Quick-Start Tutorial for VMware Dynamic Environment Manager

Technical Introduction and Features

VMware Dynamic Environment Manager™ (formerly known as User Environment Manager, until version 9.9) delivers personalization and centrally managed policy configurations across virtual, physical, and cloud-based Windows desktop environments. IT administrators control which settings users are allowed to personalize, and administrators can map environmental settings such as network drives and location-specific printers.

User-specific Windows desktop and application settings can be applied in the context of client device, location, or other conditions. Policies are enforced when users log in, launch an app, reconnect, or when some other triggering event occurs.

Dynamic Environment Manager also has a feature for configuring folder redirection for storing personal user data, including documents, pictures, and so on.

Purpose of This Tutorial

This quick-start tutorial helps you evaluate Dynamic Environment Manager by providing a discussion of the product and offering practical exercises.

Important: This tutorial is designed for evaluation purposes only, based on using the minimum required resources for a basic deployment, and does not explore all possible features. This evaluation environment should not be used as a template for deploying a production environment. To deploy a production environment, see the Dynamic Environment Manager Documentation.

Audience

This tutorial is intended for IT administrators and product evaluators who are familiar with VMware vSphere® and VMware vCenter Server®. Familiarity with networking and storage in a virtual environment, Active Directory, identity management, and directory services is assumed. Knowledge of other technologies, such as VMware Horizon® is also helpful.

Benefits of Using Dynamic Environment Manager

  • Centralized and simplified management of Windows environments – Administrators can configure settings and conditions in the Management Console, and the Dynamic Environment Manager agent on virtual desktops and RDSH servers can read and apply the settings. A single instance of the Management Console can manage multiple Dynamic Environment Manager environments.
  • Dynamic, contextual policy management – Admins can specify the conditions under which an end user gets certain features, such as the ability to disable saving files to a USB device when outside the corporate network, or other security-related features. Admins can also configure triggering tasks to determine when to check for certain conditions, such as at login time.
  • Consistent user experience across devices and locations – End users can roam between disparate devices while preserving custom application settings and Windows personalization settings. On login, Dynamic Environment Manager reads the user's profile and can, for example, display the desktop background or application settings that the user saved during the last session, regardless of whether the actual endpoint device was a desktop computer at work or an iPad at home.
  • Improved login times – Windows login times directly impact the end-user experience. Whether managing physical or virtual PCs, VDI, or published applications, IT constantly struggles to find a balance between customizing the Windows environment and adding time to the user login process.

    Tasks such as mapping printers and drive letters and applying policies to manage applications often occur during the login process. Dynamic Environment Manager can remove much of this overhead by carrying out these tasks dynamically, if and when they are needed.

  • Providing desktops just in time – As enterprises go down the path of VDI, a common question is whether to provide persistent or nonpersistent desktops. Although end users enjoy the flexibility to customize their own, personal, persistent VM, IT often prefers the streamlined management of nonpersistent VMs. Dynamic Environment Manager is a key component of the personalized just-in-time desktop.

Dynamic Environment Manager can manage applications installed in the base image of a virtual desktop machine or RDSH server, and it can manage applications provided by VMware App Volumes. Dynamic Environment Manager also includes Horizon Smart Policies, for integrating with VMware Horizon and Horizon Apps. For more information, see the XXXXXXX.

Components and Architecture of Dynamic Environment Manager

This section provides an overview of the architecture so you can see how the components relate to each other. The following figure shows the architecture of a Dynamic Environment Manager installation. In the following descriptions, the word you refers to you, the IT administrator. All components of Dynamic Environment Manager that you deploy communicate between each other by using the SMB protocol.

Graphical user interface, diagram</p>
<p>Description automatically generated

  • Active Directory GPO – You create a GPO for each Active Directory organizational unit (OU) you want to manage. The OU typically contains the computer objects for virtual machines. You can then edit this GPO and apply Dynamic Environment Manager settings from administrative templates included in the installation package.
  • Dynamic Environment Manager Management Console – You use this Dynamic Environment Manager administrative UI to configure application settings, Windows environment settings, conditions under which the settings go into effect, and various other configuration settings. You can also confifgure Horizon Smart Policies for things like printer mapping, attaching devices to the virtual desktop or application, and the ability to copy and paste text.
  • Application Profiler – For the few applications for which you cannot find an already-created application template, you can use this standalone application that analyzes where the application stores its file and registry configuration, and also set the initial configuration state of the application.
  • Central configuration share – You create this file share to store the Management Console configuration and Dynamic Environment Manager configuration files. The Dynamic Environment Manager agent (FlexEngine) on virtual desktops and RDSH servers reads the configuration file on this share and applies the settings specified in the configuration file.
  • Network folder per user – In this file share that you create, each folder, or profile archive, contains ZIP files where the Dynamic Environment Manager agent (FlexEngine) stores the personalized settings of a user. For each Dynamic Environment Manager (Flex) configuration file that you create, FlexEngine creates a profile archive for each user.
  • Helpdesk Support Tool – This tool provides capabilities to support and maintain the Dynamic Environment Manager profile archives and profile archive backups.
  • Self-Support Tool – With this tool, end users can restore application settings from a backup or reset the settings to their defaults.
  • Clients with Dynamic Environment Manager FlexEngine – The agent software, FlexEngine, runs on each virtual desktop or RDSH server whose applications are to be managed. This agent reads the centralized configuration file, applies Dynamic Environment Manager settings, and saves those user settings that end users are allowed to control. In this client-server architecture, the FlexEngine agent software plays the client role, and the Dynamic Environment Manager Flex configuration file plays the server role.
  • Offline SyncTool – Laptop users who are not always connected to the corporate network need access to their Dynamic Environment Manager configuration files while offline. SyncTool makes all VMware Dynamic Environment Manager configuration files available locally and synchronizes changes when users connect to the corporate network. Additionally, users with a slow WAN connection can use local Dynamic Environment Manager configuration files, thus limiting network traffic and avoiding continuously roaming personal settings.

How to Install Dynamic Environment Manager

This quick-start tutorial provides procedures to get you up and running quickly. It is not a substitute for the complete production documentation, which includes the guide Installing and Configuring VMware Dynamic Environment Manager.

Create and Configure the Dynamic Environment Manager Configuration Share

Before you install Dynamic Environment Manager, you must set up a couple of central file shares on a file share server. The first share to set up is the Dynamic Environment Manager configuration share. It contains all the policy configuration files for allowing personalization and for managing the configuration of physical or virtual Windows machines and applications.

The FlexEngine agent on the managed machine reads configuration data from the Dynamic Environment Manager configuration share when a user logs in or out of the environment, or when the user opens or closes applications that are configured with DirectFlex.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Creating the Configuration Share.

Configuration Share Prerequisites

To complete this exercise, you need the following.

  • To start, the share should have at least 1 GB of disk space.
  • To optimize login times, the computer where the user logs in should have a 1-Gbps connection to the configuration share.

Exercise: Create the Configuration Share

  1. On a file server, create a folder for the share; for example, you could name the folder DEM-Config.
  2. To configure sharing, right-click the folder and select Properties.
  3. On the Sharing tab, select Advanced Sharing and enable sharing.
  4. Click Permissions and select the Change check box for everyone. This will include user accounts and computer accounts.
  5. To configure NTFS security permissions, click the Security tab, and click Advanced.
  6. Click Add and then click Select a Principal.
  7. Enter the group name for the administrators and click Check names to verify that the account exists, and click OK.
  8. In the Basic Permissions list, select Full Control and verify that these permissions are applied to This folder, subfolders and files.
  9. Click Add and Select a Principal again, and enter the name for end users.
  10. In the Basic Permissions list, select Read & execute permissions and verify that these permissions are applied to This folder, subfolders and files.
  11. To configure computer-based settings, click Add and Select a Principal again, and enter the name for computer accounts.

    Or, instead of selecting separate groups for end users and computers, you could enter the built-in group Authenticated Users, which includes both.

  12. In the Basic Permissions list, select Read & execute permissions and verify that these permissions are applied to This folder, subfolders and files.

At this point, this folder is empty, but after you install Dynamic Environment Manager and start the management console, some folders and files will be created here that define the settings you want to use.

The Dynamic Environment Manager agent that runs on the virtual desktop or RDSH server will read this configuration data from the file share, either when the user logs in or out of the machine, or when the user opens or closes particular applications, depending on how things are configured. For computer-based settings, the settings are applied when the machine starts up.

Create and Configure the Profile Archives Share

Another of the central file shares you must set up before installing Dynamic Environment Manager is the profile archives share. It stores and persists personal settings for end users, in the form of ZIP files, and it stores log files.

The Dynamic Environment Manager agent (FlexEngine), which runs on the virtual desktop or RDSH server, reads personal user settings from the profile archives share when a user logs in to the environment or launches a DirectFlex-enabled application. The agent then writes the modified settings back to the profile archive when the user logs out, or closes a DirectFlex-enabled application.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Creating the Profile Archives Share.

Profile Archives Share Prerequisites

To complete this exercise, you need the following:

  • An Active Directory group containing one or more end-user accounts. This should be the same group you used in Configuration Share Prerequisites. In this exercise, the AD group Domain Users is used.
  • An Active Directory group containing one or more IT Administrator accounts. This should be the same group you used in Configuration Share Prerequisites. In this exercise, the AD group Desktop Admins is used.
  • A file server with at least 100 MB of storage space for each user and an adequate network connection speed, as described in the following Dynamic Environment Manager Profile Archives Share topic. (Approximate read time: 4 minutes) For best performance, use a share that is dedicated to the profile archives.

Exercise: Create the Profile Archives Share

  1. On a file server, create a folder for the share; for example, you could name the folder DEM-User-Profiles.
  2. To configure sharing, right-click the folder and select Properties.
  3. On the Sharing tab, select Advanced Sharing and enable sharing.
  4. Click Permissions and select the Change check box for everyone. This will include user accounts and computer accounts.
  5. To configure NTFS security permissions, click the Security tab, and click Advanced.
  6. Click Add and then click Select a Principal.
  7. Enter the group name for the administrators and click Check names to verify that the account exists, and click OK.
  8. In the Basic Permissions list, select Full Control and verify that these permissions are applied to This folder, subfolders and files.
  9. In the list, verify that the Creator Owner account has Full Control applied to Subfolders and files only.
  10. Click Add and Select a Principal again, and enter the name for end users.
  11. In the Basic Permissions list, click Show Advanced Permissions and select Create folders / append data and then de-select, or uncheck, all the other check boxes.
  12. From the Applies To drop-down list, select This folder only.
  13. To configure computer-based settings, click Add and Select a Principal again, and enter the name for computer accounts.

    Or, instead of selecting separate groups for end users and computers, you could enter the built-in group Authenticated Users, which includes both.

  14. In the Basic Permissions list, click Show Advanced Permissions and select Create folders / append data and de-select, or uncheck, all the other check boxes.
  15. From the Applies To drop-down list, select This folder only.

At this point, the folder is empty, but once Dynamic Environment Manager is configured, as each user logs in to their virtual desktop or starts a particular application, the agent that runs on the virtual machine will create a user-specific archive file. This is a zip file, and the agent reads its personal user settings from this zip file on this share. When the user logs out or closes a particular application, the agent writes the modified settings back to the user’s profile archive. For computer-based settings, the settings are applied when the machine starts up.

Install the Dynamic Environment Manager Agent (FlexEngine) on the Desktop or RDSH Server

FlexEngine, the Dynamic Environment Manager agent component, applies the policies that the IT administrator creates with the Dynamic Environment Manager Management Console. FlexEngine can be installed on physical, virtual, and cloud-based Windows devices.

To install this component, you run the same VMware Dynamic Environment Manager Setup wizard that you run to install the management console. If you plan to create pools of virtual desktops or farms of RDSH servers, you can install FlexEngine on the golden VM before creating the pool or farm.

Note: Instead of, or in addition to, reading the printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Installing the FlexEngine Agent.

Important: This procedure describes running the FlexEngine installer in the guest operating system of a vSphere-based VM. If instead you are using Horizon Cloud on Microsoft Azure, installing the agent is included in the process of importing a VM from the Azure Marketplace.

This procedure is for installing the agent on a VM if you want to use an Active Directory GPO to configure the agent. It is also possible to configure the agent so that it does not require a GPO. In this case, you must install the agent in NoAD Mode. For more information, see the exercises later in this guide, in the section Initial Configuration Using NoAD Mode.

Prerequisites for FlexEngine Installation

To perform this exercise, you need the following:

  • User account When you log in to the OS to run the installer, the account you use must have administrative privileges.
  • Installer If necessary, you can download the installer from the Product Evaluation Center or the VMware Downloads page. The installer is included in a ZIP file. You must download the file, extract the Dynamic Environment Manager MSI file, and copy it to the system where it will run or to a location accessible to the system.
  • License The installation wizard prompts for the path to a valid license file unless VMware Horizon Agent is already installed in the VM. Dynamic Environment Manager Enterprise is included with Horizon Enterprise, and Dynamic Environment Manager Standard is included with Horizon Standard.
  • Windows Registry The Windows Registry on the VM must be accessible to Dynamic Environment Manager so that new entries can be written. See Registry Access Requirements.
  • Internet access The installation process includes a certificate revocation check to verify the digital signature of the MSI file. This check requires Internet access.
  • Windows OS - The system must be running a supported Windows version. See Software Requirements.

Note: For the purposes of this exercise, you can install the agent on a physical or a virtual machine that you want to manage. For details about how to create a VM used for virtual desktops for RDSH servers in a VMware Horizon setup, see Creating Optimized Windows Images for VMware Horizon VMs.

Exercise: Install the Dynamic Environment Manager Agent

  1. Copy the installer file to the system where it will run or to a location accessible to the system.
  2. Double-click the installer to start the wizard, and follow the prompts until you get to the Setup Type page.
  3. Select the Custom setup type.
  4. Verify that the VMware DEM FlexEngine components are enabled and that the VMware DEM Management Console component is disabled.
  5. If you have already installed the Horizon Agent on the machine, you do not need to choose a license file.
  6. Follow the rest of the prompts to complete the wizard.

The agent is installed in the C:\Program Files\Immidio\Flex Profiles directory and its file name is FlexEngine.exe. Note that if you are using Horizon Cloud on Microsoft Azure, the Horizon Agents installer installs the FlexEngine component in a different directory.

Now that this agent is installed in the virtual desktop or RDSH server VM, the agent will read the Dynamic Environment Manager configuration file and then apply application and user environment settings.

Install and Configure the Dynamic Environment Manager Management Console

You use this administration console to configure Dynamic Environment Manager and to manage personalization and application configuration settings for end users. You can install the Dynamic Environment Manager Management Console on any supported Windows desktop or server that you want to use for managing Dynamic Environment Manager.

To install this component, you run the same VMware Dynamic Environment Manager Setup wizard that you ran to install the Dynamic Environment Manager agent (FlexEngine). The first time you start the Dynamic Environment Manager Management Console, you are prompted to supply the path to the configuration share.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Installing and Configuring the Management Console.

Prerequisites for Management Console Installation

To perform this exercise, you will need the following:

  • User account - When you log in to the OS to run the installer, the account you use must have administrative privileges.
  • Installer - If necessary, you can download the installer from the Product Evaluation Center.
  • Windows OS - The system must be running a supported Windows version. See Software Requirements.
  • Internet access - The installation process includes a certificate revocation check to verify the digital signature of the MSI file. This check requires Internet access.
  • Configuration share – You must have completed the exercise Create and Configure the Dynamic Environment Manager Configuration Share.

Exercise: Install and Configure the Management Console

  1. Copy the installer file to the system where it will run or to a location accessible to the system.
  2. Double-click the installer to start the wizard, and follow the prompts until you get to the Setup Type page.
  3. Select the Custom setup type.
  4. Enable the VMware DEM Management Console component and disable the VMware DEM FlexEngine components.
  5. Follow the rest of the prompts to complete the wizard.

    A VMware DEM Management Console shortcut appears on the Start menu.

  6. Select the shortcut to launch the Management console.
  7. In the Location text box, browse to or enter the UNC path to the configuration share on your file server; for example, \\fileshare1\DEM-Config. The next time you open the console, a configuration file in this location is read.
  8. Click OK in the Settings window to accept the default settings. Note that a folder named General, as well as a configuration file, now appear in the configuration share folder.

How to Configure the Agent

After you install FlexEngine, the Dynamic Environment Manager agent, in the VMs that end users will access, you need to enable the agent and point to the configuration file the agent needs to read when users log in. You also need to point to the profile archive directories so that user settings can be read and saved.

There are a couple of ways to do this. You can use the VMware-provided administrative templates for Active Directory Group Policy Objects, or you can use the XML-based option called NoAD mode. The exercises that follow show you how to do both.

Initial Configuration Using an Active Directory Group Policy Object

This section assumes you have chosen to use AD GPOs to configure the agent, along with the VMware-provided administrative template files. These files are located inside the Administrative Templates (ADMX) folder. This folder is included in the same download package that contains the Dynamic Environment Manager installer.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Configuring the FlexEngine (Agent) GPO.

Prerequisites for Configuring the GPO

Before you begin this exercise, verify that you have completed the following tasks:

  • Complete all the exercises from the chapter How to Install Dynamic Environment Manager, and make sure you know the paths to the Dynamic Environment Manager configuration share and the profile archives share.
  • Make sure you have credentials for a computer that can access the Microsoft Group Policy Management Console (GPMC) and the domain controller.
  • Copy all the ADMX files from the Administrative Templates (ADMX) folder—which is included in the same download package that contains the Dynamic Environment Manager installer—to the Sysvol share on your primary domain controller. The path is:

    \\<name-of-primary-domaincontroller>\SYSVOL\<domain-name>\Policies\PolicyDefinitions

  • Copy all the ADML files from the language-specific sub-folder and paste them into the corresponding language-specific folder in the Sysvol share. For example:
  1. Open the en-US folder included in the Administrative Templates (ADMX) folder, and then select and copy all the ADML files in this en-US folder.
  2. Paste the files into the en-US folder inside the PolicyDefinitions folder on the SYSVOL share.

With these prerequisites satisfied, you can create a Group Policy Object and use the templates with this GPO to configure all the required policy settings and any optional ones you want to use. You can create this GPO for an organizational unit that contains either user accounts or the computer accounts for the VMs. For this example, we will use computer accounts.

Exercise: Create and Configure the AD Group Policy Object

  1. Open Microsoft Group Policy Management editor.
  2. Browse to the OU, right-click and select Create a GPO in this domain and link it here. For this example, we will name it DEM_GPO.
  3. Right-click the GPO and select Edit.
  4. Navigate to Computer Configuration > Policies > Administrative Templates > System > Logon.
  5. Double-click the policy setting Always wait for the network at computer startup and logon and set it to enabled. This ensures that the FlexEngine Group Policy client-side extension runs during each logon.
  6. Navigate to Computer Configuration > Policies > Administrative Templates > System > Group Policy.
  7. If you are linking the GPO to an OU of computers rather than users, edit the policy setting Configure user Group Policy loopback processing mode and set it to enabled. This allows user account policies to be applied to computer accounts.
  8. To set a logoff policy so that FlexEngine will be able to store the settings configured through the GPO, navigate to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff).
  9. In the right pane, double-click Logoff, select Add, and enter the path to the location where FlexEngine.exe is installed on the VMs. The default path is C:\Program Files\Immidio\Flex Profiles\FlexEngine.exe.
  10. Enter -s in the Script Parameters field.
  11. To specify the location of the Dynamic Environment Manager configuration file, navigate to User Configuration > Administrative Templates > VMware DEM > FlexEngine and double-click the Flex config files policy setting.
  12. Enable the policy, and type in the UNC path to the configuration file. For this example, the path is \\<file-share>\DEM-Config\General. Leave the Process folder recursively check box checked.
  13. Double-click the Run FlexEngine as Group Policy Extension policy setting and enable the policy. This setting enables FlexEngine to run automatically during logon.
  14. To specify the location of the profile archives share, double-click the Profile archives policy setting.
  15. Enable the policy, and type in the UNC path to the share. For this example, the path is \\<file-share>\DEM_User_Profiles and then append %username%\Archives to the end of the path so that a unique subfolder will be created for each user. Leave the Compress profile archives check box checked.
  16. To set a policy for backups, double-click the Profile archives backups policy setting, enable the policy, and enter the path you want to use for backups. Be sure to append %username%\Backups to the path so that a unique subfolder will be created for each user.
  17. To set a policy for collecting logs, double-click the FlexEngine logging policy setting. Enable the setting and type in the UNC path. Be sure to append %username%\Logs\FlexEngine.log so that a unique log file will be created for each user. For the log level, do not use Debug or Info in a production environment unless you actually need to troubleshoot something.

Important: Setting the log level to Debug should only be used for evaluation or troubleshooting purposes. For production implementations of Dynamic Environment Manager, consider enabling debug logging for individual users as described in the VMware KB article Enabling debug logging for a single user in VMware Dynamic Environment Manager (2113514).

Initial Configuration Using NoAD Mode

NoAD mode is a way to configure Dynamic Environment Manager without requiring Active Directory. For example, you can use NoAD mode if your environment has limited Active Directory access, and administrators are not permitted to set GPOs.

NoAD mode is always recommended for cloud-based implementations. For more information, see Benefits of VMware Horizon Cloud on Microsoft Azure & VMware Dynamic Environment Manager.

Another use case is when you are working with a proof-of-concept environment. You can implement Dynamic Environment Manager in NoAD mode quickly because there is no need to change a GPO, configure logon and logoff scripts, or wait for Active Directory replication.

Using NoAD mode is a two-part process:

  1. You configure Dynamic Environment Manager by creating an XML-based configuration file. This file contains all the same settings that you would otherwise configure using GPO settings.

    VMware provides a sample XML configuration file to simplify using NoAD mode. You can either copy this file from the Dynamic Environment Manager installation package you downloaded, or copy contents of the file from a topic in the product documentation. At a minimum, you must edit only a few required settings in the sample file.

  2. You install the Dynamic Environment Manager agent in NoAD mode on the virtual desktops or RDSH servers to be managed.

    This process involves using a command-line command that tells the agent the path to the XML-based NoAD configuration file. The agent can then read this configuration file to determine which Dynamic Environment Manager settings to apply.

Prerequisites for Using NoAD Mode

Before you begin the exercises in this section, you need the following:

  • Configuration share, profile archives share, and Dynamic Environment Manager Management Console – Make sure you have completed the following exercises:
  • User account When you log in to the OS to run the installer, the account you use must have administrative privileges.
  • Installer If necessary, you can download the installer from the Product Evaluation Center or the VMware Downloads page. The installer is included in a ZIP file. You must download the file, extract the Dynamic Environment Manager MSI file, and copy it to the system where it will run or to a location accessible to the system.
  • License The installation wizard prompts for the path to a valid license file unless VMware Horizon Agent is already installed in the VM. Dynamic Environment Manager Enterprise is included with Horizon Enterprise, and Dynamic Environment Manager Standard is included with Horizon Standard.
  • Windows Registry The Windows Registry on the VM must be accessible to Dynamic Environment Manager so that new entries can be written. See Registry Access Requirements.
  • Internet access The installation process includes a certificate revocation check to verify the digital signature of the MSI file. This check requires Internet access.
  • Windows OS - The system must be running a supported Windows version. See the product documentation topic Software Requirements.

    Important: The VM you use for this exercise must not already have FlexEngine installed. If you plan to use the same VM that you used in the earlier exercise Install the Dynamic Environment Manager Agent (FlexEngine) on the Desktop or RDSH Server, you first must uninstall the agent before you re-install the agent in NoAD mode.

In the examples for the following exercises, we use a virtual desktop VM that is part of a VMware Horizon setup, though this is not required. If you are using a Horizon environment, you will need to have access to a desktop or RDSH server VM, and you will need VMware Horizon® Client™ for logging in to the VM after you install the Dynamic Environment Manager agent.

Exercise: Create the NoAD Configuration File

  1. Navigate to the \\<configuration-share>\general\FlexRepository\ directory on the configuration share, and create a new folder called NoAD.

    The path to the folder must be:
    \\<configuration-share>\general\FlexRepository\NoAD\.

  2. Create a NoAD.xml file in the NoAD folder on the configuration share:

    You have two options for creating the NoAD.xml file:

  • You can copy and rename the NoAD Sample.xml file, located inside the NoAD Mode folder, from the installation package. If necessary, you can download this package from the VMware Download page.
  • You can manually create an empty text file inside the NoAD folder on the configuration share, rename the file NoAD.xml, and copy and paste the contents from the Sample NoAD.xml topic.
  1. Edit the NoAD.xml file to specify configuration settings:

    The only required settings you must edit are:

  • Path to the profile archives share (ProfileArchivePath) – Replace the text filesrv\UemUsers$ with the name of the file server and share folder you created as part of the exercise Create and Configure the Profile Archives Share.

    The %username%\Archives portion of the path allows a unique subfolder to be created for each user. The personal user settings are read from this share at login or at application start and are written back at application exit or at logout.

  • Path to the log file (LogFileName) – Replace the text filesrv\UemUsers$ with the name of the file server and share folder you created as part of the exercise Create and Configure the Profile Archives Share.

    For the example in this exercise, the settings are:

    ProfileArchivePath=\\<Share>\DEM_Profiles\%username%\Archives
    LogFileName="\\<Share>\DEM_Profiles\%username%\Logs\FlexEngine.log"

  1. To set the logging level, in the line LogLevel="1" change the 1 to another number, which changes the level of logging from Info to something else.

    For a complete list of the various logging levels and their corresponding settings, see the product documentation topic Configuring FlexEngine Logging Settings.

  2. Save and close the NoAD.xml file.

Important: Setting the log level to Debug should only be used for evaluation or troubleshooting purposes. For production implementations of User Environment Manager, consider enabling debug logging for individual users as described in the VMware KB article Enabling debug logging for a single user in VMware User Environment Manager (2113514).

Note: This exercise demonstrates using only a few of the many possible configuration settings. For information about all of the other settings, see the product documentation topic Configuring User Environment Manager with NoAD Mode, and see the VMware KB article Configuring advanced UEM settings in NoAD mode (2148324).

Exercise: Install the Dynamic Environment Manager Agent in NoAD Mode

  1. Copy the installer file to the system where it will run or to a location accessible to the system.
  2. Log in to the virtual desktop or RDSH server VM, right-click the cmd application and select Run as administrator.
  3. Change directories to the directory where the msiexec.exe file is located, and enter the command to run the file. The syntax of the command is:

    msiexec.exe /i "<installer-file>" /qn /l* InstallDEM.log NOADCONFIGFILEPATH=\\<config-share>\General

    In this example,

  • <installer-file> is the path to the agent installer located on a file share, and because there are spaces in the installer file name, the path is enclosed in quotation marks; for example,
    "\\file\software\infra\DEM\VMware Dynamic Environment Manager 2013 x64.msi"
  • <config-share>\General is the path to the configuration share; for example,
    \\fileshare\DEM_Config\General

    The NoAD.xml file you created in the previous exercise resides in the subfolder FlexRepository\NoAD\ inside the General folder.

    Important: In this example, the LICENSEFILE command-line option is not included because the VMware Horizon Agent is already installed in the VM. If the Horizon Agent is not already installed in your VM, be sure to add the LICENSEFILE command-line option to specify the path to your license file. The syntax is:

    LICENSEFILE=\\<fileshare>\<share>\VMware DEM.lic

    In this example, <fileshare>\<share> is the file share where the license file is located. You can place this command-line option after the /qn option. You can copy the complete syntax of the command from the product documentation topic Install FlexEngine in NoAD Mode.

  1. To verify installation, navigate to the Programs and Features control panel, and verify that the VMware Dynamic Environment Manager agent was successfully installed.
  2. If you plan to use this VM as a golden, or template, VM for creating a desktop pool or RDSH server farm, you can shut the VM down and take a VM snapshot.
  3. To verify that Dynamic Environment Manager is working correctly in NoAD mode, you must log in to the machine so that profile-specific files can be created on the file share.
  • If you are using a Horizon virtual desktop, use Horizon Client to log in to the desktop pool that contains the VM with NoAD enabled.
  • If you are using an RDSH server, you must create an application or desktop pool and use Horizon Client to launch an application or session-based desktop.
  1. After login is complete, navigate to the profile archives share and verify that a user-specific folder has been created. Also verify that inside this folder, the Archives and Logs folders have been created.
  2. Open the FlexEngine.log file in the Logs folder, and verify that you see the line Running from service (NoAD).

    For the example in this exercise, the path to this folder is:
    \\<file-share>\DEM_Profiles\<username>\Archives\Logs

  3. Also verify that the level of logging, which you set when running the installer, is correct. For example, if you set the log level to DEBUG, you should see some DEBUG lines.

Getting Started Managing the User Environment

By default, Dynamic Environment Manager does not manage any Windows applications or environment settings after you install it. You must specify which applications and settings to manage. Although this approach takes a little more work up front, this solution has several important benefits:

  • Prevents excessive profile growth and profile corruption
  • Enables user settings to roam across Windows versions
  • Gives administrators granular control to manage as much or as little of the user experience as needed

Enable the Easy Start Feature

To help with getting started, the Easy Start feature instantly adds many common Windows applications—including several versions of Microsoft Office--to the allowlist of applications managed by Dynamic Environment Manager. Many Windows environment settings are also added by Easy Start. You can then easily select an application or Windows setting to review and change the default settings.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Using the Easy Start Feature.

Prerequisites for Using Easy Start

To perform this exercise, you need the following:

  • Credentials for the virtual or physical machine where you installed and performed the initial configuration of the Dynamic Environment Manager Management Console, as described in the earlier section Install and Configure the Dynamic Environment Manager Management Console.
  • (Recommended but not required) Microsoft Office installed on the virtual desktop or RDSH server that you want to manage. You will be prompted to select the version of Microsoft Office that is installed.

Exercise: Using Easy Start

  1. To illustrate how this works, first open the configuration file. The path to the file is:

    \\<file-share-server>\DEM_Config\Immidio Flex Profiles Configuration.xml

    Note that the file contains no application-specific settings yet.

  2. Look inside the General folder. The path is:

    \\<file-share-server>\DEM_Config\General

    Note that the folder is empty. Application-specific files will be created in this folder.

  3. To start the Dynamic Environment Manager Management Console,
    from the Start screen, select the Management Console shortcut in the VMware DEM folder.
  4. On the Personalization tab, note that in the left pane, no applications are listed under General.
  5. Click the Easy Start toolbar button.

    Many commonly installed Windows applications will now be managed with Dynamic Environment Manager.

  6. (Optional) Select the version or versions of Microsoft Office that are installed on the virtual desktop or RDSH server that you want to manage.
  7. In the left pane, under General, expand the Applications list, and you see the applications that have been added.

    By default, when users log in and change application settings for these applications, their personalizations will be saved when they close the application. So, for example, the user can have the experience of persistence even if the user gets a different instant-clone VM every time they log in.

  8. Examine the default settings and make any desired changes.

Now, when you navigate to the General folder on the file share, you see that an Applications folder has been created there by the Easy Start feature. If you look inside, you might see:

  • Application icon files, which have an .ico extension.
  • Application configuration files, which have an .ini extension.
  • Flag files, which have an .INI.flag extension. Flag files are for configuring the application to use the DirectFlex feature. Using DirectFlex means the profile archives settings are imported and read when the user starts the application, rather than when the user logs in to the machine. Application settings are saved when the user quits the application, rather than when the user logs out of the machine.
  • A Windows Settings folder is also created in the General folder, and if you selected a version of Microsoft Office, a folder for that is also created.

Test Application Personalization

With the application personalization feature, end users can roam between disparate devices while preserving custom application settings and Windows personalization settings. When a user logs in to a virtual desktop or application, Dynamic Environment Manager reads the profile archive file for that user's profile and can, for example, display the desktop background or application settings that the user saved during the last session.

In this exercise, you will log in to a physical or virtual machine as an end user, open an application, change some application settings, log out, and then log in again and verify that the settings have been persisted across sessions. You can even log in from different devices if you like.

Note: Instead of, or in addition to, reading printed instructions in this section, if you would prefer to watch a video tutorial, see the video Dynamic Environment Manager: Trying Out App Personalization.

Prerequisites for Testing App Personalization

To perform this exercise, you need the following:

Exercise: Test Application Personalization

  1. To see how app personalization works, first open the profile archives share.  which you created in the earlier exercise Create and Configure the Profile Archives Share. The path to the file is:

    \\<file-share-server>\DEM_Profiles\

    It is empty at first.

  2. Use Horizon Client to log in to the Horizon desktop. As soon as the login process begins, a new folder is created on the share. The folder is named according to the user account of the user logging in.

    At this point, the agent on the virtual desktop is importing the Dynamic Environment Manager settings from the configuration files in the General folder on the configuration share.

  3. After login is complete and the desktop appears, note that several desktop shortcuts have been created by the Easy Start feature, including DEM Self-Support, Notepad, Wordpad, and the VMware website.

    For a list of application shortcuts created by the Easy Start feature, you can go to the User Environment tab in the Management Console and select Shortcuts in the left pane.

  4. Open Wordpad and create a new document.
  5. On the View tab, un-check the Ruler and Status-bar check boxes.
  6. From the Word wrap list, select No Wrap, and then close the application and log out of the machine.

    When you log out, the settings you changed are saved to the profile archives share. Also, if the Horizon desktop is an instant clone, the actual VM you just used will be destroyed.

  7. On the profile archives share, note that a zip file has been created, and the Wordpad settings are saved there.
  8. Log back in to the virtual desktop again. If you are logging in to an instant-clone desktop, it is not the same virtual machine that you logged in to previously.

    If you are using a full-clone desktop rather than an instant clone, you might be able to replicate this experience by reverting the VM back to a snapshot taken before you ever logged in for the first time. When you log in after reverting, you will still see the personalized Wordpad settings.

  9. Open Wordpad, and note that this new desktop still displays the Wordpad settings you chose using the previous VM.

    In this way, when used in conjunction with stateless virtual desktops, Dynamic Environment Manager can give the experience of persistent, stateful desktops.

 

 

Summary and Additional Resources

This quick-start tutorial introduced you to Dynamic Environment Manager and enabled you to set up a proof-of-concept environment through practical exercises. Now that you have the environment set up and configured, you might like to continue on and explore other major features by following the exercises in Managing Profiles and Policies for Windows Desktops: Dynamic Environment Manager Operational Tutorial.

Additional Resources

Managing Profiles and Policies for Windows Desktops: Dynamic Environment Manager Operational Tutorial

Dynamic Environment Manager Documentation

VMware Horizon Documentation

Benefits of VMware Horizon Cloud on Microsoft Azure & VMware Dynamic Environment Manager

Profiling Applications with VMware Dynamic Environment Manager, Part 1: Introduction to Application Profiler

Profiling Applications with VMware Dynamic Environment Manager, Part 2: Applying and Troubleshooting Predefined Settings

Enabling debug logging for a single user in VMware Dynamic Environment Manager (2113514) (VMware Knowledge Base article)

VMware Dynamic Environment Manager with VMware App Volumes

Changelog

The following updates were made to this guide.

Date

Description of Changes

2021-06-11

  • Added new videos, which are narrated.
  • Updated the quick start for Dynamic Environment Manager 2013 and later.
  • Removed the exercises that were previously called advanced features and created an operational tutorial for them.

2018-03-22

Initial publication

About the Authors

Josh Spencer, formerly an EUC Staff Architect, is now a Senior Product Line Manager, End User Computing, VMware.

Caroline Arakelian is a Senior Technical Marketing Manager, End-User-Computing Technical Marketing, VMware.

To comment on this paper, contact VMware End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.

 

 

 

 

 

Filter Tags

Horizon Dynamic Environment Manager Document Quick-Start Intermediate Deploy