Administrator's GuideHP Session Allocation Manager (HP SAM) v.3.2
●Control of Linux Resources from the HP SAM administrative console:◦SAM 3.2 adds support for remotely performing the following operations on Linux-bas
Question AnswerWhy does a user, whose Security Group has been added toHP SAM from a child domain, receive the error “Your accountcannot be assigned to
C Registration Service Error CodesThe following is a list of possible errors which the registration service writes to the event log file on thecomputi
BC0024—Internal error. Contact your HP SAM support team.BC0025—Internal error. Contact your HP SAM support team.BC0026—Error communicating with the Te
BC0104—Failed to set up properties for listening UDP socket. Contact your HP SAM support team.BC0105—(Warning) this resource has no roles defined. Wit
D GlossaryAccess Device—A device such as a thin client used to access HP SAM to connect to computingresources.Active Directory—A Microsoft Windows dir
Registration Service—Sometimes referred to as the blade service, this is a service that runs on thecomputing resources that communicates the status of
IndexAaccess deviceadding manually 65changing 65deleting 65requirements 21access devices, managing 65access list 52access restrictions 82account, serv
ConnectionBar.ShowOnDisconnect40ConnectionBar.ShowReboot 40ConnectionBar.ShowTimingFactor40considerations, architectural 12Cookies box 71creatingmonit
IImageQuality 44installationerror 87new 25order 25upgrade 25installingAdministrative rights 23HP Blade Workstation Clientseries 36HP SAM client softwa
user 61users from Administratorgroup 53reportsResource CapacityConsumption 75Resource Capacity ConsumptionTrend 76Resource Utilization 77Reports tab 7
OverviewHP SAM enables automatic provisioning of remote computing resources to users.Figure 1-1 HP SAM ConfigurationHP SAM can be configured to enabl
userdeleting 61interface 51interface settings 42User name field 72User Sign-in Time Out 70usersadding 61managing 57removing from Administratorgroup 53
How HP SAM Works1. When a user on an access device (desktop, notebook, thin client) requests a desktop session, theHP SAM client sends a request to th
Overview5
HP SAM Software ComponentsThe following are the primary components of HP SAM.●HP SAM Client—The HP SAM Client runs on the access device and displays t
Common TasksSetting up HP SAM1. Install HP SAM. See Installation on page 25.2. Add users.a. Add new users. See Add New Users on page 61.b. Create admi
connects her access device to one of the three blade workstations (presuming one is available)supporting that role.8 Chapter 1 Introduction
Setting up a User with Static (Dedicated) ResourcesDedicated (static) resource assignment allows one or more specific computing resources to be assign
Configuring a Monitor Layout for a UserHP SAM allows a user to connect to multiple computing resources, thereby creating simultaneousremote sessions.
Figure 1-5 Monitor Offset Configuration ExampleCommon Tasks11
© Copyright 2007–2010 Hewlett-PackardDevelopment Company, L.P. The informationcontained herein is subject to changewithout notice.Microsoft and Window
2RequirementsHP SAM Hardware and Software RequirementsArchitectural Considerations and Best Practices for Setting up an HPSAM EnvironmentServer Sizing
Most Administrators already know how to size a SQL database based upon amount of data captured,however, simultaneous HP SAM logons and logoffs can imp
If you want to avoid continuing to increase memory and processor cores on the HP SAM Server, createmultiple gateway servers and split user populations
Domain Environment Requirements for HP SAM●HP SAM is supported in domains whose domain controllers are running Windows 2003 Server orlater.●HP SAM is
HP SAM Web Server Software RequirementsNOTE: The HP SAM Web server software is not supported on a server running Windows 2008 R2Server. This operating
HP SAM Hardware and Software Requirements17
18 Chapter 2 Requirements
HP SAM Hardware and Software Requirements19
HP SAM SQL Database Server Software RequirementsMinimum:One of the following must be installed:●Microsoft SQL Server 2005 Enterprise, Standard, or Exp
NOTE: HP SAM 2.2 and earlier clients are not able to connect to Linux resources.●Linux RHEL5 64 bit (update 2 or later)●Linux RHEL6 64-bitInstall and
About This BookWARNING! Text set off in this manner indicates that failure to follow directions could result in bodilyharm or loss of life.CAUTION: Te
Mobile Thin ClientHardware Requirements●HP Compaq 6720t Mobile Thin Client (with Windows XP Embedded operating system)●HP Compaq 2533t Mobile Thin Cli
Software Requirements●Windows XP Professional, 32-bit or 64-bit, with Service Pack 2 or 3●Windows Vista, Business and Enterprise, 32-bit or 64-bit wit
NOTE: Active Directory running on Windows Server 2000 Domain controllers is not supported.Domain functionality levels supported●Windows 2003●Windows 2
3 InstallationOrder of InstallationNew InstallationFor new setup, the recommended order of installation is:1.Install the HP SAM Web Server and SQL Sof
You should see Command(s) completed successfully In the messages section.2. Shrink the database:a. Open SQL Server Management Studio and expand the Da
4. For HP SAM Web server installation, the installer asks for a user account. The user account is theowner (known as the HP SAM service account) of th
14. If your network environment uses a hardware and/or software firewall, then you need to make thefollowing changes to the firewall for the HP SAM we
Configure Secure Socket Layer (SSL)SSL:You may configure SSL on the HP SAM web server (which includes installing a certificate) to encryptyour passwor
●After you customize the configuration file (required—see Create the HP SAM Registration ServiceConfiguration File on page 30), rename (or Save As) th
;DnsDomain=ExampleDomain.com[WebServerList]server1.yourdomainserver2.yourdomain[RolesList]sample-role-1sample-role-2[AssetGroupList]sample-asset-group
iv About This Book
[AssetGroupList]The [AssetGroupList] section lists zero or more asset groups to which the computing resource canbelong. The HP SAM administrator or do
Test the HP SAM Registration ServiceLog onto the HP SAM administrative console, click on the Resources tab, and search for thecomputing resource withi
Table 3-1 HP SAM Client ComparisonFeatures InternetExplorer-BasedWindows XPEmbedded-BasedBladeWorkstationClientEmbedded OS-BasedLinux-BasedOperating
NOTE: HP recommends that you add the HP SAM web server to the Trusted Sites list. On the accessdevice, open Internet Explorer and go to Tools > Int
Customization Steps(Recommended)1. Start up the HP SAM client.2. Type the HP SAM web server name.3. Click the Options button.4. Change appropriate con
5. Change appropriate connection settings.6. Click the Save Settings button. Click OK in the message confirming that the settings weresaved.7. Select
Red Hat Enterprise Linux (RHEL) ClientTo install the HP SAM Linux Client on a system running RHEL version 4 or 5:1. Log onto the access device using a
●DefaultPolicy—string value. This is the policy that should be selected by default in the client’sLoad Predefined Settings list on the Other tab of th
●ConnectionBar.EnableCloseAll—integer value, 0 or 1. When set to 1, enables theDisconnect All button on the connection bar. The default value is 1.●Co
NOTE: The options to log off or reboot from the connection bar are disabled by default in the Globalpolicy. The following requirements must be met for
Table of contents1 Introduction ...
●SmartCardUidOid—string value. The OID associated with the entered SmartCardUidType. Notall Types require an OID. An entry is required is SmartCardUid
NOTE: The UILanguage specified must either be the same language as the HP SAM clientapplication that you have installed or English. If you installed t
Policy EntriesYou can set policy entries by manually editing the .SAM file. These settings must be located in a policysection of the .SAM file, for ex
●Themes—0 or 1. If 1, Windows XP themes are shown in the session. This value is only supportedfor RDP connections. Default is 1.●Animation—0 or 1. If
●ClearType—integer value, 0 or 1. When set to 1, support for Font Smoothing is enabled in anRDP6 session. This option is ignored for RDP5, RGS, and rd
Global and Local Client Configuration FilesThis feature allows administrators to 'lock down' certain options, while allowing other options t
/opt/hpsam/hprdc_admin.samLegal BannerThis allows a legal disclaimer to be displayed before logon. Name the file disclaimer.<file type> andcopy
de_DE.UTF-8 German -- Deutschit_IT.UTF-8 Italian -- Italianoja_JP.UTF-8 Japaneseko_KR.UTF-8 Koreannb_NO.UTF-8 Norwegian -- Norskpt_PT.UTF-8 Portuguese
Deploy HP SAM Client Software to All HP SAMAccess DevicesTo deploy the HP SAM Internet Explorer-based client, instruct your users to go to the HP SAM
4 AdministrationLog InIn the Internet Explorer address bar, enter in the HP SAM web server name with “/manage” added tothe URL (for example, http://HP
Grant Users HP SAM Administrator Access ... 28Configure HP SAM System Settings ...
Managing the HP SAM Administrator Access ListThe Domain Administrator, Domain Users in the Administrators group on the domain controller, andDomain Us
Add Security Groups or Organizational Units to the HP SAMAdministrator GroupTo add many users:1. Leverage Active Directory services by adding the name
HP SAM Administrative Console TabsHome TabWhen you log onto HP SAM, the Home tab page is the default. HP SAM shows a snapshot of currentresource statu
●Public column:◦If selected, the role is available for all users in Active Directory.◦If not selected, then the role is only available to user(s) in t
Manage Administrative PermissionsNOTE: You must have full HP SAM Administrator permissions to:—Create, modify, or delete an Administrator group.—Assig
Manage UsersBy default, the search shows all users, security groups, and OUs.●Search For: Organizations (OU), Security Groups, Users—Select in which g
7. Double-click asset groups or use the arrows between the Available and Selected boxes to movethe asset groups. Place all asset groups you want to as
e. Click Save to change the resource assignment.f. Repeat a–e for each additional resource to be assigned to the user.7. If you want to change the fri
NOTE: A message will be displayed if you attempt to assign resources to a user who already hasresources or if the primary roles do not have enough res
8. Select the USB Default, which is the session you want RGS to use by default with USB devicesconnected to the access device.9. Click Save.To Change
Resource Reservations (AKA Access Restrictions) ... 82Authenticate Before Allocat
NOTE: Searching by Global Catalog displays all users from external domains. Users from otherdomains can be added to HP SAM using Global Catalog, but t
Manage ResourcesBy default, the search shows all computing resources (such as blade PCs). You can narrow the list ofresources shown by using the filte
To perform any of the operations listed below:1. Select the appropriate resource(s).2. Select the task to perform in the Operation list.3. Click the G
double arrows move all items in the list. You can display a minimum of three and a maximum of sixcolumns.Manage Access DevicesTo Add an Access Device
4. Select the Asset Groups associated with this monitor layout.5. Click Save to add the new ID.To Modify a Monitor Layout1. If you want to change the
5. Select the check boxes for the enclosures to add, and then click Save.6. Click Close.To Delete Enclosures from a Data Center1. Select the check box
Policies TabPolicy management allows administrator to override the user’s HP SAM client settings. In general, theuser is allowed the flexibility to cu
Table 4-1 Effective Hierarchical Policy Example (continued)Parameter Global Role OU SG1 SG2 User Effective3P6ON OFF ON OFF ON Not Assigned OFF1The or
System Settings TabThis tab allows the administrator to set how the HP SAM server behaves.GeneralThis page allows the administrator to define the sett
●Multi-Session Autoconnection—When enabled, allows the system to autoconnect users to allresources of the chosen type which are assigned to the user w
viii
●Banner text—Select the language and type the appropriate message in the box to change thecustomizable message that is displayed to the user on the HP
Auto SchedulesNOTE: These schedules can now be found on the Auto-Schedules page instead of the top menu.Resource Synchronization SchedulerTo schedule
◦Delete without saving—Select this if it is okay for the data to be permanently deleted.◦Save as CSV file and then Delete—Select this to save to an ex
administrative console) that is before the SA expiration date. If you install a version of SAM which hasan Effective Date that is after the SA expirat
Display Options●Threshold Percentages—On the report you can highlight the data if it exceeds the numberentered here.◦Minimum Available—If data is belo
Display Options●Threshold Percentages—On the report you can highlight the data if it exceeds the numberentered here.◦Minimum Available—If data is belo
Filters●Total Resources—Physical count is based on unique physical resource (i.e., primary role only).Logical count produces higher numbers because a
You have four operations you can perform:●Save selected●Save entire log●Delete selected●Delete entire logSetting Up Smart Card Logon on the Access Dev
7. If you want the system to automatically launch the HP SAM client when a users inserts a smartcard, see steps a and b. (NOTE: Step a is the default
To import the session timers into the Group Policy Management utility on the domain controller:1. Copy the HPCCIST.ADM file to the domain controller.2
1 IntroductionHP Remote Client Solutions are designed to support a variety of users’ needs, from the most basiccomputing tasks to more demanding profe
Session Timers for LinuxHP SAM Session Timers for Linux have been added to provide functionality to administrators on Linuxresources similar to what p
same role begins (or at 12:00 midnight, if no other reservations are set.) A dialog warns the userbefore the logoff occurs. The lead time of this warn
To enable this feature, all of the following must be configured:●Enable Authentication before Allocation on the General page of System Settings on the
A Firewall RulesThis appendix lists the rules needed for communication between the various components. The values inparenthesis represent ports, with
◦From clients (TCP/ANY) to resources (TCP/3389—RDP)◦From clients (TCP/ANY) to resources (TCP/42966)—RGS)NOTE: The default RGS port is TCP/42966; howev
B Frequently Asked QuestionsQuestion AnswerWhy do some users on the HP SAM client have to select arole or resource to connect and others do not.Users
Question AnswerHow do I enable HP Sygate Security Agent on the WindowsXP Embedded-based thin client for the HP SAM client(s)?Go to HP Sygate Security
Question AnswerHow can I change both the HP SAM web server http and httpsports to some other value beside the default 80 and 443?After changing the de
Question AnswerHow do I change the HP SAM datagram communication portto another value beside the default 47777? Modify the connection.config file loca
Question AnswerUsers are getting the message All resources are currentlyin use. Please try again later but there appear to be freeresources according
Comments to this Manuals