Understanding Command Line Tool for VMware Horizon (vdmadmin.exe)

No comments

A lot of customers ask me how to manage VMware Horizon in some ways which command line should be used to allow this. One common example questions is: How can I select which domains I would like to let customers use to connect to? (In case a company has more than one domain. E.g: CompanyA and CompanyB.

In order to allow that, VMware Horizon has a command line called vdmadmin.exe, which is located into the following path:

C:\Program Files\VMware\VMware View\Server\bin\vdmadmin.exe

To understand what are the options we have to use vdmadmin.exe command line, I wrote this as part of my daily studies around VMware Horizon. I hope this is helpful for you.

All commands below were taken from VMware Docs, where you can check the source information and updated info:

VDM ADMIN COMMAND

Users and Desktop

Update FSP (Foreign Security Principals)

Syntax: -F

Usage: Security principals used by Active Directory in trusted external domains

  • Vdmadmin -F
  • vdmadmin -F -u DOMAIN\USERNAME

https://docs.vmware.com/en/VMware-Horizon-6/6.2/com.vmware.horizon-view.administration.doc/GUID-6A97C606-EB7B-4159-A24A-0B2D7362B95A.html

Update a Virtual or Physical machine user assignment

Syntax: -L

Usage: Persistent Pool

  • vdmadmin -L -d DESKTOP_POOL -m MACHINE-u DOMAIN\USER
  • vdmadmin -L -d DESKTOP_POOL -m MACHINE -r
  • vdmadmin -L -d DESKTOP_POOL -u CORP\USER -r

Client Authentication Configuration

Syntax: -Q

Usage: Enable / Disable View Connection Server for client authentication

  • vdmadmin – Q -enable -server SERVER_NETBIOS
  • vdmadmin – Q -enable -requirepassword -server SERVER_NETBIOS
  • vdmadmin -Q -disable -server SERVER_NETBIOS

Usage: Set default settings to use when adding client authentication defaults

  • vdmadmin -Q -clientauth -setdefaults -group AD_GROUP_NAME [-expirepassword | -noexpirepassword]
  • vdmadmin -Q -clientauth -setdefaults -nogroup
  • vdmadmin -Q -clientauth -setdefaults -ou “OU_BASE_DN” -domain DOMAIN_FQDN

Usage: Get client authentication defaults

  • vdmadmin -Q -clientauth -getdefaults
  • vdmadmin -Q -clientauth -getdefaults -xml

Usage: Add client authentication user

  • vdmadmin -Q -clientauth -add -clientid CLIENT_ID -domain DOMAIN_FQDN [-ou OU_BASE_DN] [-password MY_PASSWORD] [-genpassword] [-expirepassword] -noexpirepassword] [-group AD_GROUP_NAME] [-nogroup] [-description TEXT]
    • CLIENT_ID = 11:22:33:44:55:66 <MAC ADDRESS>
    • CLIENT_ID = cm-<MAC ADDRESS>
    • CLIENT_ID = custom-<name>
    •  e.g: vdmadmin -Q -clientauth -add -clientid 11:22:33:44:55:66 -domain DOMAIN_FQDN

Usage: Update client authentication user

  • vdmadmin -Q -clientauth -update -domain DOMAIN_FQDN -clientid CLIENT_ID [-password MY_PASSWORD] [-genpassword] [-description TEXT]

Usage: Remove client authentication users

  • vdmadmin -Q -clientauth -remove -domain DOMAIN_FQDN -clientauth -removeall [-force]

Usage: List client authentication users and server enable/disable settings

  • vdmadmin -Q -clientauth -list [-xml]

Show user information Syntax: -U Usage: Get user information

  • vdmadmin -U -u DOMAIN\USERNAME
  • vdmadmin -U -u DOMAIN\USERNAME -xml

Agents and Machines

Fetch or set agent information

Syntax: -A

  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -list [-n | -w] [-xml] 
    • -n = nonunicode
    • -w = unicode
    • List agent log files
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -getlogfile name -outfile path
    • Save agent log in to local file
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -getDCT -outfile path
    • Create and save agent DCT bundle
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -getversion [-n | -w] [-xml]
    • Get agent version
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -getstatus [-n | -w] [-xml]
    • Get agent status
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -getloglevel [-n | -w] [-xml]
    • Get log level
  • vdmadmin -A -d DSKTOP_POOL -m MACHINE_NETBIOS -setloglevel level
    • {trace | debug | normal}
    • Set agent logging level
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -override -I addr
    • Set IP/DNS override (??)
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -override -list [-n | -w] [-xml]
    • List IP/DNS override
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -reset-key
    • Reset the agent pairing key for the machine
  • vdmadmin -A -d DESKTOP_POOL -override -removeall
    • Remove IP/DNS overrides on a pool
  • vdmadmin -A -d DESKTOP_POOL -m MACHINE_NETBIOS -override -r
    • Remove IP/DNS override

Machine information and administration

Syntax: -M

  • vdmadmin -M -m MACHINE_NETBIOS [-n | -w] [-csv | xml]
    • Show machine information
    • Sample:
  • Show machine information (by user)
    • vdmadmin -M -d DESKTOP_POOL -u DOMAIN\USERNAME  [-n | -w] [-csv | xml]
  • Mark a machine for space reclamation
    • vdmadmin -M -d DESKTOP_POOL -m MACHINE_NETBIOS -markForSpaceReclamation

Show assigned machines that are unentitled

Syntax: -O


Parameters: 

  • -b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -ld | -bydesktop
    • List by desktop
  • -lu | -byuser
    • List by user
  • -n | -nonunicode
    • Use non-unicode output
  • -w | -unicode
    • Use unicode for output
  • -xml
    • Produce output in XML format
  • -noxslt
    • Do not include xslt in xml output
  • -xsltpath path
    • Use specified xslt in xml format

Command Syntax: 

  • vdmadmin -O [-ld | -lu] [-n | -w] [-xml] [-xsltpath path | -no xslt]
    • Show unentitled machines

Show user policies for unentitled machines

Syntax: -P

Parameters: 

  • -b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -ld | -bydesktop
    • List by desktop
  • -lu | -byuser
    • List by user
  • -n | -nonunicode
    • Use non-unicode output
  • -w | -unicode
    • Use unicode for output
  • -xml
    • Produce output in XML format
  • -noxslt
    • Do not include xslt in xml output
  • -xsltpath path
    • Use specified xslt in xml format

Command Syntax:

  • vdmadmin -P  [-ld | -lu] [-n | -w] [-xml] [-xsltpath path | -no xslt]
    • Show unentitled policies

Connection Servers and Infrastructure

Set cluster name for connection servers group or display GUID

Syntax: -C

Parameters:

  • -b | – bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -c | -cluster name
    • Name of the Cluster

Command Syntax:

  • vdmadmin -C -c MYConnectionServerClusterName
    • Set the Cluster Name
  • vdmadmin -C
    • Show broker GUID

Show health information

Syntax: -H

Parameters: 

  • -b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -monitorid monitor
    • Name of a health monitor
  • – instanceid instance
    • Name of a monitor instance
  • -list
    • Output a list
  • -n | -nonunicode
    • Use non-unicode output
  • -w | -unicode
    • Use unicode for output
  • -xml
    • Produce output in XML format

Commands Syntax:

  • vdmadmin -H [-monitorid monitor] -list [-n | -w] -xml
    • List health monitors os instances
  • vdmadmin -H -monitorid monitor -instanceid instance [-n | -w] -xml
    • Show health for a monitor instance
  • vdmadmin -H -list -xml
  • vdmadmin -H -monitorid DomainMonitor -xml -n

Logging and Reporting

Syntax: -I

Parameters:

  • b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -list
    • Output a list
  • -report type
    • Specify report type
  • -view name
    • The name of a report view
  • -Startdate YYYY-MM-DD-HH:mm:ss
    • A start date
  • -Enddate YYY-MM-DD-HH:mm:ss
    • An end date
  • -n | -nonunicode
    • Use non-unicode output
  • -w | -unicode
    • Use unicode for output
  • -csv
    • Product output in CSV format
  • -xml
    • Produce output in XML format

Commands Syntax:

  • vdmadmin -I  -list [-n | -w] [-xml]
    • List available reports and views 
  • vdmadmin -I -report type -view view [-startdate DATE] [-enddate DATE] [-n | -w] [-csv | -xml]
    • Output reports
  • vdmadmin -I -eventSyslog -disable
    • Disable syslog
  • vdmadmin -I -eventSyslog -enable – localOnly
    • Enable local only syslog
  • vdmadmin -I -eventSyslog -enable -path PATH -user DOMAIN\USER -password PASSWORD
    • Enable syslog with username and password
  • vdmadmin -I -timingProfiler -enable [-s CONNECTION_SERVER]
    • Enable syslog profiler events for specified server or this server if omitted
  • vdmadmin -I -timingProfiler -disable [-s CONNECTION_SERVER]
    • Disable timing profiler events for specified server or this server if omitted

Network and domain configuration

Syntax: -N

Parameters:

  • b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -s | -server NETBIOS_NAME
    • Computer name of a Connection Server
  • -include
    • Include item or entry
  • -Exclude
    • Exclude item or entry
  • -search
    • Search or set search configuration
  • -add
    • Add item or entry
  • -r | -remove
    • Remove item or entry
  • -removeall
    • Remove all items / entries
  • -domain name
    • Specify domain
  • -domains
    • Manage domain configuration
  • -list
    • Output a list
  • -active
    • Currently active information
  • -n | -nonunicode
    • Use non-unicode output
  • -w | -unicode
    • Use unicode for output
  • -xml
    • Produce output in XML format

Commands Syntax: 

  •     vdmadmin -N -domains [-s CONNECTION_SERVER] {-include | exclude | -search} {-add | -remove | -removeall} [-domain DOMAIN]
  • Set broker domain configuration <EXCLUDE takes precedence>
  • vdmadmin -N -domains -list [-n | -w] [-xml]
    • Get full domain configuration

Manage a Connection Server entry

Syntax: -S

Parameters:

  • b| -bind {username domain | username@domain | domain\username}
    • Specify credentials
  • -s | -server NETBIOS_NAME
    • Computer name of a Connection Server
  • -r | -remove
    • Remove item or entry

Command Syntax: 

  • vdmadmin -S -s CONNECTION_SERVER -r
    • Remove connection server entry

Note: This configuration removes Connection Server from ADAM Database.

Domain authentication configuration

Syntax: -T

Parameters:

  • -domainauth
    • Domain authentication configuration
  • -add
    • Add item or entry
  • -update
    • Update an existing Client authentication user
  • -r | -remove
    • Remove an item or entry
  • -removeall
    • Remove all item / entries
  • -list
    • Output a list
  • -owner DOMAIN\USERNAME
    • The name of an owner
  • -password PASSWORD
    • Password to be stored for client authentication, or in conjunction with username parameter. Use ‘*’ to be prompted
  • -u | -user DOMAIN\USERNAME
    • The name of a user

Commands Syntax: 

  • vdmadmin -T -domainauth -add -owner BROKER\ADMIN -user USERS\MYUSER -password PASSWORD
    • Add domain authentication user
  • vdmadmin -T -domainauth -update  -owner BROKER\ADMIN -user USERS\MYUSER -password PASSWORD
    • Update domain authentication user
  • vdmadmin -T -domainauth -remove  -owner BROKER\ADMIN -user USERS\MYUSER
    • Remove domain authentication user
  • vdmadmin -T -domainauth -removeall  -owner BROKER\ADMIN
    • Remove all domain authentication users
  • vdmadmin -T -domainauth -list  -owner BROKER\ADMIN
    • List domain authentication users

LDAP utilities

Syntax: -X

Parameters:

  • -collisions
    • Show / Resolve LDAP collision entries
  • -schemacollisions
    • Show/Resolve LDAP schema collision entries
  • -resolve
    • Resolve LDAP inconsistencies
  • -global
    • Use global LDAP instance
  • -lpinfo
    • Linked POD info
  • -s | -server CONNECTION_SERVER
    • Computer name of a Connection Server
  • -pod
    • POD name
  • -force
    • Perform an operation unconditionally
  • -u | -user DOMAIN\USERNAME
    • The name of a user
  • -password PASSWORD
    • Password to be stored for client authentication, or in conjunction with username parameter. Use ‘*’ to be prompted
  • -xml
    • Produce output in XML forma

Commands Syntax: 

  • vdmadmin -X -collisions [-resolve]
    • Shoe/resolve LDAP collision entries
  • vdmadmin -X -schemacollisions [-resolve] [-global]
    • Show/resolve LDAP schema collision entries
  • vdmadmin -X -lpinfo [-xml] 
    • Linked POD info

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.