Users

The Users subsection under the User Management section enables the Administrator to manage users (Add/Remove/Modify), change their Group memberships, create/remove Session Team association, synchronizing users into Session Providers.

This section will provide details to manage users, which include:

• Add/Update/Delete Users

• Import Users using CSV

• Sync User

• Export User

Add Users

Users can be added in to the HyWorks built-in directory using the following two methods:

1. Add Users Manually

2. Import Users using CSV

Add Users Manually

To add users manually, follow the steps listed below:

1. Go to the User Management section -> Users subsection

2. Click on the Add button

3. The Add User wizard should be displayed

4. Provide the following details in the User Details screen

   1. Display Name: Display name for the new user (for display purpose)

   2. Username: Username for the new user (to be used for logging in)

   3. Active: Checkbox to activate the user. Inactive users will not be allowed to log in to HyWorks

   4. Password & Confirm Password: Password fields for the new user. Password must be 8 characters long.

5. Click on the Next button to proceed to the Assign Groups section

6. The Assign Groups screen can be used to make a user a member of an existing user groups

   1. To add a groups, click on the Add Group button

   2. The Available Groups dialog will be displayed, which can be used to locate the desired group

   3. Select and click on the OK button

   4. The selected group will be added, and the Administrator should be navigated back to the Assign Groups screen

7. Click on the Next button to proceed to the Session Team screen

8. The Session Team screen can be used to associate the user with a Session Team. Upon synchronizing, the user will be synchronized into the member Session Host Servers of the selected Session Team.

   1. Select the desired Session Team from the displayed list

9. Click on the Save button to save the user. The User should be added with the provided details and the Users section should show the details of the added users.

Add User Wizard -- Advanced Configurations

The default screen of the Add User option does not display the advanced configurations to avoid complexity during the process of user creation. These controls can be enabled from the System - Advance Configurations screen. The following advance configurations can be enabled for the user account:

• Authorization Only: (Deprecated: Field is no longer available) If the user account should be used for authorization purposes only. Selecting this checkbox will disable the Passwords fields.

• Password Management:

  • Auto Disable (in days): The user account will be disabled automatically after the configured number of days from the date of creation

  • Change Password at next logon: If the user should be prompted to change the password at their next logon event

  • User cannot change password: If the user should be restricted from changing their password

Import Users (Add Users Automatically using CSV Import)

HyWorks v3.0 or later supports adding multiple users at the same time by importing users from CSV files. The CSV file must be properly formatted and must use only predefined columns. Any deviation from these specifications may result in a failure in the import process.

CSV Template

To aid the Administrator with this process, the User section provides the option to download a CSV Template.

Downloading CSV Template

To download a CSV Template, follow the steps listed below:

1. Go to the User Management -- User section

2. Click on the Download Template button

3. The CSV File template will be downloaded in a zipped format with the name En_UserImportCSV

4. Extract the CSV file to be used for providing user details.

CSV Template Fields and Import Behavior

Given below is a list of fields which will be defined as columns in the downloaded CSV files:

• Display Name: Display name of the user

• Username: Username for the new user

• Delete User: Keeping this flag as True will delete the user from the HyWorks configuration upon a successful CSV import and will also delete the user from Session Providers at the next synchronization event. It should be kept False for new users or if existing users do not need to be deleted. The field cannot be left blank and accepts values True or False only.*

• Group Names: For specifying the names of groups for the user.

  • When importing them, the user will be made a member of the specified groups.

  • Multiple groups can be specified using a semicolon separating the values.

  • If a group does not exist, it will be created when the users are imported

  • If group is not specified, then all group memberships of the user will be removed

• Session Teams: For specifying the names of the Sessions Teams for the new user

  • The User will be associated with the specified Session Teams when they are imported

  • Multiple Session Teams can be specified using a semicolon separating the values

  • If the specified team does not exist, then an error will be displayed

  • If the Session Teams column is left blank, then the user's association with all the Session Teams will be removed

• Applications: Name of the applications for the new users

  • The user will be assigned with the provided applications

  • If the applications do not exist, then an appropriate error will be displayed when the CSV import is initiated

  • Multiple applications can be assigned using a semicolon separating the values

• Password: The password for the new user

  • Cannot be left blank

  • Must be at least 8 characters long and the following special characters are supported: aA1\~!@#\$%\^&*()_+[{]}\|./ ?

Important Points while Populating the CSV with User Details:

• The CSV file encoding is UTF-8 and must not be changed.

• Do not change the order of the columns. Do not delete any columns from the file.

CSV Import Process

To import users into HyWorks using the CSV Import feature, follow the steps listed below:

1. Fill all the details carefully using the above mentioned specifications and prepare the CSV file

2. Click on the Import button

3. The Import dialog will be displayed, listing the type of CSV file format. The following file formats are supported:

   1. ANSI

   2. Unicode

   3. UTF_8

   4. Shift_JIS

4. Choose the required file format and click on the Import button

5. The Choose File to Upload window will be prompted

   1. Select the appropriate CSV file and click on the Open button

6. All the user records which can be imported will be displayed

7. Click on the Save button to continue saving the records

8. The Controller will start processing the records

   1. If the records do not have any misconfigurations, then a success dialog will be displayed

   2. If any issues are detected, then an error will be displayed for the failed records in the same Import File Records dialog with the option to download the logs

      1. Only the records with an error will be skipped and all the other records will be imported into HyWorks

   3. Click on the OK button to dismiss the dialog

9. All the imported records should be listed in the User Management -- Users section.

Add Users from the Authentication Server

In specific deployment patterns, users can be fetched from the configured authentication server in the organization. A possible use case would be if the Administrator of HyWorks did not want to manage the user groups on the Active Directory, but rather create groups in the local built-in directory. He can add users from the Active Directory into respective groups for application and pool assignments.

To achieve this, the authentication domain configuration should be kept as shown below in the Organization:

• Authentication Server: Active Directory

• Authorization Server: Built-in

• Domain name for the remote desktop session: Authentication Server (considering all the machines to be accessed are domain joined)

• User Credentials for remote desktop servers: Credentials provided by the user

• User Creation on RDS(s): Do not create (considering all the machines to be accessed are domain joined)

• Populate users into built-in directory: Import users from the authentication server

Once the above configuration is set in the Organization -- authentication domain section, users can be pulled from the Active Directory into HyWorks and can be managed into different groups for authorization.

To import users into the HyWorks built-in directory, follow the steps listed below:

1. Ensure the Auth domain configurations according to the specifications described above

2. Go to the User Management -- Users

3. Click on the Add button to invoke the Add User wizard

   1. Click on the Add Users button

   2. Search and select the users to be added and click on the OK button

   3. Go to the next screen to associate users with any existing built-in groups

   4. On the next screen, keep the option All Session teams checked to associate users with all the available Session Teams

4. These users should be added to the HyWorks built-in directory and can be used for direct entitlements or group-based entitlements.

In a similar manner, users can also be added from the Groups wizard, where when adding or editing a group, there is an option present to add users from the authentication server.

Edit User

The Administrator can modify the details of a user using the followings steps:

1. Select a user from the list displayed in the User Management -- Users section

2. Click on the Edit button

3. The Edit User dialog will be displayed, with the following modifiable sections/controls:

   1. User Details:

      1. Display Name: Editable

      2. Username: Not editable

      3. Active: Editable

      4. Change Password: Select this checkbox to provide a new password for the user

   2. Assign Groups: To assign new groups or unassign existing groups

   3. Session Teams: To modify associations of users with the Session Teams

4. Change the required details and click on the Save button

5. All details should be saved and at the next synchronization event, these details will be updated on the Shared Session Host server as well.

Warning!

If the built-in authentication server is used as the authorization server, For Pool (Shared) Desktops and Applications, then each user needs to be  assigned teams. This is an additional requirement for built-in authentication.

If the team is not assigned to the user, then the Pool (Shared Hosted) Desktops and Applications 
will  not be available from any non-assigned teams, even if the user is entitled from the
Add/Edit Application, Add/Edit Shared Hosted Desktop or Add/Edit entitlement.

Delete User

The following two methods can be used to delete users from HyWorks:

Delete Manually

To delete users manually, follow the steps listed below:

1. Select one or multiple users from the list of users displayed in the User Management - Users section

2. Click on the Delete button

3. The Confirm Action dialog will be displayed, click on the OK button to continue deleting the selected users

4. The users will be deleted from the HyWorks Configuration

Delete Automatically using CSV Import

As specified in the CSV Template Fields and Import Behavior sub-section of Import Users (Add Users Automatically Using CSV Import section that specifying the value as True in the column Delete User deletes the user from the HyWorks Configuration. The steps listed below can be followed to delete multiple users at the same time:

1. Export the existing users list into a CSV file in the required file format

2. For all the users to be deleted, specify the value as True in the Delete User column

   

3. Import the CSV file using the process specified in the CSV Import Process section in Import Users (Add Users Automatically Using CSV Import

4. All the users specified with the value as True in the Delete User column of the imported CSV will be deleted. At the next synchronization event, the users should be removed from the respective Session Host Servers as well.

Sync Users

User synchronization refers to the process through which users (created manually or created using a CSV Import) will be added and updated into the member Session Host Servers of the associated teams. Since all the users are added/updated in the HyWorks Controller, follow the steps given below to synchronize them into the Session Host Servers:

1. Go to the User Management -- Users section

2. Click on the Sync Users button

3. The Confirm Action dialog will be displayed, showing a list of the Session Teams

4. Select the appropriate Session Teams in which users must be synchronized and click on the Yes button to continue

5. A success status message should be displayed in the top bar

6. All the users associated with the selected Session Team will be sent to all the member Session Host Servers and the following logs will be created on the Session Host Server

7. The HyWorks Session Host Server will create the users if they do not exist and will update them if they already exist on the Session Host Server

8. On completion of the operation, the logs will be sent to the Controller stating the number of users created, updated, deleted, or failed. (refer to the screenshots displayed above). For further information, refer to the Syncing Mechanism section

9. Upon the next successful login from the client, these built-in users will be able to connect to the assigned applications or the Shared Hosted Desktop sessions.

Syncing Mechanism

The following mechanism is used for user synchronization in HyWorks:

1. HyWorks sends a list of users to each member Session Host server of the Session Team

2. A Session Host server checks the members of the local group with the name "Accops_group".

   1. If a user in the list does not exist on the HyWorks Session Host server, the user will be created and will be made a member of Accops_group.

   2. If the user exists on the Session Host server but does not belong to the Accops_group, the user details will be updated (password, display name and Accops_group membership)

   3. If the user belongs to the "Accops_group", and if the user is included in the list, the user details will be updated, such as the password & display name

   4. If the user belongs to the 'Accops_group", and if the user is not included in the list from the Controller, the user is deleted from the RDS server. The profile of the user is also deleted.

   5. If the user list received from HyWorks is blank, the HyWorks Session Host will delete all the users who belong to "Accops_group".

3. Once all the users provided in the user list are synced, then the Session Host servers will send a summary of synchronization, providing information of the added, updated, deleted or failed user count.

   "User synchronization response from server \'mytesthyworks\': Added Users:10, Updated Users:2, Deleted Users:5, Failed Users:3"

4. If any synchronization failures are observed, the Session Host server logs can be analyzed for details, the default directory of the HyWorks Session Host server is as follows:

   C:\Program Files (x86)\Accops\HyWorks\SessionHost\Logs

Important Note: "Example of detailed logs"

2017-02-12 17:50:25,155 \[11\] ERROR EDCLog - Account for \'sec\'
insert failed. Reason: The password does not meet the password
policy requirements. Check the minimum password length, password
complexity and password history requirements.

2017-02-12 17:50:25,155 \[11\] ERROR EDCLog - Account for \'sec\'
updated failed. Reason: The username could not be found.

2017-02-12 17:50:25,217 \[11\] DEBUG EDCLog - Account for \'test
user\' Created Successfully

2017-02-12 17:50:25,858 \[11\] DEBUG EDCLog - User \'test user\' is
added to \'Accops\_group\' group

Export Users

If the Administrator requires a modification to the list of users using a CSV, then the list of users can be exported in the CSV format and can be re-imported with the modified details. The following steps can be used to export a users list:

1. Go to the User Management -- Users section

2. Click on the Export button

3. Select CSV File format in the Export dialog and click on the Export button

4. The Controller should process all the records and should display a dialog suggesting the status of the export operation with the Download button

   

5. Click on the Download button -- a CSV file in selected file format should be downloaded

6. The Administrator can use this exported file to modify the details and re-import it to update the details further.