User manual

Manuals Brands VMware Manuals Applications Horizon HTML Access 4.5

Table Of Contents

Using HTML Access

Using HTML Access

VMware Horizon HTML Access 4.5

VMware Horizon 7 7.2

This document supports the version of each product listed and

supports all subsequent versions until the document is

replaced by a new edition. To check for more recent editions of

this document, see http://www.vmware.com/support/pubs.

EN-002529-00

Summary of content (50 pages)

PAGE 1

Using HTML Access VMware Horizon HTML Access 4.5 VMware Horizon 7 7.2 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
PAGE 2

Using HTML Access You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2013–2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
PAGE 3

Contents Using HTML Access 5 1 Setup and Installation 7 System Requirements for HTML Access 7 Preparing Connection Server and Security Servers for HTML Access 9 Firewall Rules for HTML Access 10 Configure View to Remove Credentials From Cache 11 Prepare Desktops, Pools, and Farms for HTML Access 11 Configure HTML Access Agents to Use New SSL Certificates 13 Add the Certificate Snap-In to MMC on a View Desktop 13 Import a Certificate for the HTML Access Agent into the Windows Certificate Store Import Root
PAGE 4

Using HTML Access Using DPI Synchronization 41 Sound 42 Copying and Pasting Text 42 Use the Copy and Paste Feature 42 Transferring Files Between the Client and a Remote Desktop 44 Download Files from a Desktop to the Client 44 Upload Files from the Client to a Desktop 44 Using the Real-Time Audio-Video Feature for Webcams and Microphones 45 Log Off or Disconnect 45 Reset a Remote Desktop or Remote Applications 46 Restart a Remote Desktop 47 Index 4 49 VMware, Inc.
PAGE 5

Using HTML Access This guide, Using HTML Access, provides information about installing and using the HTML Access feature of VMware Horizon™ 7 to connect to virtual desktops without having to install any software on a client system. The information in this document includes system requirements and instructions for installing HTML Access software on a View server and in a remote desktop virtual machine so that end users can use a Web browser to access remote desktops.
PAGE 6

Using HTML Access 6 VMware, Inc.
PAGE 7

1 Setup and Installation Setting up a View deployment for HTML Access involves installing HTML Access on View Connection Server, opening the required ports, and installing the HTML Access component in the remote desktop virtual machine. End users can then access their remote desktops by opening a supported browser and entering the URL for View Connection Server.
PAGE 8

Using HTML Access Client operating systems Browser Version Firefox 52, 53 Microsoft Edge 38, 40 Operating System Version Windows 7 SP1 (32- and 64-bit) Windows 8.x (32- and 64-bit) Windows 10 (32- and 64-bit) Mac OS X 10.11 (El Capitan) macOS 10.12.x (Sierra) iOS 9 iOS 10 Chrome OS 28.x and later Remote desktops HTML Access requires Horizon Agent 7.0 or later, and supports all the desktop operating systems that Horizon 7.0 supports.
PAGE 9

Chapter 1 Setup and Installation Third-party firewalls Display protocol for Horizon Add rules to allow the following traffic: n Servers (including security servers, Connection Server instances, and replica servers): inbound traffic to TCP port 8443. n Remote desktop virtual machines: inbound traffic (from servers) to TCP port 22443. VMware Blast When you use a Web browser to access a remote desktop, the VMware Blast protocol is used rather than PCoIP or Microsoft RDP.
PAGE 10

Using HTML Access 6 To provide users unauthenticated access to published applications in Horizon Client, you must enable this feature in Connection Server. For more information, see the topics about unauthenticated access in the View Administration document. After the servers are installed, if you look in Horizon Administrator, you will see that the Blast Secure Gateway setting is enabled on the applicable Connection Server instances and security servers.
PAGE 11

Chapter 1 Setup and Installation Configure View to Remove Credentials From Cache You can configure View to remove a user's credentials from cache when a user closes a tab that connects to a remote desktop or application, or closes a tab that connects to the desktop and application selection page, in the HTML Access client. When this feature is disabled (the default setting), the credentials remain in cache.
PAGE 12

Using HTML Access For a list of the supported operating systems, see “System Requirements for HTML Access,” on page 7. n Familiarize yourself with the procedures for creating pools and farms and entitling users. See the topics about creating pools and farms in Setting Up Desktops and Applications in View. n To verify that the remote desktop or application is accessible to end users, verify that you have Horizon Client software installed on a client system.
PAGE 13

Chapter 1 Setup and Installation Configure HTML Access Agents to Use New SSL Certificates To comply with industry or security regulations, you can replace the default SSL certificates that are generated by the HTML Access Agent with certificates that are signed by a Certificate Authority (CA). When you install the HTML Access Agent on View desktops, the HTML Access Agent service creates default, self-signed certificates.
PAGE 14

Using HTML Access 3 In the Add or Remove Snap-ins window, select Certificates and click Add. 4 In the Certificates snap-in window, select Computer account, click Next, select Local computer, and click Finish. 5 In the Add or Remove snap-in window, click OK. What to do next Import the SSL certificate into the Windows local computer certificate store. See “Import a Certificate for the HTML Access Agent into the Windows Certificate Store,” on page 14.
PAGE 15

Chapter 1 Setup and Installation Import Root and Intermediate Certificates for the HTML Access Agent If the root certificate and intermediate certificates in the certificate chain are not imported with the SSL certificate that you imported for the HTML Access Agent, you must import these certificates into the Windows local computer certificate store.
PAGE 16

Using HTML Access 4 Copy the selected thumbprint to a text file. For example: 31 2a 32 50 1a 0b 34 b1 65 46 13 a8 0a 5e f7 43 6e a9 2c 3e Note When you copy the thumbprint, do not to include the leading space. If you inadvertently paste the leading space with the thumbprint into the registry key (in Step 7), the certificate might not be configured successfully. This problem can occur even though the leading space is not displayed in the registry value text box.
PAGE 17

Chapter 1 Setup and Installation Upgrading the HTML Access Software For most versions of HTML Access, upgrading involves simply upgrading Connection Servers and View Agent. When you upgrade HTML Access, make sure that the corresponding version of View Connection Server is installed on all the instances in a replicated group. When you upgrade Connection Server, HTML Access is automatically installed or upgraded.
PAGE 18

Using HTML Access Table 1‑2. Client Data Collected for the Customer Experience Improvement Program (Continued) Description Field name Is This Field Made Anonymous ? Client binary architecture No Examples include the following values: n browser n arm Native architecture of the browser No Examples include the following values: n Win32 n Win64 n MacIntel n iPad Browser user agent string No Examples include the following values: n Mozilla/5.
PAGE 19

Configuring HTML Access for End Users 2 You can change the appearance of the Web page that end users see when they enter the URL for HTML Access. You can also set group policies that control the image quality, the ports used, and other settings.
PAGE 20

Using HTML Access You can make installer links for specific client operating systems in either the portal-links-htmlaccess.properties or oslinks.properties file. For example, if you browse to the portal page from a Mac OS X system, the link for the native Mac OS X installer appears. For Windows or Linux clients, you can make separate links for 32-bit and 64-bit installers. Important If you upgraded from View Connection Server 5.
PAGE 21

Chapter 2 Configuring HTML Access for End Users Option Property Setting Create links for specific installers The following examples show full URLs, but you can use relative URLs if you place the installer files in the downloads directory, which is under the C:\Program Files\VMware\VMware View\Server\broker\webapps\ directory on View Connection Server, as described in the next step. n General link to download installer: n link.download=https://server/downloads 32-bit Windows installer: n link.
PAGE 22

Using HTML Access Using URIs to Configure HTML Access Web Clients Using uniform resource identifiers (URIs), you can create a Web page or an email with links that end users click to launch the HTML Access Web client, connect to View Connection Server, and launch a specific desktop or application with specific configuration options. You can simplify the process of connecting to a remote desktop or application by creating Web or email links for end users.
PAGE 23

Chapter 2 Configuring HTML Access for End Users n In the query part, non-ASCII characters must first be encoded according to UTF-8 [STD63], and then each octet of the corresponding UTF-8 sequence must be percent-encoded to be represented as URI characters. For information about encoding for ASCII characters, see the URL encoding reference at http://www.utf8-chartable.de/. Supported Queries This topic lists the queries that are supported for the HTML Access Web client.
PAGE 24

Using HTML Access tokenUserName The RSA or RADIUS user name. Use this query only if the RSA or RADIUS user name is different from the Active Directory user name. If you do not specify this query and RSA or RADIUS authentication is required, the Windows user name is used. userName The Active Directory user who is connecting to the remote desktop or application.
PAGE 25

Chapter 2 Configuring HTML Access for End Users The HTML Access Web client is launched and connects to the horizon.mycompany.com server. The login box prompts the user for a user name, domain name, and password. After a successful login, the Notepad application is launched. 6 https://horizon.mycompany.com:7555/?desktopId=Primary%20Desktop This URI has the same effect as the previous example, except that it uses the nondefault port of 7555 for Connection Server. (The default port is 443.
PAGE 26

Using HTML Access HTML Code Examples You can use URIs to make hypertext links and buttons to include in emails or on Web pages. The following examples show how to use the URI from the first URI example to code a hypertext link that says, Test Link, and a button that says, TestButton. Test Link

PAGE 27
Using a Remote Desktop or Application 3 The client provides a navigation sidebar with toolbar buttons so that you can easily disconnect from a remote desktop or application or use a button click to send the equivalent of the Ctrl+Alt+Delete key combination.
PAGE 28

Using HTML Access Feature Support Matrix When you access a remote desktop or application from the browser-based HTML Access client, some features are not available. Feature Support for Single-User Virtual Machine Desktops Table 3‑1. Features Supported Through HTML Access Windows 10 Desktop Windows Server 2008 R2 Desktop Windows Server 2012 R2 Desktop Windows Server 2016 Desktop Feature Windows 7 Desktop Windows 8.
PAGE 29

Chapter 3 Using a Remote Desktop or Application Table 3‑2. Features Supported for HTML Access to RDS Hosts with View Agent 6.1.1 or Later, or Horizon Agent 7.0 or Later, Installed (Continued) Windows Server 2008 R2 RDS Host Windows Server 2012 or 2012 R2 RDS Host VMware Blast display protocol X X Horizon Agent 7.0.2 and later Location-based printing X (virtual machine only) X (virtual machine only) Horizon Agent 7.0.2 and later (virtual machine only) Real-Time Audio-Video (RTAV) Horizon Agent 7.
PAGE 30

Using HTML Access 2 (Optional) Select the Click here to skip this screen and always use HTML Access check box. Your selection is stored in the local storage for the browser you are currently using. The next time you enter the URL for the Connection Server instance using the same browser type and same client machine, you will be taken directly to the Login screen.
PAGE 31

Chapter 3 Using a Remote Desktop or Application Trust a Self-Signed Root Certificate In some cases, when connecting to a remote desktop or application for the first time, you might be prompted by the browser to accept the self-signed certificate used by the remote machine. You must trust the certificate before the connection can be made to the remote desktop or application. Most browsers will give you the option to permanently trust the self-signed certificate.
PAGE 32

Using HTML Access Use Unauthenticated Access to Connect to Remote Applications A Horizon administrator can use the Unauthenticated Access feature to create Unauthenticated Access users and entitle those users to remote applications on a Connection Server instance. Unauthenticated Access users can log in to the server anonymously to connect to their remote applications.
PAGE 33

Chapter 3 Using a Remote Desktop or Application Shortcut Key Combinations Regardless of the language used, some key combinations cannot be sent to the to a remote desktop or application. Web browsers allow some key presses and key combinations to be sent to both the client and the destination system. For other keys and key combinations, the input is processed only locally and is not sent to the destination system.
PAGE 34

Using HTML Access Table 3‑3. Windows Key Shortcuts for Windows 10 Remote Desktops (Continued) Keys Action Limitations Win+G Open game bar when a game is open. Win+H Open the Share charm. Win+I Open the Settings charm. Win+K Open the Connection quick action. Win+M Minimize all windows. Win+R Open the Run dialog box. Win+S Open Search. Win+X Open the Quick Link menu. Win+, (comma) Temporarily peek at the desktop. Win+Pause Display the System Properties dialog box.
PAGE 35

Chapter 3 Using a Remote Desktop or Application Table 3‑4. Windows Key Shortcuts for Windows 8.x and Windows Server 2012 R2 Remote Desktops (Continued) Keys Action Limitations Win+Shift+M Restore minimized windows on the desktop. Does not work in Safari browsers. Workaround: Press Command-D on Macs. Win+Alt+Num Open the desktop and open the jump list for the app pinned to the taskbar in the position indicated by the number. Does not work on a Chromebook. Win+Up Arrow Maximize the window.
PAGE 36

Using HTML Access International Keyboards When using non-English keyboards and locales, you must use certain settings in your client system, browser, and remote desktop. Some languages require you to use an IME (input method editor) on the remote desktop. With the correct local settings and input methods installed, you can input characters for the following languages: English, Japanese, French, German, simplified Chinese, traditional Chinese, Korean, and Spanish. Table 3‑6.
PAGE 37

Chapter 3 Using a Remote Desktop or Application Similarly, if you use a browser on a device that has a high pixel density resolution, such as a Macbook with Retina Display or a Google Chromebook Pixel, you must allocate sufficient VRAM for each remote desktop. Important Estimating the amount of VRAM you need for the VMware Blast display protocol is similar to estimating how much VRAM is required for the PCoIP display protocol.
PAGE 38

Using HTML Access Figure 3‑1. Sidebar That Appears When You Launch a Remote Desktop or Application 38 VMware, Inc.
PAGE 39

Chapter 3 Using a Remote Desktop or Application Click the expander arrow next to a running application to see the list of documents opened from that application. Note, however, that if you have, for example, two Excel documents open from separate Excel programs hosted on two different servers, the Excel application will be listed twice in Running list in the sidebar. From the sidebar, you can perform several actions. Table 3‑7.
PAGE 40

Using HTML Access Table 3‑7. Sidebar Actions (Continued) Action Procedure Restart a desktop Click the Open Menu button next to the desktop name in the Running list in the sidebar and select Restart. The desktop operating system usually prompts you to save any unsaved data before it restarts. You can restart a desktop only if your administrator has enabled this feature.
PAGE 41

Chapter 3 Using a Remote Desktop or Application 4 Click the Open Menu toolbar button at the top of the sidebar, select Display Settings. 5 In the Display Settings dialog box, click Add Display. Note If the Display Selector browser window does not appear, add your Horizon server's FQDN address into the Pop-up exceptions section of your browser's Content settings window. 6 Drag the Display Selector window so that it appears in the other monitor display that you want to use.
PAGE 42

Using HTML Access n Although Windows 10 and Windows 8.x machines support different DPI settings on different monitors, the DPI Synchronization feature uses the DPI value that is set on the client machine's monitor in which the Web browser used for launching the HTML Access client session is located. HTML Access does not support different DPI settings in different monitors.
PAGE 43

Chapter 3 Using a Remote Desktop or Application The Copy & Paste window, which you can open from the button at the top of the HTML Access sidebar, is required only for synchronizing the Clipboard on your local system with the Clipboard in the remote machine. The text in the Copy & Paste window displays one of the following messages to indicate in which direction the user can copy and paste content. n Use this panel to copy & paste content between your local client and remote desktop/application.
PAGE 44

Using HTML Access Transferring Files Between the Client and a Remote Desktop With the file transfer feature, you can transfer (upload and download) files between the client and a remote desktop. File transfer to or from applications is not supported. The Horizon administrator can configure the ability to allow, disallow, or allow in one direction only, the transfer of files by modifying the Configure file transfer group policy setting for the VMware Blast protocol. The default is upload only.
PAGE 45

Chapter 3 Using a Remote Desktop or Application With Internet Explorer 11 and Chrome on ChromeBook, if you drag and drop folders, files of zero size, or files larger than 2 GB, you get an error message as expected. After you dismiss the error message, you can no longer drag and drop files that can be transferred.
PAGE 46

Using HTML Access n n Close a remote application. Option Action From within the application Quit the application in the usual manner, for example, click the X (Close) button in the corner of the application window. From the sidebar Click the X next to the application file name in the Running list in the sidebar. Log off or disconnect from a remote desktop. Option Action From within the desktop OS To log off, use the Windows Start menu to log off.
PAGE 47

Chapter 3 Using a Remote Desktop or Application When you reset a remote desktop, the operating system in the remote desktop reboots and Horizon Client disconnects and logs off from the desktop. When you reset remote applications, the applications quit. What to do next Wait an appropriate amount of time for system startup before attempting to reconnect to the remote desktop or application. Restart a Remote Desktop You might need to restart a remote desktop if the desktop operating system stops responding.
PAGE 48

Using HTML Access 48 VMware, Inc.
PAGE 49

Index B Blast Agent 11 C certificates, setting the thumbprint in the Windows registry 15 cipher suites, configuring for HTML Access Agents 16 clearing credentials cache 11 configuration settings 19 copy text 42 copying text 42 Ctrl+Alt+Delete 33 customer experience program, desktop pool data 17 D desktop log off from 45 reset 46 disconnecting from a remote desktop 45 download files from a desktop to the client 44 downloading files 44 DPI synchronization 41 F feature support matrix 28 firewall rules, HTM
PAGE 50

Using HTML Access time zone 37 transferring files 44 U Unauthenticated AccessUnauthenticated Access 32 uninstall HTML Access 17 upload files from a desktop to the client 44 uploading files 44 URI examples 24 URI syntax for HTML Access web clients 22 URIs (uniform resource identifiers) 22 V video RAM 36 W Web client, system requirements for HTML Access 7 Web Portal 19 webcam 45 Windows Certificate Store, importing a certificate for the HTML Access Agent 14 Workspace ONE 31 50 VMware, Inc.