Follow the instructions and create a new Active Directory Forest for this environment. If you are not
familiar with Microsoft Active Directory, there are many self-paced courses listed on the internet. There
are also several instruction books such as the Windows Server 2008 Active Directory Resource Kit
available online from retailers such as Amazon.
The DNS service role will also be added to the configuration when the Active Directory Service role is
created. This will allow computers to automatically be entered into the AD structure when they are added
to the DNS database. WSM will automatically populate the DNS database with the streaming client
devices using the names specified within the WSM database. This is why Active Directory integration
was enabled as part of the WSM installation.
If you plan to integrate Active Directory with WSM without SSL, you must ensure that the WSM OS
Authentication Service is running with the credentials of an Active Directory user with privileges to create
and manage computer accounts (for example, a member of the Account Operator group). In addition, this
user must be a member of the local administrators group of the WSM server; otherwise, the OS
Authentication service cannot start when being configured to run with the credentials of the Active
Directory user. For more information about integrating Active Directory with WSM without SSL, refer to
the Administrators Guide: Wyse WSMTM.
7.2.1 Adding users to the Active Directory
In order to ensure that the client devices function specifically to a particular user, the information for all
the system users must be placed into the Active Directory prior to the operating of WSM. Once a user
logs onto any of the streamed client devices, the user name will be looked up in the AD and the user will
be assigned the appropriate profile. This should include mounting the user’s files from the appropriate file
server space. It is recommended to store the users files separate from the WSM server. This allows for
the network administrator to back up the users files independently from the WSM application files. In
addition, if WSM is being used in Volatile Mode, the user’s desktop will be wiped clean at each boot up,
so storing the user’s files on the WSM server would cause them to disappear as well. If WSM is used in
Persistent Mode, where the desktop is NOT wiped during each boot up, the hard drive could fill up with
those user files.
In order to support this, the user accounts must be set up using a roaming profile. This allows the user to
access a remote file share after logon. You can manually put the entries in, or use a scripting tool to batch
them together and enter at one time. To accomplish this, the free Solarwinds User Input Tool, available
from http://www.solarwinds.com/ was used for this document. A Comma Separated Variable (CSV) file
was created in Microsoft Excel then used with this tool to populate the AD. Contact your organization’s IT
department to see if they already had a tool for batch entry.
Make sure to set Password never expires and clear User must change password at next login if you
are planning on doing any automated testing of the system, otherwise, the desktops will be stuck waiting
for the user to change his password. These fields can easily be changed in bulk by using a third party tool
such as AD Infinitum available from http://www.newfawm.com/adi2.htm.
You may need a script to create the user directories on your fileserver. Consult with your IT department
on the procedures for doing so.