Specifications
Table Of Contents
- View Manager Administration Guide
- Contents
- About This Book
- Introduction
- Installation
- View Administrator
- Virtual Desktop Deployment
- Client Management
- Installing and Running View Client and View Portal
- Client Connections from the Internet
- Creating SSL Server Certificates
- Using Existing SSL Certificates
- Smart Card Authentication
- RSA SecurID Authentication
- View Client Command Line Options
- Virtual Printing
- Adobe Flash Bandwidth Reduction
- Client Computer Information
- Using PCoIP Display Protocol
- Using HP RGS Display Protocol
- View Composer
- Overview of View Composer
- Preparing vCenter Server for View Composer
- Preparing a Parent VM
- Deploying Linked Clone Desktops from View Manager
- Refreshing, Recomposing, and Rebalancing Linked Clone Desktops
- Using an Existing View Composer Database
- Using the SviConfig Tool for View Composer
- Offline Desktop
- Component Policies
- Unified Access
- Troubleshooting
- Appendix: The locked.properties File
- Glossary
- Index
VMware, Inc. 113
Chapter 5 Client Management
ThesmartcardremovalpolicydoesnotapplytouserswhoconnecttotheView
ConnectionServerinstancewiththeLoginascurrentusercheckboxselected,
eveniftheylogintotheirclientsystemwithasmartcard.
5ClickOK.
6RestarttheViewConnectionServerservice.
Configuring User Profiles
Auserprincipalname(UPN)isanaccountnameandadomainnameidentifyingthe
domaininwhichtheuseraccountislocated.TheusualformofUPNisuser@domain.
Forausertoconnectusingsmartcardauthentication,theiraccountinActiveDirectory
musthaveavalidUPNassociated
withtheiruserPrincipalNameproperty.
TheUPNforeachuserwhorequiressmartcardauthenticationmustbesettothe
subjectalternativename(SAN)containedwithintherootcertificateofthetrustedCA.
Youcanlocatethisinformationbyviewingthecertificateproperties,asdescribedin
“ExportingaRootCertificatefroma
UserCertificate”onpage 107.
ThemoststraightforwardwayofaddingthisinformationtoActiveDirectoryistouse
theADSIEditutilityprovidedwiththeWindowsSupportToolssoftwarecollection.If
itisnotalreadypresentonyourActiveDirectoryserver,youcandownloadandinstall
WindowsSupportToolsfromthe
followinglocation:
http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011‐fd83‐419d‐93
9b‐9a772ea2df90
To set the UPN to the SAN on Active Directory
1OntheActiveDirectoryserverclickStart>AllPrograms>WindowsSupport
ToolstoopenacommandpromptattheSupportToolsdirectorylocation.
2Enteradsiedit.msctostarttheADSIEditapplication.
3Intheleftpane,expandthedomaininwhichtheuser
youwanttoeditislocated
andexpandCN=Users.
NOTESmartcardauthenticationreplacesWindowspasswordauthenticationonly.
If SecurIDisenabled,usersarerequiredtoauthenticateusingthismechanismalso.
NOTEYouneedtoprovidethisinformationonlyifthecertificatewasissuedfroma
domainotherthantheoneinwhichtheuserpresentlyresides.Acharacteristicof
exportingacertificatefromaserverintheuser’scurrentdomainisthattheuser’sUPN
androotcertificateSANwillcorrelate.