Home > Blogs > Horizon Tech Blog


Horizon Mobile Steps for a Simple POC

I’ve been getting asked quite a bit around what steps should be taken for doing a simple Proof of Concept (POC) of Horizon Mobile so I figured I would take the time to write up a few steps, some tips, and references.

First off, some things to work through…

  1. Do you have a demo lab?
  2. Having a Demo Lab is a great way to test anything. If you don’t have a demo lab environment which runs separate from your production environment, now might be a great time to set one up. Make sure you have a few things in it, such as…

    • vSphere/vCenter (of course)
    • Active Directory
    • DNS
    • DHCP
    • WiFi (preferably secured)

  3. Does your demo lab have Internet access?
  4. While Internet access isn’t a necessity for everyone’s Demo Lab, it is nice to have. Just remember to protect the demo lab as you would the production network. It’s especially good to have the Demo Lab on a completely separate network segment to keep it separate from production.

So now on to the Horizon Mobile Proof of Concept.

Simple HMM POC Steps:

  1. Decide upon a static IP and Fully Qualified Domain Name (FQDN). A static IP is required. If using a signed SSL Certificate (public or private), DNS is also required.
  2. Setup DNS records. Both internal and external FQDN names (external is only necessary if external/over the Internet access is going to be tested). Make sure to setup a forward lookup (A Record) which resolves to the SSL Certificate if an SSL Certificate is used. Reverse lookup (Pointer) is not necessary but recommended.
  3. Load Horizon Mobile Virtual Appliance OVA into vCenter/vSphere.
  4. While you are waiting for the previous step to complete, go get your environment email settings – specifically the SMTP server settings, including the authentication settings. This is necessary for the setup of the appliance.
  5. Configure the appliance. This will be the general settings in the console and the Web UI once the console boots up completely. These settings will include the IP configurations, and the Hostname
    • If you DO NOT have email setup, you need to do that now. This is probably the most challenging part of the whole Horizon Mobile POC setup as this requires finding all of the SMTP settings of your environment (server, SSL, Port, User Authentication, a test email sent and received with activation code, and that code entered into the correct box). Once this is done, DO NOT DO ANY OTHER MODIFICATIONS – Just click SAVE AND RESTART.
    • If email is setup, continue on.

  6. Attach the Horizon Mobile Appliance to your Active Directory.
  7. SSL Certificates are not a necessity for a Proof of Concept (POC). However, for public or custom private SSL certs you’ll want to first obtain the certificates and convert them to PEM format, including the any intermediary and parent certificates as well as the private key. If you don’t have a certificate chain file, you’ll also want to create this in PEM format. To make this, simply text copy the PEM certificates from all PEM files into one PEM file starting with your certificate, any intermediate certificates, then the parent certificate as shown below.
  8. SSL Key Chain:

    —–BEGIN CERTIFICATE—– (your cert)
    MIIGtzCCBZ+gAwIBAgIQBwPKfHC+TljzcsiAH1ob8zANBgkqhkiG9w0BAQUFADBm

    —–END CERTIFICATE—–
    —–BEGIN CERTIFICATE—– (sub/intermediate)
    MIIGWDCCBUCgAwIBAgIQCl8RTQNbF5EX0u/UA4w/OzANBgkqhkiG9w0BAQUFADBs

    —–END CERTIFICATE—–
    —–BEGIN CERTIFICATE—– (root/parent)
    MIIFBzCCA++gAwIBAgIETA6m2zANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML

    —–END CERTIFICATE—–

    • Load your public or private SSL certificates into the Web UI.
    • Here you will login to the Web console of you Horizon Mobile appliance and select the Security section in the left-side pane. In the top Window of the Security section there is an Upload New Certificate link to load in your certificates. Remember to load in ALL certificates, including the child, any intermediate certificates, and the parent.
      WARNING: Do this before loading in any phones!

    • Load your public or private SSL certificates into the appliance console.
    • For this, you will need to enable SSH/SCP root login on the appliance (just modify line 41 of the /etc/ssh/sshd_config file and restart SSHD using the /etc/rc.d/sshd restart command. Once you can SCP/SSH into the Horizon Mobile appliance, you’ll need to load up the certificates. Here, it’s best to follow the Horizon Mobile Manager Installation and Configuration Guide – starting at page 23.

  9. Load any other Android apps desired. It should be noted, many Android applications (APK files) can be downloaded directly from the respective software manufacturer’s web site.
  10. Within the Web UI, create any Horizon Mobile Groups, Templates, and Policies. Following the on-screen steps here will greatly help. This step is not absolutely necessary but doing so shows additional options within the Horizon Mobile appliance which may provide solutions to current situations.
  11. Horizon Mobile Getting Started

  12. Import your users from your Active Directory and assign them to the Horizon Mobile groups. If no Active Directory is setup, then use internal LDAP (User01 – UserXX).
  13. Now it’s time to load the VMware Switch application from Google play and test your setup!

VMware Switch Setup Instructions:

NOTE: It is strongly suggested VMware Switch setup on the Horizon Mobile device be done over Wifi.

  1. Download the VMware Switch app from Google Play.  Search for “VMware Test” or “VMware Switch”. This should be the latest version.
  2. NOTE:  You’ll need a Google Play account to do this.  I suggest setting up a Google account and using the email piece to “demo” the personal phone side of things.  Makes for a nice touch.

  3. Once VMware Switch is installed onto the device, start the VMware Switch app.
  4. Login with your Username, Password, and Horizon Mobile Server (a.k.a. the Appliance).
  5. NOTE:  If you have any SSL Certificate issues when entering the HMM Server, then in order to disable the SSL certificate warning, on the Android mobile device go to HOME | SETTINGS | APPS | DOWNLOADED (scroll to ALL APPS) | VMware Switch | Manage Space and UNCHECK Authenticate Server. Then go back into VMware Switch and login with the configured User, Password and Server.

See the VMware Horizon Mobile web site for a list of Resources, including some “Getting Started” videos

This entry was posted in Android, Horizon Mobile and tagged , , on by .
Dean Flaming

About Dean Flaming

Dean is currently an EUC Architect and member of the VMware End User Computing Enablement and Lighthouse Support teams, working to develop communications and IP around VMware End User Computing products and solutions as well as support many various Lighthouse accounts with their own EUC practices. Prior to this, from 2008 through 2012 Dean was one of VMware's End User Computing Specialists. Throughout his time at VMware, Dean has also written and published various articles, videos, and podcasts regarding VMware's EUC Solutions.