When you install the Virtual Desktop Agent (VDA) on a VDI computer, you can use Active Directory or the local computer Registry to find Desktop Controllers (DDCs). If you have multiple domain the VDI computers and the DDCs need to be in a common domain (or in a trusted AD domain).
To use AD an Organisational Unit (OU) is created and contains the DDCs for the site. You can create the OU in the installation or if you create the OU manually run the PowerShell script called Set-ADControllerDiscovery.ps1
XenDesktop creates the following objects:
- A Controllers security group (all controllers in the site must be in this group)
- The DDCs must have the 'Access this computer from the network' permission so give the DDCs security group this privilege
- A container called RegistrationServices is created in the OU for the each XenDesktop site. This contains one SCP object for each controller in the site
- A Service Connection Point (SCP) object contains the information about the XenDesktop site
- The SCP is created when the Set-ADControllerDiscovery.ps1 script is run. Each time the controller starts, it validates the contents of its SCP and updates them if necessary
Administrators of XenDesktop require permissions to create and delete children on the RegistrationServices container and to set properties on the Controllers security group. These permissions are granted automatically by running the Set-ADControllerDiscovery.ps1 script as the new administrator.
Information is updated in Active Directory when the following happen:
- Installing XenDesktop
- Uninstalling XenDesktop
- When a DDC starts
- When a DDC update the information in its SCP
- Or when Set-ADControllerDiscovery.ps1 is run
No comments:
Post a Comment