Horizon EUC Access Point Configuration Script

Horizon 6.2 included a new feature when it was launched in early September – the EUC Access Gateway.  This product is a hardened Linux appliance that has all of the features of the Security Server without the drawbacks of having to deploy Windows Servers into your DMZ.  It will also eventually support Horizon Workspace/VMware Identity Manager.

This new Horizon component exposes the “cattle philosophy” of virtual machine management.  If it stops working properly, or a new version comes out, its to be disposed of and redeployed.  To facilitate this, the appliance is configured and managed using a REST API.

Unfortunately, working with this REST API isn’t exactly user friendly, especially if you’re only deploying one or two of these appliances.  This API is also the only way to manage the appliance, and it does not have a VAMI interface or SSH access.

I’ve put together a PowerShell script that simplifies and automates the configuration of the EUC Access Gateway Appliances.  You can download the script off of my Github site.

The script has the following functions:

  • Get the appliance’s current Horizon View configuration
  • Set the appliance’s Horizon View configuration
  • Download the log bundle for troubleshooting

There are also placeholder parameters for configuring vIDM (which will be supported in future releases) and uploading SSL certificates.

The syntax for this script’s main features look like:

Set-EUCGateway -appliancename -adminpassword P@ssw0rd -GetViewConfig

Set-EUCGateway -appliancename -adminpassword P@ssw0rd -SetViewConfig -ViewEnablePCoIP -ViewPCoIPExternalIP $ViewDisableBlast

Set-EUCGateway -appliancename -adminpassword P@ssw0rd -GetLogBundle -LogBundleFolder c:\temp

If you have any issues deploying a config, use the script to download a log bundle and open the admin.log file.  This file will tell you what configuration element was rejected.

I want to point out one troubleshooting note that my testers and I both experienced when developing this script.  The REST API does not work until an admin password is set on the appliance.  One thing we discovered is that there were times when the password would not be set despite one being provided during the deployment.  If this happens, the script will fail when you try to get a config, set a config, or download the log bundle.

When this happens, you either need to delete the appliance and redeploy it or log into the appliance through the vSphere console and manually set the admin password.

Finally, I’d like to thank Andrew Morgan and Jarian Gibson for helping test this script and providing feedback that greatly improved the final product.

EUC5404 – Deliver High Performance Desktops with VMware Horizon and NVIDIA GRID vGPU

Notes from EUC5405.

Reasons for 3D Graphics

  • Distributed Workforces with Large Datasets – harder to share
  • Contractors/3rd Party workers that need revocable access – worried about data Leakage and Corporate Security

Engineering firm gained 70% productivity improvements for CATIA users by implementing VDI – slide only shows 20%

Windows 7 drives 3D graphics, Aero needs 3D.  Newer versions of Windows and new web browsers do even more.

History of 3D Graphics in Horizon

  • Soft3D was first
  • vSGA – shared a graphics card amongst VM, limited to productivity and lightweight use
  • vDGA – hardwire card to virtual machine
  • GRID vGPU – Mediated Pass-thru, covers the middle space between vSGA and vDGA

vGPU defined – Shared access to physical GPU on a GRID card, gets access to native NVIDIA drivers

vGPU has official support statements from application vendors

Product Announcement – 3D graphics on RDSH

vGPU does not support vMotion, but it does support HA and DRS placement

Upgrade Path to Horizon vGPU

If you already have GRID cards and are using vDGA or vSGA, there is an upgrade path to vGPU.


  • Upgrade to vSphere 6.0
  • Upgrade Horizon to 6.1 or newer
  • Install NVIDIA VIBs on host
  • Upgrade VMs to version 11
  • Set vGPU profiles
  • Install drivers in VMs

vGPU has Composer Support

GRID Profiles set in vCenter

Two settings to configure – one in vCenter (vGPU Profiles) and one in Horizon

GRID 2.0 – bringing Maxwell to GRID

More users, Linux Support

Moving to Platform – software on top of hardware instead of dedicated product line for GRID

GRID 2.0 is hardware plus software.  Changing from being a driver into a platform and software with additional features

Licensing is changing. Licensed user groups.

Grid Editions

vMotion not coming today – much more complicated problem to solve

GRID editions

GRID Use Cases

Virtual PC – business users who expect great perf, AutoCAD, PhotoShop

Virtual Workstation – Siemens, Solidworks, CATIA, REVIT

Virtual Workstation Extended – Very high end.  Autodesk Maya


High-Perf VDI is not the same your regular VDI

  • Density goes down, CPU/Memory/IOPS/Rich Graphics capabilities go up
  • Workloads are different than traditional VDI

Hardware Recommendations

  • vSphere 6.0 Required
  • VM must be HW version 11
  • 2-8 vCPUs, at least 4 for Power Users
  • Minimum 4GB RAM
  • 64-bit OS

Required Components in VMs:

  • VM Tools
  • View Agent
  • NVIDIA Driver

Use the VMware OS Optimization Tool fling.  Users can see up to 40% in resource savings.

Sizing Rich Graphics – Storage

Storage still critical factor in performance

CAD users can demand more than 1TB of storage per desktop

Size and performance matter now

Storage Options:

  • Virtual SAN – SSD based local storage
  • Or All-Flash based SANs

Bringing Rich 3D into Production

  • Establish End-User Acceptance Criteria to verify that User Experience is acceptable
  • Have end users test applications and daily tasks
  • Time how long it takes to complete tasks

VAPP5483 – Virtualizing Active Directory the Right Way

Notes from VAPP5483 – Virtualizing Active Directory the Right Way

Active Directory Overview

Windows Active Directory multi-master replication conundrum

Writes originate from any DC

Changes must converge

  • Eventually
  • preferably on time

Why virtualize Active Directory

  • Virtualization is mainstream at this point
  • Active Directory is fully supported in virtual environments
  • Active Directory is virtualization friendly -> Distributed multi-master model, low resource requirements
  • Domain Controllers are interchangable -> one breaks, they can be replaced. Cattle, not pets
  • Physical domain controllers waste compute resources

Common Objections to DC Virtualization

  • Fear of the stolen VMDK -> no different than stolen server or backup tape
  • Priviledge Escalation -> vCenter priviledges are separate
  • Have to keep certain roles physical -> no technical reason for this, can seize or move roles if needed
  • Deviates from standards/build process -> helps standardization
  • Time Keeping in VMs is hard -> Presenters agree

Time Sync Issues

Old way – VMs get time from ESXi

Changed to use Windows time tools

KB 1189 -> time sync with host still happens on vMotion or Guest OS reboot


Demo -> moving PDC emulator to host with bad clock

If time on host is more than 1 year old, NTP cannot update or fix the time

How do we determine the correct time

Ask ESXi host?

This could be OK if…

  • Host times are always right
  • CMOS doesn’t go bad
  • Rogue operations don’t happen
  • Security is a thing other people worry about

Reality – Stuff happens…

vSphere default behavior corrects time on the PDC emulator

Can cause a lot of issues in impacted Windows Forests

Preventing Bad Time Sync

  • Ensure hardware clock is correct
  • Configure reliable NTP
  • Disable DRS on PDCe
  • Use Host-Guest Affinity for PDCes
  • Advanced Settings to disable Time Sync –> KB 1189

Best Practices

Don’t use WAN for Auth –  Place domain controllers locally

Distribute FSMO Roles

Use Effective RBAC – don’t cross roles unless needed, give rights only to trusted operators

To P2V or Not – don’t do it unless you hate yourself

Use Anti-Affinity Rules -> don’t have DCs on the same hosts, use host rules to place important


vCPU – under 10K users, 1 vCPU, over that, start with 2 vCPU

RAM – database server, database is held in RAM, more RAM is better, perfmon counter shows cache usage

Networking – VMXNET3

Storage – Space that it needs plus room to grow


70% of issues are DNS issues

AD requires effective DNS

DNS solution – doesn’t matter if Windows or Appliance, but must be AD-Aware

Avoid pointing DNS to itself, otherwise DNS cannot start

Virtual Disk -> Caching MS KB 888794

Preventing USN Rollback

AD is distributed directory service, relies on clock-based replication

Each DC keeps track of all transactions and tags them with a GUID

If a DC is snapshotted and rolled back, local DC will believe it is right, but all others will know it is bad and refuse to replicate with it. This is called USN rollback

Demo USN rollback

If you have 2008 R2 and below DCs, they will stop replicating. Both will still advertise as domain controllers

VM-Generation ID – exposes counter to guest

  • 2012 and newer. Operating system level feature and must be supported by hypervisor
  • vSphere 5.0 Update 2 and newer
  • Attribute is tracked in local copy of database on local domain controller, triggered by snapshots and snapshot rollback

Provides protection against USN rollback

Invented specifically for virtual domain controllers, allows for cloning of domain controllers

Demo – Clone a Domain Controller

Domain Controller must have software and services that support cloning – agents have to support cloning

Do NOT hot clone a domain controller. Must be in powered off state

Do not clone a DC that holds FSMO roles

Can Clone the PDCe, must power up reference domain controller before powering on clone

DNS must work

Do not sysprep the system

DC Safeguard allows a DC that has been reverted/restored to function as a DC

How it works:

  • VM Generation ID checked on DC boot, when a snapshot is created,  or when the VM is reverted to an old snapshot.  VM Generation-ID on VM is checked against the copy in the local database.
  • If it differs, RID Pool dumped and new RID pool issued
  • When Generation ID has changed, AD will detect it and remediate it
  • RID pool discarded, get new RID Pool and objects are re-replicated. VM essentially becomes a new DC

What’s New in VMware Horizon 6.2–User Experience

One of the areas where Horizon 6.2 has a lot of improvements is in the User Experience category.  The new version adds new features as well as brings a few older features out of tech preview.

Client Drive Redirection for VDI and RDSH

Client Drive redirection for Windows was in Tech Preview in Horizon 6.1.1.  It officially comes out of Tech Preview in Horizon 6.2, and it is now supported on both Windows and Mac clients.  It is also available as a tech preview for Linux clients.

This feature, when installed on the virtual desktop, allows users to remotely access files and data that might have stored on their local PC.  It utilizes compression and encryption when transferring files from the endpoint into the virtual desktop or server. 

Windows 10 Support

Although Windows 10 was officially supported on vSphere 6 on Day 1, it wasn’t supported in Horizon.  Virtual desktops built on Windows 10 would work, but there limits to what you could do, and other components of the Horizon Suite were not designed to work with or support it.

Horizon 6.2 has full support for Windows 10.  The Horizon Agent and Client are supported.  This includes Smart Card authentication support.

Windows 10 is only supported when running ESXi 5.5 Update 3 or ESXi 6.0 Update 1.

File Type Associations for Published Apps

There are times when I may want to allow a user to launch an application or work with files without installing the required applications on their machines.  In these cases, the user would then have to log into Horizon, launch the application, and then navigate to the network location where the file was stored.

But what if I could register a file handler in Windows that would allow me to double click on that file and have it launch the remote application automatically?  Horizon 6.2 now adds this capability.

In order to improve the user experience when opening files remotely, a data compression algorithm is utilized when transferring the files up to the remote host.  This transfer is also protected with SHA 256 encryption for when clients are remotely accessing the remote application over the Internet.

Mac OSX and IOS Support

Horizon Client 3.5 will be supported on OSX 10.11 and IOS 9.

Biometric Authentication

The Horizon Client for IOS will support biometric authentication.  This feature will allow users to store their credentials in Keychain and utilize their fingerprints to sign into their virtual desktops or published applications.  Administrators can also define polices for who can use this feature from with the Horizon Administrator console.

This feature is only supported with Horizon 6.2 when using Horizon Client 3.5.  The mobile device must also be running IOS 8 or IOS 9.

What’s New in VMware Horizon 6.2–3D Graphics

3D graphics are becoming increasingly important in virtual desktop environments.  While a number of high-end applications and use cases, such as CAD and medical imaging, require 3D graphics, modern applications are increasingly turning to the GPU to offload some processing.  These days, most web browsers, Microsoft Office, and even Windows are utilizing the GPU to assist with rendering and other tasks.

VMware has been slowly adding 3D support to Horizon.  Initially, this was limited to dedicating GPUs to a virtual machine or sharing the GPU through hypervisor-level components.  Horizon 6.1 added  NVIDIA’s vGPU to provide better shared GPU access.

Horizon 6.2 includes a significant number of improvements to virtual 3D acceleration.  In fact, most of the improvements are in this category.


NVIDIA announced the next generation of GRID on Sunday afternoon.  For more information, see my write-up on it here.


AMD/ATI graphics cards were supported on virtual desktops in vSphere 5.x and Horizon 5.x.  This did not carry over to Horizon 6.  AMD support has been reintroduced in Horizon 6.2 for vDGA.

3D Support for RDS Hosted Applications

RDS desktops and published applications will now support both vDGA and vGPU when utilizing supported NVIDIA graphics cards.  3D acceleration is supported on RDSH servers running Windows Server 2008 R2 and Windows Server 2012.

Linux Desktop vSGA and vGPU Support

When Linux desktops were introduced in Horizon 6.1.1, they only supported vDGA for 3D graphics.  This limited Linux to a few specific use cases.

Horizon 6.2 adds significant support for 3D acceleration.  Both vSGA and vGPU are now available when utilizing supported NVIDIA graphics cards.

Linux desktops with vGPU will be able to utilize OpenGL 2.1, 3.x, and 4.x, while desktops with vSGA will be limited to OpenGL 2.1.

4K Resolution Support

4K content is extremely high resolution content, and more 4K content will appear as the displays start to come down in price.  These displays, which have a resolution of 3840×2160, are useful in situations where high resolution imaging is needed.

Horizon 6.2 will support in-guest resolutions up to 3840×2160.  In order to achieve this, Horizon Agent 6.2 is needed in the guest, and the client must be connecting with Horizon Client 3.5.

The guest operating system must be running Windows.  A Windows 7 virtual desktop can support up to three 4K monitors when running on a VM with HW version 11 and with Aero disabled.  Windows 7 machines with Aero enabled, or Windows 8 desktops running on HW version 10 can support a single 4K monitor.

Please note that this is for in-guest display resolutions.  Clients that have a 4K display with High DPI scaling are not supported at this time.

What’s New in VMware Horizon 6.2 – RDSH and Application Publishing

Publishing applications from RDSH servers was one of the big additions to Horizon 6.0.  Horizon 6.2 greatly expands on this feature set, and it offers many new capabilities under the covers to improve the management of the environment.

Cloud Pod Support for Applications

Horizon’s Cloud Pod for multi-datacenter architectures has been expanded to include support for RDSH-published applications.  Users can now be entitled to an application once and access them across Horizon pods and/or datacenters. 


Enhanced RDSH Load Balancing

The load balancing and user placement algorithms have been enhanced in Horizon 6.2 to ensure that users do not get placed on an already overloaded server.  There are two main improvements that enable this:

1. The load balancing algorithm utilizes Perfmon counters to determine which hosts are optimal for starting new sessions.  The View agent runs a script to collect system performance data, and it reports back to the connection servers with a recommendation based on the system’s current performance.  A server placement order is calculated based on the data that the View Agents return.

2. Application anti-affinity rules will look at the number instances of an application that is running on an RDSH host.  If the number of a particular application is higher than a predefined value, user connections will be directed to another host.  Application anti-affinity rules process after the server placement order has been determined.

There are a couple of things to be aware of with the new load balancing algorithms.  First, they only apply to new sessions, so if a user already has a session on an RDSH server, they will be reconnected to that session and be able to launch any application, even if it violates an anti-affinity rule.

Application anti-affinity rules also do not apply to RDSH desktop sessions.

Linked-Clone Support and Horizon Composer for RDSH

If you had wanted to build an RDSH Farm for Horizon 6.0, you would have had to build, deploy, and manage each server manually.  There was no built-in way for managing server images or server updates.  This could also be an inefficient use of storage.

Horizon 6.2 changes this.  Composer now supports linked-clone RDSH servers.  This brings the benefits of linked-clone desktops, such as automated pool builds, single image management, and system and application consistency, to server-based computing.

What’s New in VMware Horizon 6.2–Core Infrastructure

In order to set up and run VMware Horizon, you need to have a vSphere infrastructure and Windows VMs to run the server components.  Horizon 6.2

Horizon Access Point

One of the challenges of deploying Horizon is that, in order to provide external access, you need to deploy Windows machines into your network’s DMZ.  These servers, called Security Servers, run a subset of the Connection Broker that proxies or tunnels PCOIP, Blast, and RDP connections into your environment.

Horizon Security Servers have their limitations, though.  To start with, they are usually not joined to an Active Directory domain, so they cannot be configured or managed with the Group Policies that manage the rest of your infrastructure.  Because these servers live in the DMZ, they also need to be patched frequently and secured.

Security Servers are also paired directly with a Connection Server.  If the Connection Server is not available, users who connect with that particular security server would not be able to authenticate or connect to a desktop.  This also limits the number of servers you can deploy to a maximum of seven. 

Horizon 6.2 will now include a new method of providing remote access called the Access Point.  The Access Point is a locked-down virtual appliance built on SUSE Linux Enterprise Edition 11 that has feature parity with the Security Server.  It allows you to remove Windows VMs from your DMZ, and it does not need to be paired with a Connection Server, so you can scale out your external access without having to add additional connection servers.

The Access Point will not be dedicated to Horizon View.  It is designed to work with all components of the Horizon Suite – reducing the number of external access components that you need to manage.


One-Way Trust Support

If you work in a multi-domain or federated environment, Horizon View required a two-way trust between domains or forests in order to authenticate and entitle users.

There are a number of environments where two-way trusts aren’t feasible.  Think about companies that routinely undergo mergers, acquisitions, or divestitures.  They have use cases for virtual desktop environments, but a two-way trust between Active Directory environments would pose security and integration challenges.

Horizon 6.2 takes a step towards resolving this by adding support for 1-way Active Directory trusts.  Users and groups from external (trusted) domains can now be granted access to Horizon desktops without having to create a full two-way trust.


In order to fully support one-way forest trusts, Horizon will need to utilize a service account with permissions to authenticate against the trusted domain.  This account is stored in the Horizon LDAP database, and all of its credentials are encrypted.

Secondary credentials are managed by using the vdmadmin command line tool that is installed on Connection Servers.

vSphere 6 Update 1 Support

Horizon 6.2 will support vSphere 6 Update 1 on Day 1.

FIPS and Common Criteria Certification

The US Federal Government has a number of criteria that IT products must meet.  These include things like IPv6 compatibility, FIPS cryptographic support, and Common Criteria certification.

Horizon 6.1 introduced support for IPv6.  Horizon 6.2 expands upon this with support for FIPS on all Horizon Windows components.  FIPS will also be supported in Horizon Client 3.5 for Windows.

FIPS mode is optional, and it can be enabled if it is required.

VMware will also be submitting Horizon 6.2 for Common Criteria certification, and this testing is currently in process.  It should be completed sometime in 2016.

Enhanced License Console

The license console in previous versions of Horizon was not very detailed.  It would give you the current number of active users with a breakdown by virtual machine type.

Horizon 6.2 overhauls the licensing console on the Admin page.  The new licensing console shows part of the key that is in use along with the number of concurrent connections and unique named users that have logged in.

Introducing Horizon 6.2

VMware has made a significant investment in end-user computing.  A new release of Horizon comes about every six months, and each release contains several major new features.

Today, VMware has announced the latest iteration of Horizon Suite – Horizon 6.2.  This release greatly builds upon the features that have been released in the last few versions of Horizon.

These features include:

  • Significant expansion of RDSH capabilities
  • Enhancements to user experience
  • Expanded Graphics support
  • Windows 10 support
  • And more…

One thing we won’t be seeing in this version is the release of Instant Clones.  This was announced at last year’s VMworld as Project Fargo, and it utilizes the instant cloning features to create on-demand virtual desktops.

The Next Generation of Virtual Graphics–NVIDIA GRID 2.0

When vGPU was released for Horizon View 6.1 back in March 2015, it was an exciting addition to the product line.  It addressed many of problems that plagued 3D Graphics Acceleration and 3D workloads in virtual desktop environments running on the VMware platform.

vGPU, running on NVIDIA GRID cards, bridged the gap between vDGA, which is dedicating a GPU to a specific virtual machine, and vSGA, which is sharing the graphics card between multiple virtual machines through the use of a driver installed in the hypervisor.  The physical cores of the GRID card’s GPU could be shared between desktops, but there was no hypervisor-based driver between the virtual desktop and the GPU.  The hypervisor-based component merely acted as a GPU scheduler to ensure that each virtual desktop received the resources that it was guaranteed.

While vGPU improved performance and application compatibility for virtual desktops and applications, there were certain limitations.  Chief amongst these limitations was support for blade servers and virtual machines running Linux.  There were also hard capacity limits – GRID cards could only support so many virtual desktops had vGPU enabled.

Introducing GRID 2.0

Today, NVIDIA is announcing the next generation of virtual Graphics Acceleration – GRID 2.0.

GRID 2.0 offers a number of benefits over the previous generation of GRID cards and vGPU software.  The benefits include:

  • Higher Densities – A GRID card with 2 high-end GPUs can now support up to 32 users.
  • Blade Server Support – GRID 2.0 will support blade servers, bringing virtual desktop graphics acceleration to high-density compute environments.
  • Linux Desktop Support – GRID 2.0 will support vGPU on Linux desktops.  This will bring vGPU to a number of use cases such as oil and gas.

GRID 2.0 will also offer better performance over previous generations of GRID and vGPU.

Unfortunately, these new features and improvements aren’t supported on today’s GRID K1 and K2 cards, so that means…

New Maxwell-based GRID Cards

NVIDIA is announcing two new graphics cards alongside GRID 2.0.  These cards, which are built on the Maxwell architecture, are the M60 – a double-height PCI-Express card with two high-end Maxwell cores, and the M6 – a GPU with a single high-end Maxwell core that is designed to fit in blades and other rack-dense infrastructure.  The M6 is designed to have approximately half of the performance of the M60.  Both cards double the amount of memory available to the GPU.  The M6 and M60 each have 8GB of RAM per GPU compared to the 4GB per GPU on the GRID K1 and K2.

Both the M6 and the M60 will be branded under NVIDIA’s TESLA line of data center graphics products, and the GRID 2.0 software will bring the graphics virtualization capabilities on top of these new Maxwell-based Tesla cards..  The M60 is slated to be the direct replacement for both the GRID K1 and GRID K2 cards.  The K1 and K2 cards will not be discontinued, though – they will still be sold and supported for the foreseeable future.

VMworld 2015 Conference Tips

VMworld is only a month away, and as every seasoned conference veteran knows, there are a number of tips that will make the experience better.

I’ve put together my favorite tips for VMworld, and I’ve grouped the tips into categories based on


  • If you haven’t already done so, sign up for Twitter.  The #VMworld hashtag is one of the primary communications channels for conference attendees.  You can also follow sessions by using the session number as a hashtag.
  • Add the “Unofficial VMworld Bloggers List” to your RSS feed. (Note: Link does not work.  Will update when I have an updated  link.)  Bloggers will recap sessions they find interesting or provide analysis of the keynote contents.
  • Be sure to sign up for VMunderground – the best community-led event of the weekend.  This year, it will be at the City View right across from the Moscone Center.
  • Talk to your vendors and tell them you’re going.  Chances are they will have a booth.  They may also have a customer appreciation event that you can score tickets to. 
  • Ask your local VMUG leaders if they know anyone from your area that is going, and find a time to do a local meetup sometime during the conference.

Packing and Travel

  • You’ll be walking around a lot, so clean out your backpack before you leave.  Chances are, you won’t need that Cisco rollover cable or a bitdriver set during the conference.  VMware also provides a notebook, so you can leave yours at home.  If you plan to use the conference backpack, then there is no point in bringing along items that you will have to repack to bring home.
  • The average high temperature for late August is 70 degrees Fahrenheit.  The lows are around 55 degrees.  Pack accordingly, and don’t forget to bring a light coat as it can get a little chilly at night. 
  • Leave a little room in your suitcase to bring stuff back.  The VMworld conference kit usually includes a backpack of some sort, and T-shirts are a popular vendor giveaway.  FedEx and UPS both have retail locations on Kearny Street if you would prefer to ship stuff instead of bringing it on the plane.
  • If you forget anything, there is a Target in the Metreon, which is right across the street from Moscone.


  • This is another area where travelling light is key as you will have to carry it around for most of the day. 
  • Bring extra batteries or battery packs for your devices.  You will be on your phone, tablet, and laptop all day, and you may not get a chance to recharge them during the day, so it is wise to have a power bank, such as this 13000 mAh battery pack, to keep your mobile devices topped off.
  • Don’t forget to bring your chargers.  There is an Apple store nearby for Apple products, but finding chargers for other laptop brands might be difficult.  Target should have chargers for other mobile devices.

General Conference Info

  • You will be standing and walking a lot.  Comfortable, broken-in shoes are a must.  If you plan to buy new shoes, buy them soon and start breaking them in so you avoid blisters and other foot injuries.
  • It may also be a good idea to start going for a walk a couple of times a week just to prepare.  If you don’t, you may be a little sore after the first day or two. 
  • Drink water frequently.  The VMworld Welcome Kit includes a water bottle, and there are water coolers around Moscone that you can use to fill it.


  • Plan your schedule early as popular sessions may fill up quickly.
  • If a session is full, add yourself to the waiting list.
  • If you are interested in two sessions that overlap, book one and add the other to your Interest list.  The schedule changes frequently, and you may get an opportunity to register for both.
  • Every session is recorded, so don’t worry if you miss one.  You can always download and watch the video later.
  • Register for Group Discussions.  They’re a good opportunity to talk to your peers and experts from VMware.  These sessions are small, so register early if you want to guarantee a spot.

Solutions Exchange

  • Block off time in your schedule to peruse the Solutions Exchange.  You want to spend time here talking to vendors.
  • Make it a point to stop by booths for vendors that you already do business with.  This is a good time to ask your vendors’ experts and get your questions answered.

Places to Eat Near Moscone

San Francisco has a lot of good cuisine.  They’re especially noted for their Asian cuisine, which is sadly not reflect in the list below. 

  • Oasis Grill – Located across the street from Moscone West.  Servers gyros and Mediterranean
  • Super Duper Burger – Located on the north side of the Yeurba Buena Garden, this place is known for burgers, garlic fries (with fresh garlic), soft-serve ice cream
  • Mel’s Drive In – 50’s style diner near Moscone with excellent breakfast.
  • Thirsty Bear – Located on Howard just east of Third Street.  Known for craft bear and spanish-style cuisine.
  • The Melt – A few blocks away from Moscone at the corner of Minna and New Montgomery, this is a grilled cheese and soup place.
  • Boudin – A local chain with a few locations around Moscone.  Known for their Sourdough bread.
  • Ghirardelli – The famed chocolatier.  The location at Market and Montgomery is also an ice cream shop that is open late.
  • Lori’s Diner – Located at Powell and Sutter, this 50’s style diner is open 24/7 so you can get some post-party breakfast.

And finally – Sushirrito on New Montgomery.  It’s a sushi burrito.  Need I say more??

Other Stuff

  • Go out and enjoy yourself.
  • There is an online registry of events for the week at http://www.vmworld.com/en/gatherings.html.  Go out and socialize with your peers.
  • Even if you don’t know who the bands are, go to the VMworld party.  The last time it was at AT&T Park, it was a blast.
  • If packed events aren’t your thing, go explore the city.  Although a lot of museums close by 6:00 PM, restaurants on Fisherman’s Wharf and Ghirardelli’s are open late. 


  • San Francisco has a large indigent population.  Be careful when handling money in public or using ATMs.  (Note: This is a general safety tip for any large American city.  You don’t want to make yourself a victim or be “aggressively panhandled.”)
  • San Francisco has some rough areas, and its not hard to get lost and wander into them.  Many of the conference hotels are near Union Square, and it is very easy to take a wrong turn and wander into the Tenderloin District. 

Get every new post delivered to your Inbox.

Join 1,008 other followers