The Horizon JMP Server has the following additional requirements:

• You should consider replacing the default JMP Server certificate with one that is trusted by your infrastructure hosts and clients. Consult the Horizon JMP Server documentation for the procedure used to replace the default self-signed certificates (https://docs.vmware.com/en/VMware-Horizon-7/7.6/horizon-JMP-server-installation/GUID-FF922872-D60F-4A82-98F5-A717F489005E.html).
  • If you choose not to replace the JMP Server self-signed certificate, you will need to import the JMP Server certificate into the user Trusted Root Certification Authorities store on the workstation you use to configure the JMP Server.
• Active Directory must be at functional level of 2008 or later.
• Active Directory must be configured for LDAP over SSL (LDAPS) or StartTLS (LDAP over TLS)
  • You will also need a copy of the Active Directory SSL certificate, exported using the Windows certificates MMC as a Base-64 encoded X.509 (.CER) file named adCA.pem
    • You do not need to export the certificate private key
• A JMP Server service (user) account created in Active Directory that will be granted administrative permissions to your Horizon pod, App Volumes, and User Environment manager; in the examples provided we will use an account named svc-jmp.
• The Horizon JMP Server and Horizon Connection Servers must have their time synchronized.