Local Users

The Local Users subsection under the User Store section enables the Administrator to manage users, which includes:

• Add/Update/Delete Users

• Import Users using CSV

• Sync User

• Export User

Add Users

Users can be added to the HyWorks built-in directory using the following two methods:

1. Add Users Manually

2. Import Users using CSV

Add Users Manually

To add users manually, follow the steps listed below:

1. Go to the Users > User Store section > Local Users subsection.

2. Click on the Add button.

3. The Add User wizard should be displayed.

4. Provide the following details in the User Details screen.

   1. Display Name: Display the new user’s name (for display purposes).

   2. Username: Username for the new user (to be used for logging in).

   3. Active: Checkbox to activate the user. Inactive users will not be allowed to log in to HyWorks.

   4. Password & Confirm Password: Password fields for the new user. Password must be eight (8) characters long.

5. Click on the Next button to proceed to the Assign Groups section.

6. The Assign Groups screen can make a user a member of existing user groups.

   1. To add users to groups, click on the Add Group button.

   2. The Available Groups dialog will be displayed, which can be used to locate the desired group.

   3. Select and click on the OK button.

   4. The selected group will be added, and the Administrator should be able to navigate back to the Assign Groups screen.

7. Click on the Next button to proceed to the Session Team screen.

8. The Session Team screen can associate the user with a Session Team. Upon synchronizing, the user will be synchronized into the member. Session Host Servers of the selected Session Team.

   1. Select the desired Session Team from the displayed list.

9. Click on the Save button to save the user. The User should be added with the provided details, and the Local Users section should show the details of the added users.

Add User Wizard - Advanced Configurations

The default screen of the Add User option does not display the advanced configurations to avoid complexity during the process of user creation. These controls can be enabled from the System - Advance Configurations screen. The following advanced configurations can be enabled for the user account:

• Authorization Only: (Deprecated: Field is no longer available) If the user account should only be used for authorization purposes. Selecting this checkbox will disable the Passwords fields.

• Password Management:

  • Auto Disable (in days): The user account will be disabled automatically after the configured number of days from the date of creation.

  • Change Password at next logon: The user should be prompted to change the password at their next logon event.

  • User cannot change password: If the user should be restricted from changing their password.

Import Users (Add Users Automatically using CSV Import)

HyWorks v3.0 or later supports adding multiple users simultaneously by importing users from CSV files. The CSV file must be formatted appropriately and must use only predefined columns. Any deviation from these specifications may fail in the import process.

CSV Template

The User section provides the option to download a CSV Template to aid the Administrator with this process.

Downloading CSV Template

To download a CSV Template, follow the steps listed below:

1. Navigate to the User Management > User section.

2. Click on the Download Template button.

3. The CSV File template will be downloaded in zipped format under the name En_UserImportCSV.

4. Extract the CSV file to be used to provide user details.

CSV Template Fields and Import Behavior

Given below is a list of fields which will be defined as columns in the downloaded CSV files:

• Display Name: Displays the name of the user.

• Username: Username for the new user.

• Delete User: Keeping this flag as True will delete the user from the HyWorks configuration upon a successful CSV import and will also delete the user from Session Providers at the next synchronization event. It should be kept False for new users or if existing users do not need to be deleted. The field cannot be left blank and only accepts values True or False.*

• Group Names: For specifying the names of groups for the user.

• When importing them, the user will be made a member of the specified groups.

• Multiple groups can be specified using a semicolon separating the values.

  • If a group does not exist, it will be created when the users are imported.

  • If the group is not specified, all user group memberships will be removed.

• Session Teams: To specify the names of the Sessions Teams for the new user.

• The User will be associated with the specified Session Teams when imported.

• Multiple Session Teams can be specified using a semicolon separating the values.

  • An error will be displayed if the specified team does not exist.

  • If the Session Teams column is left blank, the user's association with all the Session Teams will be removed.

• Applications: Name of the applications for the new users.

• The user will be assigned to the provided applications.

• If the applications do not exist, an appropriate error will be displayed when the CSV import is initiated.

  • Multiple applications can be assigned using a semicolon separating the values.

• Password: The password for the new user.

• It cannot be left blank.

• Must be at least 8 characters long, and the following special characters are supported: aA1\~!@#\$%\^&*()_+[{]}\|./?

Important Points while Populating the CSV with User Details:

• The CSV file encoding type selected during import should match with the actual CSV file encoding type.

• Do not change the order of the columns. Do not delete any columns from the file.

CSV Import Process

To import users into HyWorks using the CSV Import feature, follow the steps listed below:

1. Fill in all the details carefully using the above-mentioned specifications and prepare the CSV file.

2. Click on the Import button.

3. The Import dialog will be displayed, listing the type of CSV file format. The following file formats are supported:

   1. ANSI

   2. Unicode

   3. UTF_8

   4. Shift_JIS

4. Choose the required file format and click on the Import button.

5. The Choose File to Upload window will be prompted. Select the appropriate CSV file and click on the Open button.

6. All the user records which can be imported will be displayed.

7. Click on the Save button to continue saving the records.

8. The Controller will start processing the records.

   1. A success dialog will be displayed if the records do not have any misconfigurations.

   2. If any issues are detected, then an error will be displayed for the failed records in the same Import File Records dialog with the option to download the logs.

      1. Only the records with errors will be skipped; all the other records will be imported into HyWorks.

   3. Click on the OK button to dismiss the dialog.

9. All the imported records should be listed in the Users > User Store > Local Users section.

Add Users from the Authentication Server

In specific deployment patterns, users can be fetched from the configured authentication server in the organization. A possible use case would be if the HyWorks administrator did not want to manage the user groups on the Active Directory but rather create groups in the local built-in directory. He can add users from the Active Directory into respective groups for application and pool assignments.

To achieve this, the authentication domain configuration should be kept as shown below in the Organization:

• Authentication Server: Active Directory.

• Authorization Server: Built-in.

• Domain name for the remote desktop session: Authentication Server (considering all the machines to be accessed are domain-joined).

• User Credentials for remote desktop servers: Credentials provided by the user.

• User Creation on RDS(s): Do not create (considering all the machines to be accessed are domain-joined).

• Populate users into the built-in directory: Import users from the authentication server.

Once the above configuration is set in the Organization authentication domain section, users can be pulled from the Active Directory into HyWorks and managed into different groups for authorization.

To import users into the HyWorks built-in directory, follow the steps listed below:

1. Ensure the Auth domain configurations are according to the specifications described above.

2. Go to the Users > User Store > Local Users.

3. Click on the Add button to invoke the Add User wizard.

   1. Click on the Add Users button.

   2. Search and select the users to be added and click on the OK button.

   3. Go to the next screen to associate users with any existing built-in groups.

   4. On the next screen, keep the option All Session Teams checked to associate users with all the available Session Teams.

4. These users should be added to the HyWorks built-in directory and can be used for direct entitlements or group-based entitlements.

Similarly, users can also be added from the Groups wizard. When adding or editing a group, an option to add users from the authentication server is present.

Edit User

The Administrator can modify the details of a user using the following steps:

1. Select a user from the list displayed in the User Management > Users section.

2. Click on the Edit button.

3. The Edit User dialog will be displayed with the following modifiable sections/controls:

   1. User Details:

      1. Display Name: Editable.

      2. Username: Not editable.

      3. Active: Editable.

      4. Change Password: Select this checkbox to provide a new password for the user.

   2. Assign Groups: To assign new groups or unassign existing groups.

   3. Session Teams: To modify user associations with the Session Teams.

4. Change the required details and click on the Save button.

5. All details should be saved, and at the next synchronization event, they will also be updated on the Shared Session Host server.

Warning

• If the built-in authentication server is used as the authorization server, For Pool (Shared) Desktops and Applications, then each user needs to be assigned teams. This is an additional requirement for built-in authentication.

• If the team is not assigned to the user, then the Pool (Shared Hosted) Desktops and Applications will not be available from any on-assigned teams, even if the user is entitled from the Add/Edit Application, Add/Edit Shared Hosted Desktop or Add/Edit entitlement.

Delete User

The following two methods can be used to delete users from HyWorks:

Delete Manually

To delete users manually, follow the steps listed below:

1. Select one or multiple users from the list of users displayed in the User Store > Local Users section.

2. Click on the Delete button.

3. The Confirm Action dialog will be displayed; click the OK button to continue deleting the selected users.

4. The users will be deleted from the HyWorks Configuration.

Delete Automatically using CSV Import

As specified in the CSV Template Fields and Import Behavior sub-section of Import Users (Add Users Automatically Using CSV Import section that defines the value as True in the column specifies. Delete User deletes the user from the HyWorks Configuration. The steps listed below can be followed to delete multiple users at the same time:

1. Export the existing users list into a CSV file in the required format.

2. To delete all the users, specify the value as True in the Delete User column.

   

3. Import the CSV file using the process specified in the CSV Import Process section in Import Users (Add Users Automatically Using CSV Import.

4. All the users specified with the value in the Delete User column of the imported CSV will be deleted. At the next synchronization event, the users should also be removed from the respective Session Host Servers.

Sync Users

User synchronization refers to the process through which users (created manually or created using a CSV Import) will be added and updated into the member Session Host Servers of the associated teams. Since all the users are added/updated in the HyWorks Controller, follow the steps given below to synchronize them into the Session Host Servers:

1. Navigate to the User Store > Local Users section.

2. Click on the Sync Users button.

3. The Confirm Action dialog will display a list of the Session Teams.

4. Select the appropriate Session Teams, which users must synchronize, and click the Yes button to continue.

5. A success status message should be displayed in the top bar.

6. All the users associated with the selected Session Team will be sent to all the member Session Host Servers, and the logs will be created on the Session Host Server.

7. The HyWorks Session Host Server will create the users if they do not exist and will update them if they already exist on the Session Host Server.

8. On completion of the operation, the logs will be sent to the Controller stating the number of users created, updated, deleted, or failed. (refer to the screenshots displayed above). For further information, refer to the Syncing Mechanism section.

9. Upon the next successful login from the client, these built-in users will be able to connect to the assigned applications or the Shared Hosted Desktop sessions.

Syncing Mechanism

The following mechanism is used for user synchronization in HyWorks:

1. HyWorks sends a list of users to each member Session Host server of the Session Team.

2. A Session Host server checks the local group members with the name "Accops_group".

   1. If a user on the list does not exist on the HyWorks Session Host server, the user will be created and made a member of Accops_group.

   2. If the user exists on the Session Host server but does not belong to the Accops_group, the user details will be updated (password, display name and Accops_group membership).

   3. If the user belongs to the "Accops_group", and if the user is included in the list, the user details will be updated, such as the password & display name.

   4. If the user belongs to the 'Accops_group' and is not included in the Controller's list, the user is deleted from the RDS server, along with the profile.

   5. If the user list received from HyWorks is blank, the HyWorks Session Host will delete all the users who belong to "Accops_group".

3. Once all the users in the user list are synced, the Session Host servers will send a synchronization summary, providing information on the added, updated, deleted, or failed user count.

   "User synchronization response from server 'mytesthyworks': Added Users:10, Updated Users:2, Deleted Users:5, Failed Users:3"

4. If any synchronization failures are observed, the Session Host server logs, which are the default directory of HyWorks, can be analyzed for detail. The Session Host server is as follows:

   C:\Program Files (x86)\Accops\HyWorks\SessionHost\Logs

   Example of detailed logs

   2017-02-12 17:50:25,155 [11] ERROR EDCLog - Account for 'sec' insert failed. Reason: The password does not meet the password policy requirements. Check the minimum password length, password complexity, and password history requirements.

   2017-02-12 17:50:25,155 [11] ERROR EDCLog - Account for 'sec' update failed. Reason: The username could not be found.

   2017-02-12 17:50:25,217 [11] DEBUG EDCLog - Account for 'test user' Created Successfully

   2017-02-12 17:50:25,858 [11] DEBUG EDCLog - User 'test user' is added to 'Accops_group' group

Export Users

If the Administrator requires a modification to the list of users using a CSV, then the list can be exported in the CSV format and re-imported with the modified details. The following steps can be used to export a user list:

1. Go to the Users > User Store > Local Users section.

2. Click on the Export button.

3. Select CSV File format in the Export dialog and click on the Export button.

4. The Controller should process all the records and display a dialog with the Download button suggesting the status of the export operation.

   

5. Click on the Download button. A CSV file in the selected file format should be downloaded.

6. The Administrator can use this exported file to modify the details and re-import them to update them further.