VMware Horizon View 6.0x to 6.1 upgrade: Security server


VMware Horizon View 6.0x to 6.1 upgrade: Security server

In my previous blog I wrote about the upgrade process of the View Composer and connection servers to version 6.1, read the blog here. In this blog I will show you how to upgrade the security servers to version 6.1.
The blog will handle each component apart so that you have a clear understanding of the steps.
Also I advice you the read the VMware documentation to prepare yourself for upgrades, documentation is found here.
The Upgrade has a specific order you have to follow. The order is as follows;

Before you start

Open the View administration console and make a backup of the connection servers. Also create a snapshot of the virtual machine to make sure you have a fallback.

Firewall rules

Something changed with the coming of version 6.1, the new enhanced messaging mode is introduced. This mode uses port 4002 to communicate. From the documentation it seems that it a uni flow from the security server to the connection server.
So make sure you open your firewall before you start the upgrade for else you will get some messages like I did. 
Also in the View administration console make sure messaging security mode is disabled. Enable this after you upgraded every component to 6.1. The option is to be found under Global Settings Security Settings.
After you switched it off you are ready to go for the upgrade. If you didn’t like me and you didn’t hve the firewall rules in place like me….I’ll show you later on in this article.

Upgrade process

 Start the wizard with administrative privileges and you’re off..

Next step is the acceptance of the license agreement, nothing new there.
The security server is teamed with an internal Connection server, fill int he FQDN of the internal server it’s connected to. The server is reachable because you’re doing an upgrade, no worry about that.
VMware surprises us with a new port they use at this point, communications is done over 4002 now instead of 4001. If you forgot to open the firewall or if you are in a secure environment where opening the firewall takes a while you get this message.

It says that port 4002 is not open…
Next you type in the pairing password you just created from the administration console, go to Server Configuration / Servers and click on the Connection server / Extra Commands to set the password.
The pasword by default is only valid for 30 minutes. There is no need to create a difficult password, it’s only used once. I got the message below for the firewall is switched off. 
Next step is to check the addresses used, these should be correct as they are read from the configuration you are upgrading. If you forget this, you can do it later on through the management console.
The firewall configuration is next step, it can be done automatically.
A last confirmation and you are good to go..
The upgrade is done, no errors except the 4002 one… 
Now I took a look at the admin console to see whether the upgrade went successful. 
My issues… they never happen to you if you follow my guidelines 🙂
The icon never went green and stayed red. 
After a while the server names disappeared and the icons just show Unknown. At first I thought it had something to do with the firewall ports not being open and one event was giving a hint.
So we wait for the firewall rules to be applied…
Still debugging what is wrong, firewall rules should be applied now.

Leave a Reply

https://tracking.cirrusinsight.com/869c29e2-3a9b-48c5-9232-0b95e7993ae8/controlup-com-pixel-php