Table of Contents
- Required Components
- Digital Workspace Preparation
This article is meant to serve as a guide to completing the pre-requisites for a proof-of-concept implementation. Proof-of-concepts are free of charge, and thus operate on a good faith basis. It is important that strict guiderails are set to hold both sides of the engagement accountable, both in terms of scope, and timelines.
Login Enterprise requires the ability to access and manage particular components of the infrastructure that may require coordination with peripheral teams. The number of people who may be involved depends on the size of the prospective customer's organization, and division of responsibilities therein. Those whose may be involved include, but are not limited to:
- Active Directory Administrator
- End-User Computing Administrator
- Infrastructure Administrator
- Security Administrator
- Networking Administrator
During the scoping call, it is imperative that these representatives, if applicable, are present during the planning and implementation where their input or access is required. Please raise any concerns with your respective Account team if there are foreseen challenges with this request.
Evaluation of the product takes place over the course of a month. As part of this review process we should discuss your change management process, and how long this takes. Also, we've seen change freezes take place in the middle of evaluation, and further delay the schedule. Please denote whether you expect any of this during the evaluation period.
Additionally, Virtual Users will need to be licensed for any system and application they interact with. Consider how long it may take to turnaround procurement of licensing for the following platforms, solutions, and applications:
- Microsoft Windows, RDS CALs if applicable
- Citrix and/or VMware Horizon licensing
- Office365 and/or custom application licensing
Additionally, most evaluations include the process of creating a workflow for a custom line of business application that is not included in our template library. For guidance on choosing an effective application for your evaluation, please see this article.
Note: For concerns around procuring licenses for any of the above items, or one not on the list, please bring them to the attention of your respective Account team.
For more information on hardware or software requirements, please see this article.
The Login Enterprise Virtual Appliance is delivered as a fully configured virtual machine. This virtual machine is delivered as an OVA, VHD, or VHDX. We currently support the following hypervisors:
- VMware ESXi 5.5 - 7.0 (OVA file)
- Microsoft Hyper-V - Server 2012 R2 and higher (VHDX file)
- Citrix Hypervisor 8.2 (OVA file)
- Microsoft Azure (VHD file)
To download the Virtual Appliance format that best suits your needs, see our Downloads page.
Note: You will need to be signed in to access this page. If you have any issues with accessing the downloads page or downloading the Virtual Appliance, please bring this to the attention of your respective Account team.
The Virtual Machine hosting the appliance must have, at a minimum, the following resources allocated:
- 4 vCPU
- 8GB RAM
- Storage – Pre-Configured 100 GB virtual Hard Disk
The following can serve as a checklist to validate you have accounted for all aspects of the Virtual Appliance deployment:
- Is your hypervisor on our supported list?
- Do you have authorization to make changes to the hypervisor? Does this fall under another team?
- Have you allocated the required CPU/ RAM/ Storage resources for the Virtual Appliance?
- Have you downloaded the Virtual Appliance?
- Have you imported the Virtual Appliance?
The deployment process for Azure based appliances is slightly unique compared to on-premise installations. For specific information on deploying the Virtual Appliance into Azure, see this article.
Otherwise, once the Virtual Machine is deployed, there are a few pieces of information required to complete the installation. For more information on the initial configuration of the Virtual Appliance, see this article. Once configured, please continue through this article.
The following can serve as a checklist to validate you have successfully configured the Virtual Appliance, as described in the "Configuring the Virtual Appliance For the First Time" article:
- Is the Virtual Machine hosting the Virtual Appliance able to start?
- Can you log into the Virtual Appliance Management Console?
- Can you load the Web Interface when browsing to the configured DNS name?
- Can you log into the Virtual Appliance web interface with your admin credentials?
If everything above has been accounted for, you have successfully configured your Login Enterprise Virtual Appliance.
Login Enterprise does not create Active Directory accounts, nor does it verify their existence. Login Enterprise stores Virtual User Account credentials, to be used for programmatic connections using the respective Client Connector Application (Citrix Workspace, VMware Horizon Client, RDP, Universal Web Connector).
It is recommended that the Virtual Users inherit the same GPOs that are applied to the users they are programmed to emulate. In other words, the Virtual User assigned to access a Host Pool of Knowledge Workers should have the same GPOs as the other Knowledge Workers in the Delivery Group/ Desktop Pool/ Host Pool.
For more information on Accounts within Login Enterprise, see this article.
The Logon Executable is a critical configuration that affords Login Enterprise the ability to operate without the use of an agent.
The Logon Executable (LoginPI.Logon.exe) must be executed each time a Virtual User creates a session and successfully logs in. This execution begins the process of downloading the automation engine, as well as the workflow scripts needed to perform application interactions. In more detail, this requirement can be accomplished in several ways, including the following:
- NETLOGON/ Logon Script
- shell:startup (For single-user OS scenarios)
- shell:common startup (For multi-session OS scenarios)
- Group Policy to Execute LoginPI.Logon.exe (Must be located in network accessible path)
Configuring the Logon Executable via Group Policy is the best practice. Rather than configuring the Logon Executable on a machine-by-machine basis, this allows you to quickly repurpose Virtual Users for other areas of your environment.
Note: For concerns around implementing one of the above configurations, or usability of one not on the list, please bring them to the attention of your respective Account team.
For more information on the Logon Executable, see this article.
- Using the credentials for one of your test users, can you logon and access the target environment (i.e., using the same authentication method as your true end-users)?
- This will validate that the users are able to authenticate with the domain and are authorized to access the virtual desktop or application. If you are unable to access the target resource with a Virtual User, please review your provider's management console.
- If you log in as a test user, do you see the Login Enterprise icon and a button to “STOP ENGINE”?
- This will validate that the Logon Executable has been correctly configured. If you do not see the “STOP ENGINE” warning, the Logon Executable has not been configured successfully. The Virtual Users will not function without this successfully configured.
The Launcher software can be accessed and downloaded from within the Launchers page of your Virtual Appliance.
The Launcher is installed onto a machine that must have, at a minimum, the following resources allocated:
- 2 vCPU
- 4GB RAM
- 1GB Free Virtual Hard Disk space (minimum available disk space)
- Windows 7 and greater (32/64-Bit) or Windows 2012R2 or Greater
- Microsoft .NET Framework 4.6.1
- Client Connector Application (Citrix Workspace, VMware Horizon Client, Universal Web Connector)
- Login Enterprise Launcher
For more information on the Launcher component, see this article.
The following list serves as a checklist to validate you have fully accounted for the Launcher component.
- Does each Launcher machine follow the minimum requirements as specified above?
- Do you have permissions to install software on the Launcher machine(s)? Does this fall under another team?
- Have you downloaded the Launcher software from your Login Enterprise Virtual Appliance?
- Have you installed the Launcher software on the Launcher machine(s)?
- Have you installed the Client Connector application on the Launcher machine(s) (i.e., Citrix Workspace, VMware Horizon Client, RDP, Universal Web Connector)?
- Is the Launcher sharing resources with the Target Resources?
- Has Single Sign-On been disabled on the Launcher Machine(s)?
The following list serves as a checklist to validate you have successfully installed the Launcher component.
- Does the Launcher UI show your Virtual Appliance FQDN and Version?
- Does the Launcher appear in the Launchers tab of the Web Interface? (Home > Launchers)
- Can you create a session from the Launcher into the Target Environment?
- If you cannot launch a session manually, please verify the software requirements and your Virtualization provider's Management Plane to ensure Virtual Users are entitled to the Target Resources.
Digital Workspace Preparation
This section will cover the importance of preparing the digital workspace.
This may include, but is not limited to:
- Virtual User access to StoreFront, Horizon, etc.
- Virtual User authorization to launch target resources
- Target applications should be installed or available
User Access Entitlements
Virtual User Accounts require entitlements to access Target Resources. This is handled within your Virtualization provider's management plane.
The following list serves as a checklist to validate you have successfully granted Virtual Users with access to the Target Resource.
- From a Launcher machine, can you navigate to the access portal (Citrix Storefront, VMware Horizon) and attempt to sign in?
- From a Launcher machine, can you launch the target resource after authenticating at the access portal?
- Does the Target Session launch from the associated Client Connector Application (Citrix Workspace, VMware Horizon Client, RDP, UWC)?
- Is the Virtual User licensed to use the Target Application?
Application Scripting Requirements
In order to create Custom Workflow Scripts for use within Login Enterprise, the Script Editor is required. The Script Editor and Application X-Ray work side-by-side to inspect an application's user interface and generate the requisite code to interact with it. The Script Editor has a standalone engine that can be used to test and validate a script before attempting to use it within a test configuration.
The Script Editor can be downloaded from the Applications tab within the Web Interface. The Script Editor will need to be temporarily downloaded on a target desktop in order to develop application workflows.
For more information on the Script Editor, please see this article.
When utilizing Published Applications, only the protocol containing the Application is streamed to the Launcher machine(s). This poses a challenge when attempting to develop Custom Workflow Scripts for these applications, because the UI itself is not being streamed, only a snapshot of the UI. This prevents our technology from inspecting UI elements as it would within a full desktop context.
There are two workarounds to inspect Published Applications:
- Install on golden image and temporarily deliver locally via virtual desktop
- Provide access to Application Session Host
- Java Applications
Java applications are becoming less frequent, but still exist within some organizations. Java applications run in a specialized Java Runtime environment, which is isolated and does not communicate required Windows UI Automation details. However, basic operations like starting and stopping the Java application and measuring the launch time work as expected.
- In-VDI/ Desktop Remote Applications or Desktops - Double-hop sessions
This describes the process of accessing a Virtual Desktop or Application, from within a Virtual Desktop. To the Login Enterprise Application X-Ray, the second hop remote session appears as a black box. The required Windows UI Automation details are not communicated across such double-hops. However, basic operations like starting and stopping the double-hopped application and measuring the launch time work as expected.
If there are any concerns, please bring them to the attention of your respective Account team.