VMware View Installation View 4.6 View Manager 4.6 View Composer 2.6 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
VMware View Installation You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents VMware View Installation 5 1 System Requirements for Server Components 7 View Connection Server Requirements 7 View Administrator Requirements 9 View Composer Requirements 9 View Transfer Server Requirements 12 2 System Requirements for Client Components 15 Supported Operating Systems for View Agent 15 Supported Operating Systems for View Client and View Client with Local Mode Hardware Requirements for Local Mode Desktops 16 Client Browser Requirements for View Portal 18 Remote Display Protoco
VMware View Installation 6 Installing View Transfer Server 71 Install View Transfer Server 71 Add View Transfer Server to View Manager 73 Configure the Transfer Server Repository 74 Firewall Rules for View Transfer Server 75 Installing View Transfer Server Silently 75 7 Configuring Certificate Authentication 79 Replacing the Default Certificate 79 Add keytool and openssl to the System Path 80 Use an Existing PKCS#12 Certificate and Private Key 80 Convert a PKCS#12 Keystore to JKS Format 82 Creating a Ne
VMware View Installation ® VMWare View Installation explains how to install the VMware View server and client components. Intended Audience ® This information is intended for anyone who wants to install VMware View. The information is written for experienced Windows or Linux system administrators who are familiar with virtual machine technology and datacenter operations. VMware, Inc.
VMware View Installation 6 VMware, Inc.
System Requirements for Server Components 1 Hosts that run VMware View server components must meet specific hardware and software requirements.
VMware View Installation Table 1-1. View Connection Server Hardware Requirements (Continued) Hardware Component Required Recommended Memory 4GB RAM or higher At least 10GB RAM for deployments of 50 or more View desktops 2GB RAM or higher 6GB RAM for deployments of 50 or more View desktops, and enable Physical Address Extension (PAE) See the Microsoft KB article at http://support.microsoft.com/kb/283037.
Chapter 1 System Requirements for Server Components Virtualization Software Requirements for View Connection Server View Connection Server requires VMware virtualization software to function properly. n If you are using vSphere, you must have vSphere 4.0 Update 2 or later or vSphere 4.1 or later. n If you are using VMware Infrastructure, you must have VMware Infrastructure 3.5 Update 5 and VirtualCenter Server 2.5 Update 6. n Both ESX and ESXi hosts are supported.
VMware View Installation n Database Requirements for View Composer on page 10 View Composer requires an SQL database to store data. The View Composer database must reside on, or be available to, the vCenter Server computer.
Chapter 1 System Requirements for Server Components View Composer supports a subset of the database servers that vCenter Server supports. If you are already using vCenter Server with a database server that is not supported by View Composer, continue to use that database server for vCenter Server and install a separate database server to use for View Composer and View Manager database events.
VMware View Installation View Transfer Server Requirements View Transfer Server is an optional View Manager component that supports check in, check out, and replication of desktops that run in local mode. View Transfer Server has specific installation, operating system, and storage requirements. n Installation Requirements for View Transfer Server on page 12 You must install View Transfer Server as a Windows application in a virtual machine that meets specific requirements.
Chapter 1 System Requirements for Server Components Supported Operating Systems for View Transfer Server You must install View Transfer Server on a supported operating system with the required amount of RAM. Table 1-6.
VMware View Installation 14 VMware, Inc.
2 System Requirements for Client Components Systems running View client components must meet certain hardware and software requirements. View Client on Windows systems uses Microsoft Internet Explorer Internet settings, including proxy settings, when connecting to View Connection Server. Ensure that your Internet Explorer settings are accurate and that you can access the View Connection Server URL through Internet Explorer. You can use Internet Explorer 7 and 8.
VMware View Installation Table 2-1. View Agent Operating System Support (Continued) Guest Operating System Version Edition Service Pack Windows 2003 R2 Terminal Server 32-bit Standard SP2 Windows 2003 Terminal Server 32-bit Standard SP2 IMPORTANT If you use Windows 7 in a virtual machine, the host must be ESX/ESXi 4.0 Update 2 or later or ESX/ESXi 4.1 or later. Supported Operating Systems for View Client and View Client with Local Mode Users run View Client to connect to their View desktops.
Chapter 2 System Requirements for Client Components Table 2-3. Processor Requirements Client Computer Requirement Description PC Standard x86 or x86 64-compatible Number of CPUs Multiprocessor systems are supported CPU speed For a Windows XP local desktop, 1.3GHz or faster; 1.6 GHz recommended For a Windows 7 desktop, 1.6GHz or faster; for Aero effects, 2.
VMware View Installation Display A 32-bit display adapter is recommended. 3D benchmarks, such as 3DMark '06, might not render correctly or at all when running Windows Vista or Windows 7 virtual machines on some graphics hardware. To play video at 720p or higher requires a multiprocessor system. For CPU and GPU requirements to support Windows 7 Aero, see the table in “PC Hardware,” on page 16.
Chapter 2 System Requirements for Client Components VMware View with PCoIP PCoIP provides an optimized desktop experience for the delivery of the entire desktop environment, including applications, images, audio, and video content for a wide range of users on the LAN or across the WAN. PCoIP can compensate for an increase in latency or a reduction in bandwidth, to ensure that end users can remain productive regardless of network conditions.
VMware View Installation Recommended Guest Operating System Settings Recommended guest operating system settings include the following settings: n For Windows XP desktops: 768MB RAM or more and a single CPU n For Windows 7 desktops: 1GB of RAM and a dual CPU Client Hardware Requirements Client hardware requirements include the following: n 800MHz or higher processor speed. n x86-based processor with SSE2 extensions.
Chapter 2 System Requirements for Client Components HP RGS has the following limitations: n Connections to virtual machines are not supported. n Vista desktops are not supported. n Tunnel connections are not supported. Only direct connections are supported. n Smart cards are not supported. n Multiple monitors are not supported. n View Portal does not support RGS connections. n Linux thin clients do not support RGS connections.
VMware View Installation View supports smart cards and smart card readers that use a PKCS#11 or Microsoft CryptoAPI provider. You can optionally install the ActivIdentity ActivClient software suite, which provides tools for interacting with smart cards. Users that authenticate with smart cards must have a smart card or USB smart card token, and each smart card must contain a user certificate. To install certificates on a smart card, you must set up a computer to act as an enrollment station.
Preparing Active Directory 3 View uses your existing Microsoft Active Directory infrastructure for user authentication and management. You must perform certain tasks to prepare Active Directory for use with View.
VMware View Installation Trust Relationships and Domain Filtering To determine which domains it can access, a View Connection Server instance traverses trust relationships beginning with its own domain. For a small, well-connected set of domains, View Connection Server can quickly determine the full list of domains, but the time that it takes increases as the number of domains increases or as the connectivity between the domains decreases.
Chapter 3 Preparing Active Directory You must give the user account privileges to perform certain operations in vCenter Server. If you use View Composer, you must give the user account additional privileges. See “Configuring User Accounts for vCenter Server and View Composer,” on page 53 for information on configuring these privileges. Create a User Account for View Composer If you use View Composer, you must create a user account in Active Directory to use with View Composer.
VMware View Installation Procedure 1 On your Active Directory server, select Start > Administrative Tools > Active Directory Users and Computers. 2 Right-click your domain and select Properties. 3 On the Group Policy tab, click Open to open the Group Policy Management plug-in. 4 Right-click Default Domain Policy and click Edit. 5 Expand the Computer Configuration section and open Windows Settings\Security Settings.
Chapter 3 Preparing Active Directory Add UPNs for Smart Card Users Because smart card logins rely on user principal names (UPNs), the Active Directory accounts of users that use smart cards to authenticate in View must have a valid UPN. If the domain a smart card user resides in is different from the domain that your root certificate was issued from, you must set the user’s UPN to the Subject Alternative Name (SAN) contained in the root certificate of the trusted CA.
VMware View Installation What to do next If an intermediate certification authority (CA) issues your smart card login or domain controller certificates, add the intermediate certificate to the Intermediate Certification Authorities group policy in Active Directory. See “Add an Intermediate Certificate to Intermediate Certification Authorities,” on page 28.
Installing View Composer 4 To use View Composer, you create a View Composer database, install the View Composer service on the vCenter Server computer, and optimize your View infrastructure to support View Composer. View Composer is an optional feature. Install View Composer if you intend to deploy linked-clone desktop pools. You must have a license to install and use the View Composer feature.
VMware View Installation n Create a SQL Server Database for View Composer on page 30 View Composer can store linked-clone desktop information in a SQL Server database. You create a View Composer database by adding it to SQL Server and configuring an ODBC data source for it. n Create an Oracle Database for View Composer on page 32 View Composer can store linked-clone desktop information in an Oracle 11g, 10g, or 9i database.
Chapter 4 Installing View Composer Add an ODBC Data Source to SQL Server After you add a View Composer database to SQL Server, you must configure an ODBC connection to the new database to make this data source visible to the View Composer service. These instructions assume that you are configuring the ODBC data source on Windows Server 2003 SP2. Prerequisites Complete the steps described in “Add a View Composer Database to SQL Server,” on page 30.
VMware View Installation Create an Oracle Database for View Composer View Composer can store linked-clone desktop information in an Oracle 11g, 10g, or 9i database. You create a View Composer database by adding it to an existing Oracle instance and configuring an ODBC data source for it. You can add a new View Composer database by using the Oracle Database Configuration Assistant or by running a SQL statement.
Chapter 4 Installing View Composer 4 On the Database Identification page, type a Global Database Name and an Oracle System Identifier (SID) prefix. For simplicity, use the same value for both items. 5 On the Management Options page, click Next to accept the default settings. 6 On the Database Credentials page, select Use the Same Administrative Passwords for All Accounts and type a password. 7 On the remaining configuration pages, click Next to accept the default settings.
VMware View Installation Use a SQL Statement to Add a View Composer Database to an Oracle Instance The View Composer database must have certain table spaces and privileges. You can use a SQL statement to create the View Composer database in an Oracle 11g, 10g, or 9i database instance. When you create the database, you can customize the location of the data and log files. Prerequisites Verify that a supported version of Oracle 11g or 10g is installed on the vCenter Server computer.
Chapter 4 Installing View Composer Procedure 1 Log in to a SQL*Plus session with the system account. 2 Run the following SQL command to create a View Composer database user with the correct permissions.
VMware View Installation What to do next Install the new View Composer service on the vCenter Server computer. See “Install the View Composer Service,” on page 36. Add an ODBC Data Source to Oracle 9i After you add a View Composer database to an Oracle 9i instance, you must configure an ODBC connection to the new database to make this data source visible to the View Composer service. These instructions assume that you are configuring the ODBC data source on Windows Server 2003 SP2.
Chapter 4 Installing View Composer n If Windows firewall is running on the vCenter Server computer, make sure that the port the View Composer service uses to communicate with View Connection Server is accessible. You can add this port to the exception list or deactivate the local firewall service. You specify this port when you install the View Composer service. n Verify that you have the DSN, domain administrator user name, and password that you provided in the ODBC Data Source Administrator wizard.
VMware View Installation Configuring Your Infrastructure for View Composer You can take advantage of features in vSphere, vCenter Server, Active Directory, and other components of your infrastructure to optimize the performance, availability, and reliability of View Composer. Configuring the vSphere Environment for View Composer To support View Composer, you should follow certain best practices when you install and configure vCenter Server, ESX, and other vSphere components.
Installing View Connection Server 5 To use View Connection Server, you install the software on supported computers, configure the required components, and, optionally, optimize the components.
VMware View Installation You must join the View Connection Server host to an Active Directory domain. View Connection Server supports the following versions of Active Directory: n Windows 2000 Active Directory n Windows 2003 Active Directory n Windows 2008 Active Directory The View Connection Server host must not be a domain controller. NOTE View Connection Server does not make, nor does it require, any schema or configuration updates to Active Directory.
Chapter 5 Installing View Connection Server 5 Select the View Standard Server installation option. 6 Accept the Microsoft Software Supplemental License Agreement for Microsoft Active Directory Application Mode (ADAM). 7 If you install View Connection Server on Windows Server 2008, choose how to configure the Windows Firewall service. Option Action Configure Windows Firewall automatically Let the installer configure Windows Firewall to allow the required network connections.
VMware View Installation n Verify that the Windows computer on which you install View Connection Server has version 2.0 or later of the MSI runtime engine. For details, see the Microsoft Web site. n Familiarize yourself with the MSI installer command-line options. See “Microsoft Windows Installer Command-Line Options,” on page 51. n Familiarize yourself with the silent installation properties available with a standard installation of View Connection Server.
Chapter 5 Installing View Connection Server Firewall Rules for View Connection Server Certain ports must be opened on the firewall for View Connection Server instances and security servers. When you install View Connection Server on Windows Server 2008, the installation program can optionally configure the required Windows firewall rules for you. When you install View Connection Server on Windows Server 2003, you must configure the required Windows firewall rules manually. Table 5-2.
VMware View Installation n Prepare your environment for the installation. See “Installation Prerequisites for View Connection Server,” on page 39. n Familiarize yourself with the network ports that must be opened on the Windows Firewall for View Connection Server instances. See “Firewall Rules for View Connection Server,” on page 43. Procedure 1 Download the View Connection Server installer file from the VMware product page at http://www.vmware.com/products/ to the Windows Server computer.
Chapter 5 Installing View Connection Server Install a Replicated Instance of View Connection Server Silently You can use the silent installation feature of the Microsoft Windows Installer (MSI) to install a replicated instance of View Connection Server on several Windows computers. In a silent installation, you use the command line and do not have to respond to wizard prompts. With silent installation, you can efficiently deploy View components in a large enterprise.
VMware View Installation Silent Installation Properties for a Replicated Instance of View Connection Server You can include specific properties when you silently install a replicated View Connection Server instance from the command line. You must use a PROPERTY=value format so that Microsoft Windows Installer (MSI) can interpret the properties and values. Table 5-3.
Chapter 5 Installing View Connection Server 4 Type the password in the Pairing password and Confirm password text boxes and specify a password timeout value. You must use the password within the specified timeout period. 5 Click OK to configure the password. What to do next Install a security server. See “Install a Security Server,” on page 47.
VMware View Installation 6 Type the fully qualified domain name or IP address of the View Connection Server instance to pair with the security server in the Server text box. The security server forwards network traffic to this View Connection Server instance. 7 Type the security server pairing password in the Password text box. If the password has expired, you can use View Administrator to configure a new password and type the new password in the installation program.
Chapter 5 Installing View Connection Server Install a Security Server Silently You can use the silent installation feature of the Microsoft Windows Installer (MSI) to install a security server on several Windows computers. In a silent installation, you use the command line and do not have to respond to wizard prompts. With silent installation, you can efficiently deploy View components in a large enterprise. Prerequisites n Determine the type of topology to use.
VMware View Installation Silent Installation Properties for a Security Server You can include specific properties when you silently install a security server from the command line. You must use a PROPERTY=value format so that Microsoft Windows Installer (MSI) can interpret the properties and values. Table 5-4. MSI Properties for Silently Installing a Security Server MSI Property Description Default Value INSTALLDIR The path and folder in which the View Connection Server software is installed.
Chapter 5 Installing View Connection Server Microsoft Windows Installer Command-Line Options To install View components silently, you must use Microsoft Windows Installer (MSI) command-line options and properties. The View component installers are MSI programs and use standard MSI features. You can also use MSI command-line options to uninstall View components silently. For details about MSI, see the Microsoft Web site.
VMware View Installation Table 5-6. MSI Command-Line Options and MSI Properties (Continued) MSI Option or Property Description ADDLOCAL Determines the component-specific features to install. In an interactive installation, the View installer displays custom setup options to select. The MSI property, ADDLOCAL, lets you specify these setup options on the command line. To install all available custom setup options, enter ADDLOCAL=ALL. For example: VMware-viewagent-4.6.x-xxxxxx.
Chapter 5 Installing View Connection Server Examples Uninstall a View Connection Server instance. msiexec.exe /qb /x {D6184123-57B7-26E2-809B-090435A8C16A} Configuring User Accounts for vCenter Server and View Composer To use vCenter Server with View Manager, you must configure a user account with permission to perform operations in vCenter Server. To use View Composer, you must give this vCenter Server user additional privileges.
VMware View Installation Procedure 1 In vCenter Server, prepare a role with the required privileges for the user. n You can use the predefined Administrator role in vCenter Server. This role can perform all operations in vCenter Server. n If you use View Composer, you can create a limited role with the minimum privileges needed by View Manager and View Composer to perform vCenter Server operations.
Chapter 5 Installing View Connection Server View Manager Privileges Required for the vCenter Server User The vCenter Server user must have sufficient privileges to enable View Manager to operate in vCenter Server. Create a View Manager role for the vCenter Server user with the required privileges. Table 5-7.
VMware View Installation Local Mode Privileges Required for the vCenter Server User To manage desktops that are used in local mode, the vCenter Server user must have privileges in addition to those required to support View Manager and View Composer. Create a Local Mode Administrator role for the vCenter Server user that combines the View Manager privileges, View Composer privileges, and local mode privileges. Table 5-9.
Chapter 5 Installing View Connection Server Procedure 1 Open your Web browser and enter the following URL, where server is the host name or IP address of the View Connection Server instance. https://server/admin You access View Administrator by using a secure (SSL) connection. When you first connect, your Web browser might display a page warning that the security certificate associated with the address is not issued by a trusted certificate authority.
VMware View Installation Prerequisites n Install the View Connection Server product license key. n Prepare a vCenter Server user with permission to perform the operations in vCenter Server that are necessary to support View Manager. To use View Composer, you must give the user additional privileges. To manage desktops that are used in local mode, you must give the user privileges in addition to those that are required for View Manager and View Composer.
Chapter 5 Installing View Connection Server What to do next If this View Connection Server instance or group of replicated View Connection Server instances uses multiple vCenter Server instances, repeat this procedure to add the other vCenter Server instances. Configure View Composer Settings for vCenter Server To use View Composer, you must configure View Manager with initial settings that match the settings for the View Composer service that is installed in vCenter Server.
VMware View Installation Configuring View Client Connections View clients communicate with a View Connection Server or security server host over secure connections. The initial View Client connection, which is used for user authentication and View desktop selection, is created over HTTPS when a user provides a domain name or IP address to View Client.
Chapter 5 Installing View Connection Server 3 Configure use of the secure tunnel. Option Description Disable the secure tunnel Deselect Use secure tunnel connection to desktop. Enable the secure tunnel Select Use secure tunnel connection to desktop. The secure tunnel is enabled by default. 4 Configure use of the PCoIP Secure Gateway.
VMware View Installation The process of configuring the external URLs is different for View Connection Server instances and security servers. n For a View Connection Server instance, you set the external URLs by editing View Connection Server settings in View Administrator. n For a security server, you set the external URLs when you run the View Connection Server installation program. You can use View Administrator to modify an external URL for a security server.
Chapter 5 Installing View Connection Server 3 Type the Secure Tunnel external URL in the External URL text box. The URL must contain the protocol, client-resolvable security server host name or IP address, and port number. For example: https://view.example.com:443 4 Type the PCoIP Secure Gateway external URL in the PCoIP External URL text box. Specify the PCoIP external URL as an IP address with the port number 4172. Do not include a protocol name. For example: 100.200.300.
VMware View Installation Calculate the Number of Ephemeral Ports You can calculate the number of ephemeral ports that are needed on each View Connection Server instance to support a large number of concurrent client connections. Procedure u Use the following formula.
Chapter 5 Installing View Connection Server Procedure 1 2 On the Windows Server computer, start the Windows Registry Editor. a Select Start > Command Prompt. b At the command prompt, type regedit. In the registry, locate the correct subkey and click Parameters. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 3 Click Edit > New and add the registry entry.
VMware View Installation Calculate the Size of the TCB Hash Table for View Connection Server To support a large number of View desktops, you can optimize the size of the TCB hash table on each View Connection Server instance. Calculate the size in rows. Procedure u Use the following formula.
Chapter 5 Installing View Connection Server For each security server, the result is 7,510, as shown in Table 5-13. Table 5-13.
VMware View Installation Table 5-15. Number of Ephemeral Ports Number of Ephemeral Ports Fill in Your Site's Value ( (5 x clients) / servers ) + 10 = number of ephemeral ports on each View Connection Server instance Table 5-16. TCB Hash Table Size for View Connection Servers Hash Table Size for View Connection Servers Fill in Your Site's Value ( (5 x clients) / servers ) + desktops + 20 = Number of hash table rows on each View Connection Server instance Table 5-17.
Chapter 5 Installing View Connection Server Increase the JVM Heap Size on 32-Bit Windows Server Computers You can edit the Windows registry to increase the JVM heap size on a 32-bit Windows Server computer on which View Connection Server is installed. IMPORTANT Do not change the JVM heap size on 64-bit Windows Server computers. Changing this value might make View Connection Server behavior unstable.
VMware View Installation Procedure 1 On the Windows Server computer on which View Connection Server is installed, navigate to the Virtual Memory dialog box. By default, Custom size is selected. An initial and maximum page-file size appear. 2 Click System managed size. Windows continually recalculates the system page-file size based on current memory use and available memory. 70 VMware, Inc.
Installing View Transfer Server 6 View Transfer Server transfers data between local desktops and the datacenter during check in, check out, and replication. To install View Transfer Server, you install the software on a Windows Server virtual machine, add View Transfer Server to your View Manager deployment, and configure the Transfer Server repository. You must install and configure View Transfer Server if you deploy View Client with Local Mode on client computers.
VMware View Installation Prerequisites n Verify that you have local administrator privileges on the Windows Server on which you will install View Transfer Server. n Verify that your installation satisfies the View Transfer Server requirements described in “View Transfer Server Requirements,” on page 12. n Verify that you have a license to install View Transfer Server and use local desktops.
Chapter 6 Installing View Transfer Server Add View Transfer Server to View Manager View Transfer Server works with View Connection Server to transfer files and data between local desktops and the datacenter. Before View Transfer Server can perform these tasks, you must add it to your View Manager deployment. You can add multiple View Transfer Server instances to View Manager. The View Transfer Server instances access one common Transfer Server repository.
VMware View Installation Configure the Transfer Server Repository The Transfer Server repository stores View Composer base images for linked-clone desktops that run in local mode. To give View Transfer Server access to the Transfer Server repository, you must configure it in View Manager. If you do not use View Composer linked clones in local mode, you do not have to configure a Transfer Server repository.
Chapter 6 Installing View Transfer Server 5 In the General panel on the Transfer Server repository page, click Edit. 6 Type the Transfer Server repository location and other information. Option Description Network Share n n n n Type the path that you configured on the local View Transfer Server virtual machine. Local File System 7 Path. Type the UNC path that you configured. Username. Type the user ID of an administrator with credentials to access the network share. Password.
VMware View Installation Procedure 1 Log in to the Windows Server computer and click Start > Run. 2 Type gpedit.msc and click OK. 3 In the Group Policy Object Editor, click Local Computer Policy > Computer Configuration. 4 Expand Administrative Templates, open the Windows Installer folder, and double-click Always install with elevated privileges. 5 In the Always Install with Elevated Privileges Properties window, click Enabled and click OK. 6 In the left pane, click User Configuration.
Chapter 6 Installing View Transfer Server Procedure 1 Download the VMware View Connection Server installer file from the VMware product page at http://www.vmware.com/products/ to the Windows Server computer. The installer filename is VMware-viewconnectionserver-4.6.x-xxxxxx.exe or VMwareviewconnectionserver-x86_64-4.6.x-xxxxxx.exe, where xxxxxx is the build number. 2 Open a command prompt on the Windows Server computer. 3 Type the installation command on one line.
VMware View Installation Table 6-2. MSI Properties for Silently Installing View Transfer Server (Continued) MSI Property Description Default Value SERVERNAME The host name of the virtual machine on which you install View Transfer Server. This value corresponds to the Apache Web Server host name that is configured during an interactive installation. For example: SERVERNAME=ts1.companydomain.
Configuring Certificate Authentication 7 You can configure certificate authentication for View Connection Server instances, security servers, and View Transfer Server instances.
VMware View Installation When you replace the default certificate with your own certificate, clients use your certificate to authenticate the server. If your certificate is signed by a CA, the certificate for the CA itself is typically embedded in the browser or is located in a trusted database that the client can access. After a client accepts the certificate, it responds by sending a secret key, which is encrypted with the public key contained in the certificate.
Chapter 7 Configuring Certificate Authentication Procedure 1 On the IIS application server host, click Start > Programs > Administrative Tools > Internet Information Services (IIS) Manager. The Internet Information Services (IIS) Manager appears. 2 To view the list of sites hosted by the server, expand the local computer entry and click Web Sites. 3 Right-click the Web site entry that contains the certificate you want to export and select Properties.
VMware View Installation Convert a PKCS#12 Keystore to JKS Format If you already have a PKCS#12 keystore file and a server certificate that is signed by an intermediate CA rather than a root CA, you must convert the PKCS#12 keystore to JKS format before you can use it with View. Procedure 1 If the PKCS#12 keystore does not already contain the intermediate certificate, create the JKS keystore and add the intermediate certificate to the keystore.
Chapter 7 Configuring Certificate Authentication 3 Import an Intermediate Certificate into a Keystore File on page 84 If your server certificate is signed by an intermediate CA rather than by a root CA, you must add the intermediate certificate to the keystore before you add the server certificate. 4 Import a Signed Server Certificate into a Keystore File on page 85 If you obtained a signed server certificate from a CA, use keytool to import the certificate into your keystore file.
VMware View Installation Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance To obtain a signed certificate from a CA, you must use openssl to generate a private key file and a certificate signing request (CSR). For testing purposes, you can obtain a free temporary certificate based on an untrusted root from GlobalSign, Thawte, or VeriSign. Prerequisites Determine the fully qualified domain name (FQDN) that client computers use to connect to the host.
Chapter 7 Configuring Certificate Authentication Import a Signed Server Certificate into a Keystore File If you obtained a signed server certificate from a CA, use keytool to import the certificate into your keystore file. Procedure 1 Copy the text file that contains your server certificate to the directory that contains your keystore file and save it as certificate.p7.
VMware View Installation Procedure 1 Copy the keystore file that contains your certificate to the SSL gateway configuration directory on the View Connection Server or security server host. For example: install_directory\VMware\VMware View\Server\sslgateway\conf\keys.jks 2 Add the keyfile, keypass, and storetype properties to the locked.properties file in the SSL gateway configuration directory on the View Connection Server or security server host. If the locked.
Chapter 7 Configuring Certificate Authentication n If you use an intermediate CA, obtain an intermediate certificate in PEM format. n If a certificate is not in PEM format, convert it to PEM format. Procedure 1 Stop the View Transfer Server service. 2 Copy the server certificate, intermediate certificate (if any), and private key files to the directory install_directory\VMware\VMware View\Server\httpd\conf on the View Transfer Server host.
VMware View Installation 4 Restart the View Connection Server service to make your changes take effect. In a replicated group, you must restart the service on each View Connection Server instance and on each paired security server. 5 Reconfigure any firewalls and load balancers to permit client connections using the new SSL configuration. See the VMware View Architecture Planning document for more information.
Creating an Event Database 8 You create an event database to record information about View Manager events. If you do not configure an event database, you must look in the log file to get information about events, and the log file contains very limited information.
VMware View Installation Procedure 1 Add a new database to the server and give it a descriptive name such as ViewEvents. 2 Add a user for this database that has permission to create tables, views, and, in the case of Oracle, triggers and sequences, as well as permission to read from and write to these objects. For a Microsoft SQL Server database, do not use the Integrated Windows Authentication security model method of authentication.
Chapter 8 Creating an Event Database Prerequisites You need the following information to configure an event database: n The DNS name or IP address of the database server. n The type of database server: Microsoft SQL Server or Oracle. n The port number that is used to access the database server. The default is 1521 for Oracle and 1433 for SQL Server. For SQL Server, if the database server is a named instance or if you use SQL Server Express, you might need to determine the port number.
VMware View Installation 92 VMware, Inc.
Installing and Starting View Client 9 You can obtain the View Client installer either from the VMware Web site or from View Portal, a Web access page provided by View Connection Server. You can set various startup options for end users after View Client is installed.
VMware View Installation n If you plan to install View Client with Local Mode, verify that none of the following products is installed: VMware View Client, VMware Player, VMware Workstation, VMware ACE, VMware Server. n Determine whether the person who uses the client device is allowed to access locally connected USB devices from a virtual desktop. If not, you must deselect the USB Redirection component that the wizard presents.
Chapter 9 Installing and Starting View Client Prerequisites n Verify that View Client or View Client with Local Mode is installed on the client device. n If you plan to use View Client with Local Mode, verify that your license includes View Client with Local Mode and verify that the View desktop meets the requirements for local mode. See the overview topic for setting up a local desktop deployment in the VMware View Administration document.
VMware View Installation If authentication to View Connection Server fails or if View Client cannot connect to a desktop, perform the following tasks: n Verify that the View Client setting for using secure (SSL) connections matches the global setting in View Administrator. For example, if the check box for secure connections is deselected on the client, the check box must also be deselected in View Administrator. n Verify that the security certificate for View Connection Server is working properly.
Chapter 9 Installing and Starting View Client n If you plan to install View Client with Local Mode, verify that none of the following products is installed: VMware View Client, VMware Player, VMware Workstation, VMware ACE, VMware Server. n Determine whether the person who uses the client device is allowed to access locally connected USB devices from a virtual desktop. If not, you must deselect the USB Redirection component that the wizard presents.
VMware View Installation 3 Double-click the .dmg file to open it and click Agree. The contents of the disk image appear in a VMware View Client Finder window. 4 Open a new Finder window and navigate to the Applications folder. 5 Drag the VMware View Client icon to the Applications folder. If you are not logged in as an administrator user, you are prompted for an administrator user name and password. You can now unmount the disk image.
Chapter 9 Installing and Starting View Client 3 (Optional) Choose options for how you connect to the selected server. Option Description Port Specify the port number, or leave blank to use the default port for View Connection Server. Use Secure Connection (SSL) Select to use a secure (SSL) connection to protect sensitive corporate information and ensure that all connections are completely encrypted.
VMware View Installation n Verify that the user is entitled to access this desktop. See the VMware View Administration document. n Verify that the client computer allows remote desktop connections. What to do next For instructions on using View Client, see the VMware View Client Help.
Chapter 9 Installing and Starting View Client Using USB Printers In a View environment, virtual printers and redirected USB printers can work together without conflict. A USB printer is a printer that is attached to a USB port on the local client system. To send print jobs to a USB printer, you can either use the USB redirection feature or use the virtual printing feature.
VMware View Installation Install View Client Silently You can use the silent installation feature of the Microsoft Windows Installer (MSI) to install View Client or View Client with Local Mode on several Windows computers. In a silent installation, you use the command line and do not have to respond to wizard prompts. Prerequisites 102 n Verify that you can log in as an administrator on the client system. n Verify that the client system uses a supported operating system.
Chapter 9 Installing and Starting View Client Procedure 1 On the client system, download the View Client installer file from the VMware product page at http://www.vmware.com/products/. Select the appropriate installer file, where xxxxxx is the build number. Option Action View Client on 64-bit operating systems Select VMware-viewclient-x86_64-4.6.x-xxxxxx.exe for View Client. View Client on 32-bit operating systems Select VMware-viewclient-4.6.x-xxxxxx.exe for View Client.
VMware View Installation Table 9-1. MSI Properties for Silently Installing View Client (Continued) MSI Property Description Default Value DESKTOP_SHORTCUT Configures a desktop shortcut icon for View Client. 1 A value of 1 installs the shortcut. A value of 0 does not install the shortcut. This MSI property is optional. QUICKLAUNCH_SHORTCUT Configures a shortcut icon on the quick-launch tray for View Client. A value of 1 installs the shortcut. A value of 0 does not install the shortcut.
Index A Active Directory configuring domains and trust relationships 23 preparing for smart card authentication 26 preparing for use with View 23 Active Directory groups creating for kiosk mode client accounts 24 creating for View users and administrators 24 ADM template files 26 Adobe Flash requirements 21 antivirus software, View Composer 38 B browser requirements 9, 18 C certificate signing requests, See CSRs certificates checking in View Client 88 configuring View Connection Server to use 85 configur
VMware View Installation K keychain 98 keyfile property 85 keypass property 85 keytool utility adding to the system path 80 creating a CSR 83 kiosk mode, Active Directory preparation 24 L license key, View Connection Server 57 local desktop configuration adding a View Transfer Server instance 71, 73 creating a vCenter Server user 53 hardware requirements 16 privileges for vCenter Server user 56 locked.
Index installing silently 49 modifying an external URL 62 silent installation properties 50 silent installation group policies to allow installation 75, 101 replicated instances 45 security servers 49 View Client 101, 102 View Client with Local Mode 102 View Connection Server 41 View Transfer Server 75, 76 sizing Windows Server settings calculating ephemeral ports 64 calculation worksheets 67 increasing ephemeral ports 63, 64 increasing the JVM heap size 68 increasing the TCB hash table size 67 smart card
VMware View Installation View Composer, database requirements 10 View Composer configuration creating a user account 25 creating a vCenter Server user 24, 53 privileges for the vCenter Server user 55 settings in View Administrator 59 View Composer database ODBC data source for Oracle 11g or 10g 35 ODBC data source for Oracle 9i 36 ODBC data source for SQL Server 31 Oracle 11g and 10g 32 Oracle 9i 32, 33 requirements 29 SQL Server 30 View Composer infrastructure configuring vSphere 38 optimizing 38 testing
