Overview
This article helps you complete the prerequisites for implementing a proof-of-concept with Login Enterprise.
Proof-of-concepts operate on a good faith basis, and they are provided to you free of charge. Setting clear guidelines is crucial to ensure mutual accountability for scope and timelines throughout the engagement.
To effectively use Login Enterprise, you need to access and manage specific infrastructure components, which may involve coordinating with peripheral teams in your IT organization. The involvement of teams depends on the size and structure of your organization. Possible teams include, but are not limited to:
- Active Directory Administrator
- End-User Computing Administrator
- Infrastructure Administrator
- Security Administrator
- Networking Administrator
During the scoping call, the relevant representatives must attend the planning and implementation phases if their input or access is needed. If you anticipate challenges, please communicate them to your Account team.
Considerations
The product evaluation spans one month. As part of this review process, we should discuss your change management process and its duration. We've encountered instances of change freezes in the middle of evaluation affecting evaluation schedules. If you anticipate any such scenarios during this period, please get in touch with us.
Virtual users must be licensed for each system and application they interact with. Consider the time required for licensing procurement on the following platforms, solutions, and applications:
- Microsoft Windows, RDS CALs if applicable
- Citrix and/or VMware Horizon licensing
- Office365 and/or custom application licensing
In most evaluations, you need to create a workflow for a custom line-of-business application, which isn’t part of the Login Enterprise template library. To choose an effective application for your evaluation see Creating an Application Script.
If you have concerns about licensing for any listed or unlisted items, please get in touch with your Account team.
Required components
For more information on hardware and software requirements, see the Requirements.
Virtual Appliance
Hardware requirements
The Login Enterprise Virtual Appliance is delivered as a fully configured virtual machine. The virtual machine is delivered as an OVA, VHD, or VHDX. Currently, we’re supporting the following hypervisors:
- VMware ESXi 5.5 - 7.0 (OVA file)
- Microsoft Hyper-V - Server 2012 R2 and higher (VHDX file)
- Citrix Hypervisor 8.2 (OVA file)
- Microsoft Azure (VHD file)
To download the Virtual Appliance in your preferred format, see the Downloads.
To access the Download page, you need to be signed in. If you have any issues accessing the downloads page or downloading the appliance, please get in touch with your Account team.
The virtual machine hosting the Appliance requires, at a minimum, the following allocated resources:
- 4 vCPU
- 8GB RAM
- Storage – Pre-Configured 100 GB virtual Hard Disk
Pre-import checklist
Use the following checklist to confirm you have accounted for all aspects of the Virtual Appliance deployment:
- Is your hypervisor on our supported list?
- Do you have authorization to make changes to the hypervisor? Does this fall under another team?
- Have you allocated the required CPU/ RAM/ Storage resources for the Virtual Appliance?
- Have you downloaded the Virtual Appliance?
- Have you imported the Virtual Appliance to your Hypervisor?
The deployment process for Azure differs from traditional on-premise installations. For information on deploying the virtual Appliance to Azure, see Deploying VHD to Azure.
After deploying the virtual machine, you’ll need specific information to complete the installation. To learn about the initial configuration of the virtual appliance, see Configuring Virtual Appliance for the first time.
Once configured, proceed with the steps below.
Post-configuration checklist
Use the following checklist to confirm successful virtual appliance configuration as outlined in Configuring Virtual Appliance for the first time:
- Is the Virtual Machine hosting the Virtual Appliance able to start?
- Can you log in to the Virtual Appliance Management Console?
- Can you load the Web Interface when browsing to the configured DNS name?
- Can you log in to the Virtual Appliance web interface with your admin credentials?
If you've completed the steps above, your Login Enterprise Virtual Appliance is successfully configured.
Accounts
Login Enterprise Virtual Users need enabled, existing Active Directory User objects to operate. Login Enterprise doesn’t create Active Directory accounts. It doesn’t verify their existence either. Login Enterprise stores Virtual User Account credentials and sends them to the Launcher for use with a specified Connector—Citrix Workspace, Horizon View Client, RDP, Universal Web Connector.
To learn more about the types of Connectors and connection options, see the Connectors and connection configuration.
For more information on Accounts within Login Enterprise, please see the Accounts.
Logon Executable
The Logon Executable is a small program that runs as part of the Virtual User's AD user account. Because we can instantiate during the logon process, there is no need to install an agent.
The Logon Executable (LoginPI.Logon.exe) must be run each time a Virtual User (AD user) launches a session and successfully logs in. Starting the Logon Executable confirms a connection with the Virtual Appliance and then downloads the "engine", and any data needed to perform the specified workload.
You can find the exact command in the Login Enterprise sidebar menu > Accounts > Downloads. Depending on your configuration, you may need a more explicit path.
There are several ways to fulfill this requirement:
- Group Policy to execute Logon Executable at Windows logon
- NETLOGON/ Logon Script for the Virtual User AD User
- shell:startup (For single-user OS scenarios, not recommended for production)
- shell:common startup (For multi-session OS scenarios, not recommended for production)
The best practice is to configure Logon Executable via Group Policy at the user level. Instead of configuring Logon Executable on a machine level, this allows you to swiftly repurpose virtual users for other areas of your environment.
If you have concerns about implementing any listed configurations or the usability of unlisted ones, please get in touch with your Account team.
For more information on the Logon Executable, see the Logon components.
Account checklist
- Using the credentials for one of your test users, can you log on and access the target environment (i.e., using the same authentication method as your true end-users)?
- This validates that the users can authenticate and have authorization to access the virtual desktop or published application. If you can’t access the target resource with a virtual user, check your virtualization provider's management console for permissions.
- If you log in as a test user, do you see the Login Enterprise icon and the Stop Engine button?
- This validates the correct configuration of the Logon Executable. If you don’t see the Stop Engine warning, the Logon Executable hasn't run successfully. The Virtual Users will not function if this configuration isn’t successful.
Launchers
To access and download the Launcher software in your Virtual Appliance, navigate to the Login Enterprise sidebar menu > Configuration > Launchers.
Hardware requirements
The Launcher is installed onto a machine that must have, at a minimum, the following resources allocated:
- 2 vCPU
- 4GB RAM
- Minimum available disk space: 1GB free virtual hard disk space.
Software requirements
- Windows 7 and later (32/64-bit) or Windows Server 2012R2 or later
- Microsoft .NET Framework 4.6.1
- Client Connector Application (Citrix Workspace, VMware Horizon Client, Universal Web Connector)
- Login Enterprise Launcher
For more information on the Launcher component, see the Login Enterprise Windows Launcher.
To learn about the Launcher’s role in Login Enterprise, what it does, how it works, and more, see the Launchers: Overview and best practices.
Pre-installation checklist
Use the following checklist to confirm you have fully accounted for the Launcher component:
- Does each Launcher machine follow the minimum requirements as specified above?
- Do you have permission to install software on the Launcher machines? Does this fall under another team?
- Have you downloaded the Launcher software from your Login Enterprise Virtual Appliance?
- Have you installed the Launcher software on the Launcher machines?
- Have you installed the Client Connector application on the Launcher machine, i.e. Citrix Workspace, VMware Horizon Client, RDP, or Universal Web Connector?
- Is the Launcher sharing resources with the Target Resources? This will impact results on both the Launcher and the Target.
- Have you disabled Single Sign-On on the Launcher machine? This may impact the Launcher's ability to use more than one account.
Post-installation checklist
Use the following checklist to confirm you have successfully installed the Launcher component:
- Does the Launcher UI show your Virtual Appliance FQDN and Version?
- Does the Launcher appear in the Launchers tab of the Web Interface? (Home > Launchers)
- Can you create a session from the Launcher into the Target Environment?
- If you can't launch a session manually, review y the software requirements and your virtualization provider's management plan to ensure Virtual Users are entitled to the Target Resources.
Launcher group policies
Automatic Windows screen lock
For organizations, the best practice is to configure Windows to automatically lock the screen after a period of user inactivity. While effective for real workstations, this poses a challenge for the Launcher since the Launcher software requires an interactive session for its active remote desktop or application sessions. When the Windows Lock Screen policy is activated, any ongoing Launcher sessions will be terminated. To facilitate headless Test execution, it's crucial to disable any policies enforcing automatic screen locking for Launcher screens.
Antivirus and app blocker exclusions
For a list of exclusions that can be added to the respective antivirus or app blocker to make sure the Launcher runs correctly, see the Antivirus and app blocker exclusions.
Digital workspace preparation
This section covers the importance of preparing the digital workspace.
This may include, but is not limited to:
- Antivirus and app blocker exclusions.
- Virtual User access to StoreFront, Horizon, etc.
- Virtual User authorization to launch target resources.
- Target applications should be installed or available.
Antivirus and app blocker exclusions
For a list of exclusions that can be added to the respective antivirus or app blocker to make sure Login Enterprise runs correctly in your Target environment, see Antivirus and app blocker exclusions.
User access entitlements
To access Target Resources, Virtual User accounts require certain entitlements. This is handled within your virtualization provider's management plan.
Use the following checklist to confirm you've successfully granted Virtual Users access to the Target Resource.
- From a Launcher machine, can you navigate to the access portal (Citrix Storefront, VMware Horizon) and sign in?
- From a Launcher machine, can you launch the Target Resource after authenticating at the access portal?
- Does the Target Session launch from the associated Client Connector Application (Citrix Workspace, VMware Horizon Client, RDP, UWC)?
- Is the Virtual User licensed to use the Target Application?
Application scripting requirements
To create custom workflow scripts in Login Enterprise, you need a Script Editor. The Script Editor and Application X-Ray work side-by-side to inspect THE application's user interface and generate the requisite code to interact with it. The Script Editor has a standalone engine that you can use to test and validate the script before attempting to use it within a test configuration.
To download the Script Editor, from the Login Enterprise sidebar menu, navigate to Applications > Downloads. The Script Editor will need to be temporarily downloaded on a target desktop to develop application workflows.
Starting from Login Enterprise 5.10, the Script Recorder v1 is integrated into the Script Editor.
For more information on the Script Editor, see the Script Editor.
For information on the Script Recorder, see the Script Recorder.
Published applications
Our Engine relies on APIs available through the Windows OS, specifically the Windows UI Automation Accessibility Framework. With published applications, the underlying UI element properties that are available for locally running apps are not available. This poses a challenge when creating custom workflows for these applications. The standard UI information is not transmitted to the standard Login Enterprise scripting toolset.
Login Enterprise supports executing workflows against published applications. When executing workflows with published applications, our Engine must run in the published application session, where the Engine can utilize the required APIs. However, when creating workflows the application must be accessed locally to capture its UI properties. This is because Application X-Ray will not be able to capture UI control information for streamed applications.
To inspect Published Applications, there are two workarounds:
- Temporarily deliver locally to create application workflow
- Provide access to Application Session Host
Special considerations
Java applications
Although becoming less common, Java applications still play a significant role in many enterprises. Java applications operate within a dedicated Java runtime environment. Our Engine relies on APIs available through the Windows OS, specifically the Windows UI Automation Accessibility Framework. Unlike more modernized WPF applications, Java applications do not transmit this information. This makes application development using standard Login Enterprise toolsets difficult.
In such scenarios, only coordinate-based interactions and keyboard shortcuts are practical. In availability scenarios, where only validating the start of the application is crucial, this remains a viable option. You can still capture application launch times using standard Login Enterprise scripting. Utilizing keyboard shortcuts where available may also enable capturing other application performance measurements.
Double Hop and Nested Mode scenarios
In Citrix terminology, this term is known as a “double hop”. In VMware Horizon, it is commonly called a session in “nested mode”. This pertains to the scenario where an end-user initiates a virtual desktop, which is the first hop. Then, within the virtual desktop, the end-user launches a published desktop or application. That is considered the second hop. Our Logon Executable is primarily responsible for starting our automation Engine.
Our Engine relies on the APIs available through the Windows OS, specifically the Windows UI Automation Accessibility Framework from within the "first hop" session. Thus, the underlying UI element properties accessible for locally running apps are not available for applications running in the "second hop". As with our challenges in Java-based applications, coordinate-based interactions, and keyboard shortcuts could be potential options for addressing similar issues.
Additional resources
- To learn about network port configurations, see the Network port configuration.
- For information on the Login Enterprise licensing, see the License.
- For information on Active Directory authentication, see Configuring Active Directory Authentication.
If you have any concerns about any of the processes and steps outlined in this article, please notify your Account team.