Skip to content

Deployment Examples

In the previous sections, multiple concepts of multi-tenancy and multi-organization structuring have been explained. This section expands on that information by providing use cases and deployment examples:

Case-I

An organization wishes to deploy HyWorks, where users will be authenticated from the Active Directory but their assignments are to be done using the built-in directory. This is required so that the HyWorks Administrators do not have to request the Active Directory team for the user's group modifications often and all the remote desktop servers are joined to the domain.

Solution Deployment

Configure the organization to have the following authentication domain settings:

  • Authentication Server: Active Directory

  • Authorization Server: Built-in

  • Domain Name for Remote Desktop Session: Authentication server

  • Use Credentials for Remote Desktop Server: Credentials provided by the user

  • User Creation RDS(s): Do not create

  • Populate Users into built-in directory: Import users from the authentication server

Explanation

Based on the above configuration, the users will be authenticated from the Microsoft Active Directory configured as the authentication server. The Administrators will be able to import users from the Active Directory to the built-in directory and manage them in different groups. When connecting, the domain name of the Active Directory will be used and since the users will be providing credentials of the Active Directory, the same will be used for connecting to the remote desktop servers.

Case-II

  • An organization wishes to deploy HyWorks, where the users will be authenticated from the LDAP server but their assignments are to be done from the built-in directory. This is so that the HyWorks administrators do not have to request the LDAP team for user's group modifications often and all the remote desktop servers are to be kept in a Workgroup.

Solution Deployment

Configure the organization to have the following authentication domain settings:

  • Authentication Server: LDAP server

  • Authorization Server: Built-in

  • Domain Name for Remote Desktop Session: Custom as dot "."

  • Use Credentials for Remote Desktop Server: Built-in directory credentials

  • User Creation RDS(s): Manual Synchronization

  • Populate Users into built-in directory: Create users in the built-in directory

Explanation

The Administrator will create users in the built-in directory with random different passwords but the same username as the LDAP. The users will be synchronized into the associated RDS server manually so that users with same username and passwords can be created on the RDS(s). While logging-in, the users' authentication will be done with the provided credentials against the LDAP server but while connecting to the remote desktop servers, credentials from the built-in directory will be used.

Case-III

An organization wishes to deploy HyWorks, where the users will be authenticated from the Microsoft Active Directory server but the users and the remote desktop servers are managed from the domain.

Solution Deployment

Configure the organization to have the following authentication domain settings:

  • Authentication Server: Active Directory Server

  • Authorization Server: Active Directory Server

  • Domain Name for Remote Desktop Session: Authentication or authorization server

  • User Creation RDS(s): Manual Synchronization (disabled and does not get used)

  • Populate Users into built-in directory: Create users in the built-in directory (default selected but do not get used)

Explanation

As everything is managed through the Active Directory, the users will be authenticated from the configured authentication server, authorization i.e. assignment of applications and desktops can be done from the same authentication server. When logging in, the users will be authenticated from the Active Directory and will be allowed to connect to the remote desktop servers using the same credentials.