Home » HP Manuals » Desktops » HP BladeSystem bc2800 » Manual Viewer

HP BladeSystem bc2800 Administrator's Guide HP Session Allocation Manager (HP - Page 14

How HP SAM Works, HP SAM uses HP Remote Graphics Software RGS or Microsoft® Remote Desktop

View all HP BladeSystem bc2800 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

How HP SAM Works 1. When a user on an access device (desktop, notebook, thin client) requests a desktop session, the HP SAM client sends a request to the HP SAM Web server. a. If configured, HP SAM supports server failover. If the HP SAM Web server does not respond, the HP SAM client goes down the list to the next HP SAM Web server. b. The HP SAM client sends the user name and domain information to the HP SAM server. 2. The HP SAM Web server receives the user name and domain name from the HP SAM client. The Web server validates this information with the Microsoft Active Directory server. The account must be valid and enabled in Active Directory to continue. Normally, the password is not authenticated at this point, but is authenticated when logging into the operating system on the resource. With HP SAM 3.0, the Authenticate Before Allocation feature can be enabled which will cause the password authentication to occur during this step instead. 3. The HP SAM Web server returns the appropriate desktop session information to the HP SAM client. a. The HP SAM Web server determines whether or not the user still has a desktop session running and, if so, reconnects the user to that same session (i.e., follow-me roaming). If the user has no existing desktop session, the HP SAM Web server checks its internal database to see what resources are available and connects the user to an appropriate resource. b. If the user has more than one role or resource assignment, they will be prompted to choose. c. The data returned to the HP SAM client contains the IP address(es) (or Host name(s), depending on how it is configured on the HP SAM Web server) of the appropriate resources. d. If no computing resource is available, the HP SAM client informs the user. 4. The HP SAM client connects to the appropriate desktop session. NOTE: HP SAM uses HP Remote Graphics Software (RGS) or Microsoft® Remote Desktop Protocol (RDP) to connect between access devices, computing resources, and OUs. 5. The user is then prompted at the login screen for the password. The user name and domain is prepopulated by the HP SAM client. This step is omitted if the user has already entered the password on the HP SAM client and either RDP is used or RGS in Single Sign-on mode is enabled. NOTE: With RDP, RGS 5.1 or later, or Authenticate Before Allocation (seeAuthenticate Before Allocationon page 3), HP SAM allows users with expired passwords to log on. They are then required to update their passwords immediately. 6. Once the user logs in, the HP SAM registration service on the computing resource reports back to the HP SAM Web server. 7. Once the user disconnects or logs out, the HP SAM registration service updates the HP SAM Web server with the new information. 6 Chapter 1 Introduction ENWW

Section	Page
Introduction	9
What's New in This Release	10
Resource Reservations (AKA Access Restrictions)	10
Authenticate Before Allocation	11
Switch To, Move, Minimize, and Minimize All Functions on HP SAM Connection Bar	12
Support for RGS Senders Running on a Non-default Port	12
Logoff Scheduler	12
Key Features	12
Overview	13
How HP SAM Works	14
HP SAM Software Components	16
Remote Graphics Software (RGS)	16
Common Tasks	17
Setting up HP SAM	17
Setting up a User with a Dynamic Resource	17
Setting up a User with Static (Dedicated) Resources	18
Configuring a Monitor Layout for a User	19
Requirements	21
HP SAM Hardware and Software Requirements	21
Architectural Considerations and Best Practices for Setting up an HP SAM Environment	21
Server Sizing	21
SQL Database Considerations	22
Number of HP SAM Servers	23
Regionalization of Data Centers	23
Multiple SQL Databases	24
Domain Environment Requirements for HP SAM	24
HP SAM Web and SQL Server Requirements	24
HP SAM Web Server Hardware Requirements	24
HP SAM Web Server Software Requirements	24
HP SAM SQL Database Server Hardware Requirements	25
HP SAM SQL Database Server Software Requirements	29
HP SAM Registration Service Requirements	29
Access Device Requirements	30
Thin Client	30
Mobile Thin Client	30
Desktop or Notebook PC	30
Blade Workstation Clients	31
Personal Workstation Clients	31
Other requirements	32
Create a Service Account	32
Obtain Administrative Rights	32
Change the Firewall	32
Active Directory	32
Installation	33
Order of Installation	33
New Installation	33
Upgrade	33
Install the HP SAM Web Server and SQL Software	35
Grant Users HP SAM Administrator Access	37
Configure HP SAM System Settings	37
Configure Secure Socket Layer (SSL)	37
Install and Validate the HP SAM Registration Service Software	37
Install the HP SAM Registration Service	38
Create the HP SAM Registration Service Configuration File	39
[WebServerList]	39
[RolesList]	40
[AssetGroupList]	40
ServicePort	40
DnsDomain	40
Start/Restart the HP SAM Registration Service	41
Test the HP SAM Registration Service	41
Install and Validate the HP SAM Client Software	41
Internet Explorer-Based Client	42
HP SAM ActiveX Controls	43
Windows XPe-Based Client	43
Customization Steps	44
Linux-Based Client	44
HP Blade Workstation Client Series	44
Customization Steps	44
HP ThinPro GT Client for the HP gt7725 Thin Client	45
Red Hat Enterprise Linux (RHEL) Client	46
Customization Steps	46
Configuration Settings	46
Options	46
Smart Card Settings	49
User Interface Customization Settings	50
Policy Entries	52
Global and Local Client Configuration Files	55
Legal Banner	56
Deploy the HP SAM Registration Service to All HP SAM Computing Resources	57
Deploy HP SAM Client Software to All HP SAM Access Devices	57
Administration	59
Log In	59
General Navigation and User Interface Design	59
Display More (or Fewer) Items Per Page	59
Move Columns	59
Sort Result List	59
Select More Than One Item	59
Managing the HP SAM Administrator Access List	60
Add Individual Users to the HP SAM Administrator Group	60
Add Security Groups or Organizational Units to the HP SAM Administrator Group	60
Remove Users or Groups From the HP SAM Administrator Group	61
HP SAM Administrator Console Tabs	62
Home Tab	62
Users and Roles Tab	62
Manage Resource Roles	62
Manage Asset Groups	63
Manage Administrative Permissions	64
Manage Users	65
Operation	65
To Assign Attributes	65
To Assign Resources	66
To Assign Resources Manually	66
To Assign Resources Automatically from Template User	67
To Assign Resources Automatically from Role	68
To Assign and Configure a Monitor Layout for the User	68
To Change the Monitor Layout Configuration for the User	68
To Delete a Monitor Layout ID for the User	69
To Delete a User	69
Add New Users	69
To Grant Access to Individual Users	69
To Grant Access to Security Groups or Organization Units	70
Resources tab	70
Manage Resources	70
Auto Refresh Feature	71
View Details	71
Operations	71
Operations	71
Customize View	72
Manage Access Devices	72
To Add an Access Device Manually	72
To Change an Access Device	72
To Delete an Access Device	73
Manage Monitor Layout	73
To Create a Monitor Layout	73
To Modify a Monitor Layout	73
To Delete a Monitor Layout	73
Manage Data Centers	73
To Create a Data Center	74
To Change a Data Center	74
To Add Enclosures into a Data Center	74
To Delete Enclosures from a Data Center	74
To Delete a Data Center	74
Policies Tab	74
Create or Update a Policy	76
View Effective Policy	76
System Settings Tab	77
General	77
Web client	78
Active Directory	79
Auto Schedules	80
Resource Synchronization Scheduler	80
Audit Log Clean Up Scheduler	80
Logoff User from Resource Scheduler	81
Licensing	81
Reports Tab	81
Resource Capacity Consumption Report	82
Filters	82
Display Options	82
Output Report	82
Resource Capacity Consumption Trend Report	82
Filters	83
Display Options	83
Output Report	83
Resource Utilization Report	84
Filters	84
Display Options	84
Output Report	84
Log Tab	84
Setting Up Smart Card Login on the Access Device	85
Configuring Session Time Limits for Remote Sessions	87
Firewall Rules	89
Web Server	89
Clients	89
Resources	90
SQL Server	90
Frequently Asked Questions	91
Registration Service Error Codes	95
Glossary	98

Match case Limit results 1 per page

How HP SAM Works

When a user on an access device (desktop, notebook, thin client) requests a desktop session, the

HP SAM client sends a request to the HP SAM Web server.

If configured, HP SAM supports server failover. If the HP SAM Web server does not respond,

the HP SAM client goes down the list to the next HP SAM Web server.

The HP SAM client sends the user name and domain information to the HP SAM server.

The HP SAM Web server receives the user name and domain name from the HP SAM client. The

Web server validates this information with the Microsoft Active Directory server. The account must

be valid and enabled in Active Directory to continue. Normally, the password is not authenticated

at this point, but is authenticated when logging into the operating system on the resource. With HP

SAM 3.0, the

Authenticate Before Allocation

feature can be enabled which will cause the

password authentication to occur during this step instead.

The HP SAM Web server returns the appropriate desktop session information to the HP SAM client.

The HP SAM Web server determines whether or not the user still has a desktop session

running and, if so, reconnects the user to that same session (i.e., follow-me roaming). If the

user has no existing desktop session, the HP SAM Web server checks its internal database

to see what resources are available and connects the user to an appropriate resource.

If the user has more than one role or resource assignment, they will be prompted to choose.

The data returned to the HP SAM client contains the IP address(es) (or Host name(s),

depending on how it is configured on the HP SAM Web server) of the appropriate resources.

If no computing resource is available, the HP SAM client informs the user.

The HP SAM client connects to the appropriate desktop session.

NOTE:

HP SAM uses HP Remote Graphics Software (RGS) or Microsoft® Remote Desktop

Protocol (RDP) to connect between access devices, computing resources, and OUs.

The user is then prompted at the login screen for the password. The user name and domain is

prepopulated by the HP SAM client. This step is omitted if the user has already entered the

password on the HP SAM client and either RDP is used or RGS in Single Sign-on mode is enabled.

NOTE:

With RDP, RGS 5.1 or later, or Authenticate Before Allocation (see

Authenticate Before

Allocation

on page

), HP SAM allows users with expired passwords to log on. They are then

required to update their passwords immediately.

Once the user logs in, the HP SAM registration service on the computing resource reports back to

the HP SAM Web server.

Once the user disconnects or logs out, the HP SAM registration service updates the HP SAM Web

server with the new information.

Chapter 1

Introduction

ENWW