Configure Personalization Servers

In this section:

To configure a personalization server, you must first establish a connection. Once connected you can create a configuration to control personalization for you enterprise. A list of servers can then be created to manage which servers your managed users connect to.

For details about configuring Personalization Servers, see also User Workspace Manager.

Connection

In order to configure personalization for your users, you must first establish a connection to a Personalization Server. The Connect button allows you to list one or more Personalization Servers and connect to the required one.

To configure Personalization, localhost is automatically added to the Select Personalization Server dialog if the following conditions are true:

  • A Personalization Server is installed and configured on the same machine as the console.
  • A Personalization Server has not previously been configured in the Select Personalization Server dialog

Select Personalization Server

Connect to a Personalization Server

  1. Select the User Personalization navigation button.

  2. From the Server ribbon, click Connect.

    The Select Personalization Server dialog displays.

  3. Click the new server button New Server Button.

    The Add Server dialog displays.

    Enter Connection Details dialog

  4. Enter a Friendly Name for the server. This can be any text but should be something which will enable you to identify the server. If no text is entered, the server name is used.
  5. Select the required protocol - http or https.
  6. Enter the server name or browse for the required server by specifying locations and searching for server names.

  7. Enter the port number. The port range for Personalization servers is 7771 to 7790 and the default port is 7771.

    Once the server details have been added, the URL for the server is displayed.

  8. Click Add.

    The server is listed in the Select Personalization Server dialog.

  9. Repeat steps 2 to 6 to add more servers.

    Servers in the list can have their details edited or be deleted from the list using the buttons at the top of the dialog.

  10. Select the server you want to connect to and click Connect.

    When you return to this dialog, any servers you have listed are available for selection.

Handling certificate errors

The Environment Manager and Client Communication agents now perform extra checks during HTTPS communications and will now fail on any certificate errors, for example. self-signed certificates. This can be overridden by the using the IgnoreCertificateErrors registry setting:

  • Value Name: IgnoreCertificateErrors
  • Value Type: DWORD
  • Location: HKLM\Software\Appsense\Common
  • Possible values:
    • 0 or not present - do not ignore certificate errors
    • 1- Ignore all certificate errors

Enable VPN Sync for WSGs (Windows settings groups)

As of Environment Manager 2020.2, using a settings key it is possible to enable the synchronization of WSG data after a connection to a VPN is made. As part of customized WSGs, files and registry keys are synchronized as expected. However, unmodified default WSGs may not provide the expected behavior as no refresh of the shell is performed after a network connection is made. Additionally, when this setting is enabled data is uploaded to the database at the pre-logoff stage (that is, prior to VPN disconnect), and not at the logoff stage.

In order to enable this functionality the following registry key must be added and applied to the endpoint:

  • Value Name: EnableVPNSync
  • Value Type: DWORD
  • Location: HKLM\Software\AppSense\Environment Manager
  • Possible values:
    • 0 - Only synchronize WSG data at log-on, and upload the data at logoff
    • non-zero - Synchronize WSG data when a connection to a network is made (for example, via VPN), and upload the data at the pre-logoff stage.

The EnableVPNSync option is set on the client/endpoint and NOT on the Personalization Server.

Personalization Servers in the Combined Console

Note, this feature is only available in the combined console. In the Personalization console, the server list is configured using the Endpoint Server List.

When creating an AEMP configuration in the combined console, a list of personalization servers can be configured. When the configuration is pushed out to endpoints it determines whether endpoints are personalized and if they are, to which server they will connect. It is recommended that multiple personalization servers are listed so alternative servers can be automatically selected for failover purposes.

The first time a user logs on to a managed endpoint, the Environment Manager agent contacts the first Personalization Server to request the actual list of servers the endpoint should use (based on the sites configured in the database). The client then contacts the correct server to pull down the User Personalization configuration, containing the list of the applications which should be personalized for the user.

If all attempts to connect to a Personalization Server fail, then the configuration is not downloaded and Personalization does not take place.

If no servers are configured, endpoints managed by this configuration are not personalized.

To cater for such a scenario it is recommended that the 9661 - Timeout Communicating with Personalization Server auditing event is enabled.

Configure a Personalization Server List

  1. Select the Policy Configuration navigation button.

  2. From the Manage tab select Personalization Servers.

    The Configure Personalization Servers dialog displays.

  3. Click the add server button New Server Button.

    The Add Server dialog displays.

  4. Enter the server name or click the ellipsis to search for the required server by specifying locations and searching for server names.

    Do not select or enter Localhost as the server name. If Localhost is entered as the server name it is added to the configuration.aemp file as the location of the Personalization Server. The client tries connecting to http://localhost/Personalization which is incorrect and User Personalization is disabled.

  5. Enter a Friendly Name for the server. This can be any text but should be something which will enable you to identify the server. If no text is entered, the server name is used.
  6. Select the required protocol - http or https.
  7. Enter the server name or browse for the required server by specifying locations and searching for server names.

  8. Enter a port number. The port range for Personalization servers is 7771 to 7790 and the default port is 7771.

    Once the server details have been added, the URL for the server is displayed.

  9. Click OK.

    The server is listed in the Select Personalization Server dialog.

  10. Repeat steps 3 to 9 to add more servers.

    Servers in the list can have their details edited or be deleted from the list using the buttons at the top of the dialog.

  11. If you have added more than one server, use the arrow buttons to reorder the list. When the configuration is deployed, endpoints attempt to connect to each server in turn. If a connection cannot be made with any server in the list, Personalization does not occur.

    Configure Personaliation Servers

  12. Click OK to save the server list.

When the configuration is deployed to endpoints, this list is used to determine which servers managed users connect to.

Personalization Servers in the Personalization Console

This feature is only available in the Personalization console. In the combined console, the server list is configured in the Policy side of the console using the Personalization Servers option from the Manage ribbon.

The Endpoint Server List allows you to create an AEMP configuration file containing the Personalization Servers to which endpoints can connect.

It is recommended that, where possible, multiple servers are added to the Select Personalization Server dialog so alternative servers can be connected to for failover purposes.

Environment Manager supports SQL Server Always-On functionality. Refer to the Maintained Platform Matrix for release-specific requirements.

When a user logs on to a managed endpoint, an attempt is made to connect to the first server on the list. If a connection cannot be made to that server, connection with the next server in the list is attempted and so on until a connection is established.

If all attempts to connect to a server fail, personalization does not take place.
An AEMP configuration created from the Endpoint Server List in the Personalization console can be opened and edited in the combined console.

Likewise, an AEMP configuration with configured servers, created in the combined console, can be opened and edited in the Endpoint Server List in the Personalization console.

You cannot upgrade policy configurations in the Personalization only console. policy configurations can only be upgraded in the combined Policy only consoles.

Configure and Save a Personalization Server List

  1. Open the Environment Manager Personalization console.

  2. From the Server ribbon, click Endpoint ServerList.

    The Personalization configuration dialog displays.

  3. Click the new server button New Server Button. The Add Server dialog displays.

  4. Enter the server name or click the ellipsis to search for the required server by specifying locations and searching for server names.

    Do not select or enter Localhost as the server name. If Localhost is entered as the server name it is added to the configuration file as the location of the Personalization Server. The client tries connecting to http://localhost/Personalization which is incorrect and User Personalization is disabled.

  5. Enter a Friendly Name for the server. This can be any text but should be something which will enable you to identify the server. If no text is entered, the server name is used.
  6. Select the required protocol - http or https.
  7. Enter the server name or browse for the required server by specifying locations and searching for server names.

  8. Enter the port number. The port range for Personalization servers is 7771 to 7790 and the default port is 7771.

    Once the server details have been added, the URL for the server is displayed.

  9. Click OK.

    The server is listed in the Select Personalization Server dialog.

  10. Repeat steps 2 to 6 to add more servers.

    Servers can have their details edited or can be deleted from the list using the buttons at the top of the dialog.

  11. If you have added more than one server, use the arrow buttons to reorder the list. When the configuration is deployed, endpoints attempt to connect to each server in turn. If a connection cannot be made with any server in the list, Personalization does not occur.

  12. Click OK to save the server list.

    When the configuration is deployed to endpoints, this list is used to determine which servers managed users connect to.

  13. Click File and select the required save option.

Personalization Server Selection Using Group Policy

Environment Manager client software allows the personalization server to be selected using group policy. As detailed in the sections above, a list of personalization servers is normally specified in the configuration. However, this can be overridden by the group policy list.

Using group policy templates, a list of servers can be created that will be used by endpoints as a fail-over list. There is also an option to bypass the site processing on the server and use the specified server directly. This provides new configuration options and offers better performance for large numbers of users.

Note that group policy selection of personalization servers works even if no configuration file is deployed to the client.

The following group policy administrative template files are supplied with the Environment Manager Personalization and combined consoles:

  • AppSensePersonalizationServers.admx
  • AppSensePersonalizationServers.adml
  • AppSensePersonalizationServers.adm

If configuring a personalization server using an ADMX template, be aware that the Server field supports no more than 255 characters.

Configure a Personalization Server List with Group Policy

  1. Navigate to the Group Policy folder:

    C:\Program Files\AppSense\Environment Manager\Console\Templates\Group Policy

    This is the default installation file path. If you have installed to an alternative location, find the Group Policy folder in you install location.

  2. Complete the setup action for your operating system:

    • Copy the AppSensePersonalizationServers.admx file to:

      C:\Windows\PolicyDefinitions (where C:\Windows is the system root).

    • Copy the AppSensePersonalizationServers.adml file to:

      C:\Windows\PolicyDefinitions\en-US (where C:\Windows is the system root).

  3. Open Group Policy Editor. Policy templates are available for user and computer policies. User policies can be tailored to individual users and computer policies apply to the endpoint.
  4. Select Administrative Templates > AppSense > Environment Manager for either the user or computer policy.
  5. Select the required option:

    • Specify list of personalization servers - Specify a list of personalization servers for endpoints to connect to and use as a failover list. The AEMP configuration server list is overridden by the list created.

      Select Enabled and enter the required server name(s). Each server must be preceded by http:// and where more than one server is required, separated by a comma. For example, http://server1,https://server2,http://server3:3000.

    • Bypass server site processing - Normally, initial contact is made with the server listed in the AEMP file. Once contact is made, the database rules are evaluated to determine which server the client should connect to. Enabling this option means clients ignore the database site rules and connect directly to the server determined by Group Policy.

      Select Enabled to bypass server site processing to bypass server site processing.

    • Specify which personalization servers are virtual hosts - Specifies which URLs in the personalization server list are virtual hosts, along with associated retry count and delay values for each server. Note that this policy is dependent upon the Specify list of personalization servers policy. Any servers in this list which are not in the personalization server list are ignored.

      Each item in the list should be in the format: <SERVER>;retries=<RETRIES>;delay=<DELAY>

      Where: <SERVER> is the server URL,<RETRIES> is the number of times to retry that server and <DELAY> is the delay between each retry (in milliseconds).
      Example: http://server1;retries=2;delay=2000,http://server2;retries=3;delay=4000

  6. Click OK to save your settings and update personalization server selection to use group policy.

Evaluation Order

When deciding which server to connect to, the following evaluation order is used:

  1. User Policy
  2. Computer Policy
  3. AEMP File

Each source is evaluated in order until a server list is found; if a server is not found, evaluation moves to the next source. If no servers are found, the user is not personalized.

If a server is listed in User Policy, for example, but is unavailable, processing ends and the user is not personalized.

Related Topics

User Personalization Architecture

Managing Policy Configurations

Personalization