.The application’s assigned groups also mean that data access gets filtered on an employee level as well. Nurses, or doctors from a different department using the same health app cannot access the specifieddatabase without permission.

Additional Use Cases

  • Enhanced network security and granular controls for mobile workflows
  • Accelerated digital workspace and BYOD deployments
  • Policy defined network access for mobile apps and users
  • Reduced mobile access footprint to data center minimizing attack surface
  • Accelerated mobile app delivery, testing and automation

VMware AirWatch–NSX IntegrationSolution Overview

Starting with a sucessfully installed instance of NSX, sync the NSX Security Groups thatrepresent data center endpoints and services in the AirWatch Console. This actionsharesdatacenter logic with VMware AirWatch.Then,configure and installthe VMware Per-App Tunnel. This server establishes the secure connection between mobile applications and the network.Next, configure a Per-App VPN profile todirects managed applications to specified endpoints. Finally, configure applications.

VMware Tunnel Application

Device communication with the VMware Per-App Tunnel server goes through the VMware Tunnel application.Without this application, a per-app VPN connection cannot establish.Therefore, the VMware Tunnel Application is the most important application to configure and deploy.

The other applications you configure depend on the specific scenario and use case, but are generally the apps that end users accesses internal resources from. When configuring these apps, consider using Assignment Groupswithin AirWatch Console to control access on a user level.

Plan VMwareNSX Implementation

  • Determinethe types of devices accessing your network
  • Identify the endpoints (apps) in your network access.
  • Group applications by level of vulnerability/risk
  • Define the security requirements for each level of access.

InstallVMware NSXfor vSphere 6.1.x+

  • Designate a separate network range for each Security Level to identify incoming traffic
  • Define IP set-based Security Groups in NSX
  • Define internal resource based Security Groups in NSX
  • Determine firewall rules for Security Groups
  • Identify application endpoint addresses
  • Set traffic routing patterns

Meet VMware AirWatch–NSX Integration Requirements

  • AirWatch Admin Console v8.3+
  • AirWatch Tunnel server using the Linux Installer. The AirWatch Tunnel virtual appliance deployment method is currently not supported for NSX integration.
  • AirWatch Cloud Connector (For SaaS Customers)
  • Managed Android or iOS devices

VMware AirWatch – NSX Integration Steps

This post highlights the configurations most important for VMware AirWatch integration with NSX. For comprehensive instructions in AirWatch Console v9.1, click the suggested links.

Step 1: Configure and Download the VMware Per-App Tunnel for Linux Installer

To Configure VMware Tunnel , you need the details of the server where you plan to install. Before configuration determine the deployment model, hostname(s), port(s), and which VMware Tunnel features to implement.

Available VMware Tunnel Features:

Micro-Segmentation with NSX requiresNSX integration and installation of the Per-App VPN component. However, other configuration options remain. Available features include: access log integration, SSL offloading, enterprise certificate authority integration, and more.

Then, use the configuration wizard to go through the installer settings step-by-step. Next, download the installer from the AirWatch Console, for use during Linux server installation. Please note, changing the details in this wizard creates a new configuration, and requires a reinstall of the VMware Tunnel.

AirWatch Console Configurations:
  1. Navigate to Groups & Settings > All Settings > System > Enterprise Integration > VMware Tunnel > Network Accessibility.
  2. Select Enable AirWatch Tunnel.
  3. Click Enabled for NSX Communicationand provide the NSX Manager URL and Admin Username and Password.

4. Sync Security Groups and block all non-compliant devices from the same configuration screen.

5. Select Download Linux Installer. This button downloads a single TAR file used for deploying the relay and endpoints.

6. Select Save.

Step 2: Install VMware Per-App Tunnel with NSX Enabled

After meeting the VMware Tunnel for Linux System Requirements, configuring VMware Tunnel settings, and downloading the installer, begin installation. Run the installer on a Linux server, and enable the service.

During VMware Tunnel configuration, you specify whether you are installing in a multi-tier or single-tier configuration.

  • For multi-tier configurations, continue with the Install the AirWatchTunnel Front-End Server(Linux)steps.
  • For single-tier configurations Install the VMware Tunnel – Basic (Linux).

Important: After accepting the licensing agreement during installation, specifythe components to install. Enter 1to install Per-App Tunnel only.

Step 3: Create a Per-App VPN Profile

After configuring the VMware Tunnel server,Configure Per-App Tunnel Profile for iOS or Configure Per-App Tunnel Profile for Android.This profile enables specified applications to route HTTP(S) and TCP traffic through the VMware Per-App Tunnel. However, please note that the VPN profile can only take effect on devices with the VMware Tunnel application installed.

AirWatch Console Configurations
    1. Navigate to Devices > Profiles > List View > Add.
    2. Select the appropriate platform (iOS or Android).
    3. Configure a VPN Payload.
    4. Set the Connection Type to AirWatch Tunnel.
    5. Select the Per-App VPN Rules checkbox.

Step 4: Configure VMware Tunnel App

The VMware Tunnel application enables access to internal resources through managed applications. To Access the VMware Tunnel App for iOS or Access the VMware Tunnel App for Android end users must download and install the VMware Tunnel application from the App Store.

Step 5: Apply the Per-App VPN Profile and Security Group Mapping to Apps

After you create a per-app tunnel profile, Configure Public Apps to Use Per App Profile in the application configuration screen. This tells that application to use the defined VPNprofile when establishing connections.

On the application configuration screen, select the following options:

Learn More About VMware AirWatch – NSX Integration

To learn more about VMware NSX, check out the links below:

  • NSXproduct page
  • Next Generation Security with VMware AirWatch and NSX Integration Webinar
  • NSX Integration Hands On Lab(All Labs > AirWatch – NSX Integration)
  • VMware AirWatch and NSX Integration External FAQ
  • VMware AirWatch and VMware NSX Integration Guide

Because you liked this blog:

  • VMware NSX Micro-segmentation Day 1 Book Available!
  • New! VMware 2016 State of the Digital Workspace Report
  • Challenges & Benefits of Digital Workspace Transformation: Q&A with VMware&#rsquo;s Shankar Iyer

The post VMware AirWatch – NSX Integration appeared first on VMware End-User Computing Blog.

Read more..

VMware AirWatch Android Enterprise Enhancements

The recent Android Enterprise enhancements for VMware AirWatch make setting upan enterprise mobility management (EMM) solution easier than ever. Use these improvements to secure an Android bring-your-own-device (BYOD) deployment, without sacrificing user experience. To get started, check out ourVMware AirWatch Android Enterpriseinfographic which provides an overview of the enhancements and key configurations.

How Do I Get the Android Enterprise Enhancements?

To take advantage of the enterprise enhancements for Android, meet the minimum platform and version requirements. Then, download additional resources to learn more.

Minimum Requirements

To access the functionality and streamlined workflows outlined in this post, complete the following:

  • Security Challenge functionality available for Android Nougat and above
  • AirWatch Console v9.0+

MyAirWatchResources

Download full guides from MyAirWatch to learn more. (However, please note that MyAirWatch access requires credentials.)

  • Android Platform Guide- Reviewthe basics of VMware AirWatch EMM for Android. Key topics include, but are not limited toenrolling, securing, configuring and managing devices.
  • Integration with Android for Work- Learn aboutAndroid devices with special features forenterprise security,formerly referred to as Android for Work. Then, learn about what VMware AirWatch EMM can do withthese devices.
  • Mobile Device Management (MDM) Guide - Reviewthe basics of VMware AirWatch EMM. Especially relevant topics include, enrolling, securing, configuring and managing devices.
  • Bring Your Own Device (BYOD) Guide - Learn how to secureemployee access to corporate resources on personal devices.

Contact Information

If you have anyquestions or concerns about the Android Enterprise enhancements, then please email us.

Because You Like This Post:

  • Android Nougat Comes to the Enterprise
  • [SlideShare] Gotta Secure Them All—Enterprise Apps!
  • Android Management: Embrace the Flavors and Flexibility of Android

The post VMware AirWatch Android Enterprise Enhancements appeared first on VMware End-User Computing Blog.

Read more..

Profiling Applications with VMware User Environment Manager, Part 2: Applying and Troubleshooting Predefined Settings

In Part 1 of this blog series, you were introduced to the VMware User Environment Manager Application Profiler. In Part 2 we will profile a popular video playback application called VLC Media Player, capture specific application settings, apply these as predefined settings when an end user launches the application, and explore troubleshooting techniques as needed.

Introduction

Configuring a specific toolbar layout, setting a region-specific language, disabling automatic updates—these are just a few of many reasons IT might want to configure predefined application settings. Unfortunately, this is not always a simple task. Software vendors store configuration data in a variety of locations, and various packaging and deployment technologies have their own methods for customizing application settings.

VMware User Environment Manager provides an easy and consistent way to apply and enforce predefined settings for all your Windows applications. We will use the Application Profiler tool to capture these settings.

Environment

Installing Application Profiler and performing the initial profiling process is outside the scope of this blog post, and is well-documented in the VMware User Environment Manager Application Profiler Administration Guide. This blog post will focus on the advanced scenario of troubleshooting a profiled application.

The following describes the configuration used to profile VLC. For a comprehensive list of supported operating systems for Application Profiler, see the VMware User Environment Manager Application Profiler Administration Guide.

Application Packaging and Profiling Machine Configuration (Profiling VM)

The application packaging and profiling machine (also called the profiling VM) is configured with the following:

  • Windows 10 Anniversary Update (AU) VM.
  • VMware App Volumes Agent version 2.12.
  • VMware User Environment Manager Application Profiler version 9.1.
  • svc-profiler domain account has local administrative privileges.

 

The App Volumes Agent is an optional component, and is part of the VMware End-User-Computing JMP Solution. This agent is included so the same VM can be used to build an App Volumes AppStack for application deployment, and to profile the application for personalization with User Environment Manager. If you would like to learn more, or include App Volumes in your environment, refer to the App Volumes Reviewer&#rsquo;s Guide.

End-User Machine Configuration

The end-user machine in this example has the following configuration:

  • Windows 10 AU
  • VMware App Volumes Agent version 2.12.
  • VMware User Environment Manager FlexEngine version 9.1.
  • jspencer is a standard end user domain account.

Application Profiling

VLC Media Player version 2.2.4 was captured to an App Volumes AppStack using all default installation options. The AppStack was then used to deliver VLC to the profiling VM. During the User Environment Manager application profiling process, the View > Playlist setting was selected for the default view.

Note: Playlist is the item being selected. Docked Playlist is a default setting, independent of Playlist.

Upon completion of the profiling process, we see that the configuration change was written to the file system, in the %AppData%vlc folder.

Selecting Config File with Predefined Settings from Application Profiler produces four files:

  • INI – User Environment Manager configuration file containing the import and export locations. This file defines the parameters for User Environment Manager to manage the application.
  • ICO – Icon used by User Environment Manager Management Console and the Self-Support tool.
  • FLAG – Flag file for FlexEngine, when DirectFlex is enabled (default).
  • ZIP – Contains the predefined user settings.

I prefer to modify the Default Save Path so saved files are automatically added to User Environment Manager.

While you may be tempted to open and edit the ZIP file directly from Windows Explorer, it is critical that the Edit Profile Archive button be used instead. User Environment Manager uses the standard ZIP file format to prevent the creation of proprietary file formats, but the writes to and reads from the ZIP files are optimized for performance. Using tools outside of User Environment Manager to edit these ZIP files makes them unreadable by FlexEngine.

By editing the profile archive, we can browse the contents and make changes as needed.

Notice that VLC uses an INI file to record the user settings. When View > Playlist was selected during application profiling, playlist-visible=true was recorded in the INI. However, there are a number of additional settings that were automatically recorded in the INI.

When configuring predefined application settings, user settings that are stored in an INI file may result in different behavior than user settings stored in registry keys. We will come back to predefined settings later in this post.

For now, we are going to take a step back and run the application profiling process again for VLC. This time, View > Playlist is selected, and Tools > Preferences > Menus Language is configured for French.

Upon completion of the profiling process, we see that the configuration changes were written to the file system, in the %AppData%vlc folder, and to the registry, in HKCUSoftwareVideoLAN.

When we edit the profile archive this time, we see both AppData and Registry folders.

While it is not a common practice for application vendors, this version of VLC Media Player stores the language setting in the registry, while a variety of other user settings are stored in an INI file.

As mentioned in Part 1 of this series on the Application Profiler it is important to &#rsquo;know thine app.&#rdquo;

Configuring and Applying Predefined Settings

To configure and apply the predefined settings, we use the User Environment Manager Management Console.

The VMware User Environment Manager Administration Guide provides a detailed description of the four types of predefined settings you can choose from. For our purposes, we will configure VLC Media Player predefined settings to Partially Enforced Settings. Partially Enforced Settings are applied after the user profile archive has been imported. This effectively merges the user personal settings with the partially enforced settings. In case of a conflict, the partially enforced settings win and overwrite the user personal settings.

To test our configuration, I will log in to a View instant-clone desktop in as jspencer. The same App Volumes AppStack that was used to deliver VLC to the application-packaging VM is used to dynamically deliver VLC to the VM when I log in. When I launch VLC for the first time, the menus are in French, and the interface is configured for Playlist view. Success!

While logged in as jspencer, I will disable the Playlist view, change the language to American English, and clear all of the check boxes on this preferences page.

Based on the way the Partially Enforced Settings option is designed to behave, we would expect the following behavior the next time VLC is opened by jspencer:

  • The menus will be in French and the Playlist view will be enabled. This is because both settings were configured during application profiling, and applied as partially enforced predefined settings.
  • The check boxes cleared on the preferences page will remain cleared. This is because these settings are not specified by the predefined settings, and are therefore user settings that will be stored in the user-profile archive.

After closing and re-opening the application, we see that all of my changes were discarded, including the check boxes on the preferences page. This is not what we expected!

But why did this happen?

We are seeing the result of an application storing its user settings in an INI file. To understand this, let us look at the workflow when a user logs in to a Windows desktop with User Environment Manager enabled.

  1. User logs in.
  2. User profile archive, including any custom user settings, is imported to Windows.
  3. Predefined application settings are imported to Windows.

User Environment Manager behaves differently during Step 3 depending on whether the application settings are stored in the registry or in an INI file.

User Environment Manager can parse individual registry settings. You might think of this as merging only the specified, predefined registry keys to the Windows registry. In our test case, only the language setting is forced on the end user by the predefined application settings registry import. Any other user settings that happen to get recorded in HKCUSoftwareVideoLAN are preserved for the end user. This enables IT to enforce specific application settings, while granting the end user flexibility to customize and preserve any other settings.

When applications store configuration data in files (INI,XML, or others), User Environment Manager can only overwrite the entire file. In our test case, the Playlist view predefined setting is stored in an INI file. That file is part of the predefined applications settings that are applied after the user profile archive is imported. The user jspencer made several changes (cleared check boxes) to the preferences page, which were stored in that same INI file. Going back to the previous workflow, the problem becomes apparent.

  1. User login.
  2. User profile archive, including the INI file customized per the user settings, is imported to Windows.
  3. Predefined application settings, including a copy of the INI file created during the application profiling process, overwrites the INI file imported in Step 2.

Another Issue with Text Files

Even though I am logged in to the end-user VM as jspencer, browsing to the VLC application settings INI shows a value that includes the user name (svc-profiler) of the account that was used during the application profiling process.

The intended behavior is for this line to be populated with the user name of the currently logged-in user—jspencer in this case.

User Environment Manager supports using placeholders to accommodate variables in text files.

Editing the profile archive allows us to modify the text file manually. In this case, I have replaced jspencer with the system variable %username%. See the User Environment Manager Administration Guide for proper syntax and usage.

Now when jspencer runs the application, the user name is properly reflected in the INI.

Conclusion

The following is a brief summary of the application profiling concepts and practices covered in this blog post, which you can apply to your own applications.

  • Always use the Application Profiler or the User Environment Manager tools to edit a profile archive ZIP
  • Applications might store user settings in the registry, in files, or both. Taking the time to fully understand the way your application behaves (&#rsquo;know thine app&#rdquo;) will ensure successful application profiling.
  • When applications store user settings in an INI file, the intended behavior of partially enforced predefined settings might
  • When applications store user settings in a file, values from the profiling VM or profiling user account might be preserved in the predefined application settings. Placeholders enable the use of system variables to address this possibility.

 

The post Profiling Applications with VMware User Environment Manager, Part 2: Applying and Troubleshooting Predefined Settings appeared first on VMware End-User Computing Blog.

Read more..

Go Que Newsroom Categories

Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 40 bytes)
in /home/content/36/8658336/html/goquecom/wp-includes/wp-db.php on line 2022

Query Monitor