The Scenario

The following procedure guides you through a Connection Broker setup that satisfies the following scenario.

The following procedure assumes that you already completed the following steps. Please, see the referenced section of the Leostream documentation if you have not completed each step.

1. The Connection Broker virtual appliance is installed in your virtualization layer (see the Leostream Installation Guide)

2. You have logged into the Connection Broker Administrator Web interface and entered your license key (See “Entering Your License Key” in the Connection Broker Administrator’s Guide)

3. You have configured your Connection Broker network settings (see “Setting Network Configuration and Connection Broker VIP” in the Connection Broker Administrator’s Guide)

Procedure

Step 1: Register virtual machines and applications with the Connection Broker

In order for the Connection Broker to assign virtual machines and applications to end users, you must first tell the Connection Broker about the external systems that host the VMs or publish the applications.

Leostream defines centers as the external systems that inform the Connection Broker about desktops, applications, and other resources (such printers, and Teradici PC-over-IP host devices) that are available for assignment to end users.

In this scenario, you must create two centers: one for the virtual machines hosted in XenServer and another for the applications published in XenApp.

To define a center for XenServer:

1. Go to the > Resources > Centers page, shown in the following figure.

2. Click the Add Center link, as shown in the following figure.

3. The Add Center form opens. Fill in the form with the appropriate information for your center. For example, the following form creates a center for Citrix XenServer.

4. Click Save. The > Resources > Centers page shows the new center, and indicates that the center is refreshing, as shown in the following figure.

5. To view the desktops that the Connection Broker registered from the center, go to the > Resources > Desktops page, shown in the following figure.

To create a center for XenApp:

1. Return to the > Resources > Centers page.

2. Click the Add Center link.

3. The Add Center form opens. Fill in the form with the appropriate information to create a Citrix XenApp center, for example:

4. Click Save. The > Resources > Centers page now shows both of the centers.

5. To view the applications that the Connection Broker registered from the center, go to the > Resources > Applications page, shown in the following figure

Step 2: Grouping desktops and applications into pools

After you create your centers and the Connection Broker registers all your desktops and applications, you can combine the desktops or applications into logical groups, or pools. Use pools to create sets of resources that have similar attributes, or come from the same center. Creating pools is optional, but provides convenience and flexibility when configuring your Connection Broker.

The Leostream Connection Broker defines a pool as any group of desktops or applications.

Creating Desktop Pools

For this example, create a nested desktop pool, where the top level pool contains all the desktops hosted in XenServer and the inner level pool contains only the desktops running a Microsoft Windows XP operating system. To create these desktop pools:

1. Go to the > Resources > Pools page, show in the following figure.

2. Click the Create Pool link, as shown in the following figure.

3. The Create Pool form opens. Fill in the form to create the top level pool, containing all virtual machines hosted in XenServer, for example:

4. Click Save. The > Resources > Pools page shows the new pool, indented under its parent pool, as shown in the following figure.

5. For this example, click the Create Pool link to create a second desktop pool.

6. Configure the Create Pool for, as shown in the following figure, to create a pool that is the subset of the XenServer VMs pool running a Windows XP operating system.

7. Click Save. The > Resources > Pools page shows the new pool, indented under its parent pool, as shown in the following figure.

Creating Application Pools

For this example, create an application pool that is a subset of all the applications published in the XenApp farm. The Connection Broker offers the user only the applications contained in their assigned application pool.

To create an application pool:

1. Click the Create Pool link.

2. Configure the Create Pool from, as shown in the following figure.

3. Click Save. The > Resources > Pools page now contains the new application pool, as shown in the following figure.

Step 3: Creating Protocol, Power Control, and Release Plans

After you create your desktop pools, define the behaviors you want to assign to the desktops in those pools. To perform this step, ask yourself the following questions.

• What remote viewer protocols do I want the user to use when connecting to their desktops?

• How do I want to manage the power state of each desktop, for example, should it be turned off when the user logs out?

• How long do I want my user to be able to use a particular desktop, and claim it for their use? For example, if the user logs out, should they remain assigned to that desktop, or should another user be able to log into that desktop?

The Leostream Connection Broker defines a plan as a set of behaviors that can be applied to any number of pools. This step describes the three pool-based plans: 1) Protocol, 2) Power Control, and 3) Release.

Creating Protocol Plans

When using a Wyse V10L thin client, as in this example, the protocol plan allows you to specify the configuration file for the RDP connections to desktops and for the ICA connections to XenApp resources.

To create a Protocol plan:

1. Go to the > Plans > Protocol page, shown in the following figure.

2. For this example, click the Edit action associated with the Default protocol plan, as shown in the following figure, to check the RDP and ICA settings for connections established from a Wyse thin client.

The Edit Protocol Plan form opens, shown in part in the following figure. The Leostream Connect and Thin Clients Writing to Leostream API and Web Browser sections do not apply in this example.

”

3. Scroll down to the Wyse Configuration section, shown in the following figure.

• The Desktop configuration file configures the parameters used when launching an RDP connection to any of the desktops in a desktop pool.
• The Application configuration file configures the parameters used when launching an ICA connection to any of the resources in an application pool.

See the Wyse documentation for information on writing files for establishing connections.

The remainder of the form configures desktop connections made from a Teradici PC-over-IP client or HP SAM client device.

4. Click Save.

Creating Power Control Plans

Power control plans define what happens to the desktop’s power state when the user disconnects or logs out of the desktop. Power control plans do not apply to desktops published in a XenApp farm.

This example uses the Default power control plan, which does not modify the VMs power state. If you do need to create a Power Control plan:

1. Go to the > Plans > Power Control page, shown in the following figure.

2. Click the Create Power Control Plan link, to build a new Power Control plan.

3. The Create Power Control Plan form opens. Fill in the form with the appropriate information. For example, the following form creates a plan that suspends the desktop when the user logs out.

4. Click Save.

Creating Release Plans

Release plans determine whether a desktop is persistent or non-persistent.

The Leostream Connection Broker defines a persistent desktop as a desktop that is continuously assigned to a particular user, i.e., the desktop is never released back to its pool. A non-persistent desktop is a desktop that is released to its pool. Non-persistent desktops rely on their Power Control plan to determine if they should be reverted to a clean snapshot after the desktop is released.

To create a Release plan:

1. Go to the > Plans > Release page, shown in the following figure.

2. To create a Release plan that models a persistent desktop, click the Create Release Plan link, as shown in the following figure

3. The Create Release Plan form opens. Fill in the form with the appropriate information. For example, to create a Release plan for persistent desktops, ensure that the desktop is not released to its pool when the user logs out, as shown in the following figure

4. Click Save. The new Release Plan appears on the > Plans > Release page, shown in the following figure.

The Leostream Connection Broker defines a rogue user as a user that has remotely logged into a desktop, but whose remote session is not managed by the Connection Broker. A rogue user can be a user that natively launched, for example, an RDP session to the desktop. Alternatively, a rogue user could be a user who logged into the desktop via the Connection Broker, but the Connection Broker subsequently released the desktop back to its pool before the user logged out.

Step 4: Defining Connection Broker Roles

Because this example allows the user to restart their desktop, you must assign your users a Connection Broker that gives them permission to access the restart functionality.

The Leostream Connection Broker defines a role as a set of permissions that define the functionality an end user is allowed to access when they log into the Leostream Web client or Connection Broker Administrator Web interface.

The Connection Broker provides two default roles:

• The Administrator role is for users that should have full access to the Connection Broker Administrator Web interface. A user with this role cannot log into the Leostream Web client.

• The User role, by default, is for users with no access to the Connection Broker Administrator Web interface. A user with this role can log into the Leostream Web client to access their desktops.

You can modify the default User role, or create new roles, as necessary. For this example, modify the default User role to allow users to restart their desktops, as follows.

1. Go to the > Users > Roles page, shown in the following figure.

2. Click the Edit link associated with the User role, shown in the previous figure. The Edit Role form opens.

3. To allow users to restart their desktops, select the Allow user to power desktops on or off option, as shown in the following figure

4. Click Save.

Step 5: Building Connection Broker Policies

After you define your pools and plans, build policies that assign the plans to desktops.

The Leostream Connection Broker defines a policy as a set of rules that determine how desktops are offered, connected, and managed for a particular user, including: what specific desktops are offered; what remote viewer protocol is used to connect to those desktops, which Power Control and Release plans are applied to those desktops, what USB devices the user can access in their remote desktop; and more.

For this example, create a policy that offers one desktop from the pool of Window XP desktops and offers all the applications in the QA Applications pool, as follows:

1. Go to the > Users > Policies page, shown in the following figure.

2. To create a new policy, click the Create Policy link, as shown in the following figure.

3. The Create Policy form opens. Fill in the form with the appropriate information, as shown in the following figures. In this step, enter a name for the policy that will assign your persistent desktop.

4. Select a pool to use for this policy, as shown in the following figure

5. The When User Logs into Connection Broker section, shown in the following figure, tells the Connection Broker how to pull desktops from the selected pool. In this example, the Connection Broker offers one desktop from the pool. That desktop must have an installed Leostream Agent and must be running. The Allow users to reset offered desktops option is set to Shutdown and Start, indicating that the user can manually restart their desktop, as necessary.

Note: Use the Allow users to reset offered desktops option to indicate which pools contain desktops that the restart option. The user’s role then indicates if the user is to restart these desktops.

6. The When User is Assigned to Desktop section, shown in the following figure, tells the Connection Broker how to manage a desktop when the user actually connects to that desktop.

7. Finally, to complete the Desktop Assignment from Pools section, in the Plans section, select the Protocol, Power Control, and Release plans defined in step 3, as shown in the following figure.

8. After you configure the Desktop Assignment from Pools section, you can indicate if the policy also offers Citrix XenApp applications. For this example, select the application pool created in step 2.

The next two steps are provided for informational purposes. You do not need to modify any options in these sections to complete this example.

9. The Desktop Hard Assignments section allows you to configure how the Connection Broker manages desktops that are hard assigned to a user or a particular client device.

10. The Connection Broker uses the settings in the Desktop Assignment from Pools section to determine which desktops to offer from each pool. You can optionally filter the pool prior to the Connection Broker choosing desktops. This example does not use the Filters section, which is shown for reference in the following figure.

11. Click Save. The new policy is listed on the > Resources > Policies page, shown in the following figure.

Step 6: Adding an Authentication Server

After you have your pools and policies configured, setup your authentication server in the Connection Broker.

1. Go to the > Users > Authentication Servers page.

2. Click the Add Authentication Server link, as shown in the following figure.

3. The Add Authentication Server form opens. Fill in the form with the appropriate information for your authentication server, as shown in the following figure.

4. Click Next >. The second page of the Add Authentication Server form opens. Enter your domain name, and confirm the information from the previous form is correct, as shown in the following figure.

5. Specify where in the Active Directory tree the Connection Broker begins searching for users, and what field the Connection Broker uses to match login names against, as shown in the following figure.

At this point, your authentication server setup is complete, and you could scroll down and click Save. To follow through this example, however, leave the Add Authentication Server form open and proceed to step 7.

Step 7: Assigning Policies to Users

Step 7 builds on step 6 using the Add Authentication Server form.

If you clicked Save to close the Add Authentication Server form, use the Edit action associated with the authentication server to open the Edit Authentication Server form.

1. Use the Assigning User Role and Policy section to assign policies to users based on the user’s Active Directory membership.

2. After all the rules are configured, set a default role and policy to apply to users that are not assigned a policy by one of the rules, as shown in the following figure.

3. Select any final options to apply to this authentication server, as shown in the following figure.

4. Click Save to save any changes to the authentication server.

Your basic Connection Broker configuration is complete, and you can now test your setup.

Step 8: Testing a User Login

The following procedure allows you to test if your policies and authentication servers are correctly configured.

1. Go to the > Users > Users page, shown in the following figure.

2. Click the Test Login link, shown in the previous figure. The Login Test dialog opens.

3. Specify the test parameters, shown in the following figure.

4. Click Test to display the results, described in the following figure.