vCAC’s Advanced Service Designer (ASD) provides a quick-fix for this needed capability using rather unsophisticated means. This use case guide will walk you on building a Desktop Request service using the ASD and vCenter Orchestrator's Active Directory Plug-in.
DaaS Use Case Objectives:
- Allow cloud users to request a Horizon View Desktop machine from vCAC’s Service Catalog and add Self-Service, Governance, and Entitlement to existing View Environments
- Use vCAC’s Advanced Service Designer to create a Custom Service to deliver DaaS
- Configure a Governance (Approval) policy for VDI Desktop Requests
- Utilize vCO’s built-in Active Directory plug-in and a simple workflow to do the magic
- Horizon View is configured with 2 Desktop Pools:
- Floating Desktop Pool: DaaS-Engineering
- Dedicated Desktop Pool: DaaS-Operations
- Both pools are configured to pre-provision 20 (e.g.) desktops and always have 5 desktops available (unused) in the pool
- Each pool is entitled to an existing Active Directory Security Group
- DaaS-Engineering -> “DaaS-Eng”
- DaaS-Development-> “DaaS-Ops”
- A "Desktop Services" catalog item is created using the Advanced Service Designer, which utilizes an existing vCO Active Directory [plug-in] workflow "add a user to a group"
- When invoked, the user selects an AD User and one of 2 available Groups
- Once submitted, vCO adds the selected user to the selected group, which entitles the user that that group (and associated View Pool)
XaaS Lab Logical Architecture
This guide assumes you have good working knowledge of vCloud Automation Center 6.0 and Horizon View 5.x, as well as familiarity with vCAC’s UI and operational concepts.
vCAC’s XaaS functionality leverages vCenter Orchestrator workflows – you should have a basic understanding of configuring and using vCO for this use case (and any XaaS use case for that matter).
vCloud Automation Center 6.0:
- At least 1 Tenant configured (this use case uses “Ops” and “Eng” tenants)
- Verify vCenter Orchestrator Interoperability (I’m using the built-in vCO instance)
- Configure at least 2 Desktop Pools that are entitled to a corresponding Active Directory group
- Desktop Pool “DaaS-Operations” entitled to AD group “DaaS-Ops”
- Desktop Pool “DaaS-Engineering” entitled to AD group “DaaS-Eng”
- Use Floating Pools with Automatic assignment configured
- Linked Clones Optional (used in my lab)
- vCAC <-> vCO integration functional->
- vCO Active Directory Plug-In properly configured and tested
- vCO AD Plug-In configured to use account with appropriate AD permissions (read/write)
- AD Groups DaaS-Ops & DaaS-Eng created per the guide
Click on the image or HERE to download the full guide