Horizon on Azure Sync to ControlUp
    • Dark
      Light
    • PDF

    Horizon on Azure Sync to ControlUp

    • Dark
      Light
    • PDF

    Article Summary

    Important

    Maintenance of the VMware Horizon on Azure sync script has been discontinued and there are known issues with the script. It might not work in your environment.

    Using our synchronization scripts, you can automatically populate the ControlUp organizational tree with your Horizon VDI running on the Azure cloud. Our sync script is run as a Windows scheduled task so that when you add or remove machines, those changes are automatically reflected in the organizational tree in ControlUp. You don't have to make any of those changes manually. When the script is run, your ControlUp organization reflects your current Horizon VDI for monitoring and remediation.

    • The sync script is written in PowerShell and stored in our GitHub repository .
    • You must run the credentials script twice for the dual authentication required by Horizon Cloud.
    • You set the Windows scheduled task to run the sync script on the ControlUp monitor machine.

    Prerequisites

    • The sync has to be performed on a machine that has the ControlUp Monitor component installed. You can read about Adding a ControlUp Monitor.
    • The ControlUp Monitor must be version 8.1.5.600 or higher.
    • The user running the scripts must have a local profile on the ControlUp Monitor machine. Ensure that the same user logs onto the machine at some point before running the scripts.

    1. Access the scripts from our GitHub repository

    You download the sync scripts from our GitHub repository of environment scripts which also includes synchronization scripts for other environments, including Horizon installed on-premises.

    1. Download the following scripts:
      Store credentials.ps1
      Horizon_Azure_Sync.ps1
      Build-CUTree.ps1
    2. Copy these scripts to the machine running the ControlUp Monitor. These scrips must reside in the same folder on the Monitor machine.
    3. Optionally , in a PowerShell window, run this command to see the script's parameters, their descriptions, and default values:
    get-help \< *path to the file* >\Horizon_Azure_Sync.ps1
    

    Input Parameters

    Here are the parameters in the sync script Horizon_Azure_Sync.ps1. These are the parameters to assign when adding the argument in step 3. Set up a Windows Scheduled Task.

    NameDescription
    folderPath*Mandatory. The target folder in the ControlUp organizational tree to save these objects.
    previewDisplays the expected results without committing any changes to the ControlUp environment.
    base

    The base of the URL shown after manual logon to the Horizon Azure admin portal.

    For example in this URL: https://cloud-us-2.horizon.vmware.com/horizonadmin, the base would be cloud-us-2.

    deleteEnables the script to execute removing objects from the ControlUp organizational tree. Use with the Preview parameter to see the proposed changes before making them.
    logfileSpecify a text file to log the output. Can be used for debugging and with the preview parameter to see the proposed changes. Log data is appended to this file with each run of the script.
    siteSpecify a ControlUp Monitor site to assign the objects. Default value: default
    batchCreateFolders
    Create folders in batches rather than individually
    force
    Force folder creation if number exceeds safe limit
    SmtpServer
    Smtp server to send alert emails from
    emailFrom
    Email address to send alert email from
    emailTo
    Email addresses to send alert email to
    emailUseSSL
    Use SSL to send email alert

    2. Create the credentials files by running the Store_credentials.ps1 script

    The Horizon on Azure Cloud requires dual authentication. To run the scheduled task on the ControlUp Monitor machine, you need both sets of credentials. Therefore you have to run the Store_credentials.ps1 script twice to create those credentials files to access both:

    • The MyVMware site.
    • The Horizon Cloud Active Directory.

    To create the required credentials files:

    1. Access the ControlUp Monitor machine as the user who will be running the scheduled task.
    2. On the Monitor machine, go to the folder where you saved the Store_credentials.ps1 script.
    3. Run a PowerShell prompt.
    4. Run this command:
    & '.\store credentials' -credential $null -credentialType  HorizonCloudmyVMware 
    
    Note:

    If you are not in the same folder as where the store_credentials.ps1 script is saved, you must give the full path after the.

    1. When prompted, enter the User name and Password to access the MyVMware site.
      360015314518CredentialPromptMyVMware.jpg
    2. Run this command from the same folder as the script:
    & '.\store credentials' -credential $null -credentialType    HorizonCloudDomain 
    
    1. When prompted, enter the User name and Password as the domain\username used to access the Horizon Cloud site.
      360015314578CredentialPromptCloudDomain.jpg

    Once you have run the script twice, two encrypted .xml files are created in this folder on the ControlUp Monitor machine: C:\ProgramData\ControlUp\ScriptSupport.

    The names of those encrypted files include the user who ran these scripts and must be the same user to run the scheduled task. The user who ran the scripts and created these encrypted files is admingle.

    360015255597CredentialFiles.jpg

    If you are running the scheduled task under a different account, you need to run the script again twice to set up new credentials files as these can be used only by the account that created them on the same machine they were created.

    3. Set up a Windows Scheduled Task

    Follow the steps in this article to create the Windows Scheduled Task.

    In the Windows Local Security Policy, ensure that this user’s role has Log on as a batch job properties.
    360015314878LogOnAsABatch.jpg
    The credential tasks are set to run powershell.exe with these command lines for the create and delete tasks respectively:

    -ExecutionPolicy RemoteSigned -NoLogo -File "C:\CU Environment Sync Scripts\Horizon_Azure_Sync.
    ps1"   -folderPath "\Datacenter\Virtual Desktops\Horizon Cloud"   -logfile "C:\CU Environment Sync Scripts\HZ Azure Sync.log" -base "cloud-us-2"
    
    -ExecutionPolicy RemoteSigned -NoLogo -File "C:\CU Environment Sync Scripts\Horizon_Azure_Sync.
    ps1"   -folderPath "\Datacenter\Virtual Desktops\Horizon Cloud"   -logfile "C:\CU Environment Sync Scripts\HZ Azure Sync Deletes.log" -base "cloud-us-2" -Delete
    

    Was this article helpful?