Occasionally you may come across a requirement for an App-V application to write to the native registry (i.e. that of the desktop which the App-V client is installed on).

By default all App-V applications write their registry keys and values to the virtual registry specific to that published App-V.

That same virtual registry may contain registry keys created during the installation and sequencing of an application. It is possible to exclude certain registry paths during the sequencing, but any new keys will still be created in the virtual registry at exection time.

An App-V application can see both the virtual registry and the native registry (also known as merge).

As you may already know, VMware have disabled the popular memory management and memory saving feature; Transparent Page Sharing (TPS) in later releases of ESXi by default.

ESXi 5.1U3 and future Update releases of ESXi 5.0 and 5.5 including ESXi 6.x have TPS disabled, however this can be enabled in the advanced settings of the host.

Technically it's still there and enabled but it is only creating pointers for duplicate memory pages at the individual VM level, so there is no inter-VM page sharing taking place.

 

If you don't know the full details of why this is you can read all about it on VMware's KB..

Security considerations and disallowing inter-Virtual Machine Transparent Page Sharing (2080735)

http://kb.vmware.com/kb/2080735

 

When it comes to a Horizon View deployment with desktop pools containing 100's of desktops this is a feature which saves lot of physical memory on the ESXi hosts, by creating pointers to an identical page in memory rather than duplicating a page.

Having this disabled by default can cause the design and specification of a Horizon View environment to change significantly, as memory saving of between 10% and 40% can be achieved with it enabled.

If you are upgrading an existing View environment you need to be acutely aware of this, as you the memory on your hosts may become contented if you were close to the limit.

 

If you have assessed and approved the security risk associated with enabling TPS in a desktop environment, you can from within the nice Horizon View web GUI enable TPS based on a desktop pool setting.

Following an update within Windows 8.1 Update 1 the mouse cursor within a VMware View desktop my occasionally disappear.

When locking the desktop (ctrl+alt+del) and subsequently unlocking the desktop, it can be noted that the cursor has disappeared.

You may however notice some objects are highlighted as you move the mouse.

Reconnecting the desktop session or logging off/on allows the cursor to return.

 

This can be resolved by disabling cursor suppression in the registry; by doing so in either your master image and recomposing the desktop pools, or creating the reg key in a group policy preference and restarting all the desktops.

 

The VMware View Agent which is installed in all virtual desktops (and RDS hosts) managed by Horizon View, includes the VMware Adobe Flash Optimizer internet explorer add-on.

This IE add-on is provided so the View administrator can control the flash settings for all virtual desktops in the desktop pool to optimize them for a VDI environment to improve bandwidth.

 

There are two settings which can be configured on the desktop pool (which are disabled by default):

  • Flash Quality - which controls the quality of the flash movie, reducing bandwidth requirements
  • Flash Throttling - which controls the frame rate of the flash move, again reducing the bandwidth requirements

 

When a user opens Internet Explorer they will be presented with a prompt requesting if they wish to enable or disable this add-on.

If you as the View administrator wish to control the flash settings based on the desktop pool setting, giving the user the option to disable this add-on is going to make any of those optimizations unapplicable as the add-on will not be enabled.

Additionally the user may not know what to answer, causing confusion and support calls. This should be enabled via group policy so that the user is not prompted and the add-on is enabled.

Alternatively you may choose to disable the add-on if you are not using the flash optimization settings.

 

As a consultant I perform a lot of VMware Horizon View implementations and I find several of the implementation tasks repetitive.

One of those tasks is the creation of a role within vCenter to give the service account used by View Administrator to connect to vCenter server a role with only the required permissions.

While some people use the Administrator role this is wrong and the correct permissions VMware state in the View documentation should be used.

There are two sets of permissions, there are the default required permissions for View to create full clones and power off/on desktops etc, and there are additional permissions required if View Composer is being used to create linked clones.

I created the PowerCLI script below which can be used to create a role for "Horizon View (inc Composer)" and add the required permissions documented by VMware to save myself time.

  1. Converting Server 2012 / 2012 R2 Core to GUI without Powershell
  2. VMware Horizon Workspace Error Incorrect issuer in SAML AuthnRequest
  3. Disk Consolidation Needed - Unable to access file since it is locked
  4. Office (Word/Excel/Outlook) 2010/2013 Freezes and Hangs in VDI
  5. vSphere Flash Read Cache Commands
  6. Failed to perform space reclamation on machine xxx in Pool xxx
  7. vSphere Web Client HTTP Status 404 The requested requested resource is not available
  8. Using PowerCLI to get the IP address of a VM

Share this blog post on social media:

Latest Blog Posts

Popular

Social Links

Disclaimer

All advice, installation/configuration how to guides, troubleshooting and other information on this website are provided as-is with no warranty or guarantee. Whilst the information provided is correct to the best of my knowledge, I am not reponsible for any issues that may arise using this information, and you do so at your own risk. As always before performing anything; check, double check, test and always ensure you have a backup.

Copyright ©2008-2021 Andy Barnes - Please do not copy any content including images without prior consent!

Designed and Hosted by Andy Barnes

We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

Ok Decline