Specifications
Table Of Contents
- View Manager Administration Guide
- Contents
- About This Book
- Introduction
- Installation
- View Administrator
- Virtual Desktop Deployment
- Client Management
- Installing and Running View Client and View Portal
- Client Connections from the Internet
- Creating SSL Server Certificates
- Using Existing SSL Certificates
- Smart Card Authentication
- RSA SecurID Authentication
- View Client Command Line Options
- Virtual Printing
- Adobe Flash Bandwidth Reduction
- Client Computer Information
- Using PCoIP Display Protocol
- Using HP RGS Display Protocol
- View Composer
- Overview of View Composer
- Preparing vCenter Server for View Composer
- Preparing a Parent VM
- Deploying Linked Clone Desktops from View Manager
- Refreshing, Recomposing, and Rebalancing Linked Clone Desktops
- Using an Existing View Composer Database
- Using the SviConfig Tool for View Composer
- Offline Desktop
- Component Policies
- Unified Access
- Troubleshooting
- Appendix: The locked.properties File
- Glossary
- Index
VMware, Inc. 97
Chapter 5 Client Management
View Client Policies
CertainViewClientfeaturescanbecontrolledthroughpolicies.Forinformationabout
configuringandapplyingpoliciestoViewClientattheglobal,pool,oruserlevelrefer
to“ClientPolicies”onpage 183.
Client Connections from the Internet
Forausertoaccessavirtualdesktop,theirclientsystemmustbeabletoresolvethehost
nameorIPaddressofthespecifiedViewConnectionServer.Initially—andby
default—ViewConnectionServercanonlybecontactedbytunnelclientsthatreside
withinthesamenetworkandarethereforeableto
locatetherequestedserver.
Manyorganizationsrequirethatuserscanconnectfromanexternallocationbyusing
agloballyresolvabledomainorsubdomainnameorIPaddress,orbyreassigning
specificportsonanexistingaddress,inordertorouteclientrequeststotheappropriate
location(typically,thesecurityserver).For
example:
https://view-example.com:443
https://view.example.com:443
https://example.com:1234
However,someadditionalconfigurationwithinViewConnectionServerisrequiredfor
addresseslikethesetowork.
Setting an External URL for View Connection Server
WhenyouuseMicrosoftRDPasthedisplayprotocol,ViewClientattemptstocreate
twoseparateTCPconnectionsbetweenitselfandViewConnectionServer.Thefirst
connectionhandlesuseroperationssuchasauthentication,desktopselection,andso
forth.Thesecondconnectionisinstantiatedafterlogonandprovidesatunnelfor
carrying
RDPdata.
ThefirstconnectionismadeusingtheURLorIPaddressenteredbytheuserintothe
client.Providingthefirewallandload‐balancingcomponentshavebeenconfigured
correctlyinyournetworkenvironment,thisrequestreachestheserver.Upon
authentication,theFQDNofViewConnectionServerisreturnedto
theclient.
Thesecondconnection(thetunnelconnection,whichisSSL‐encryptedbydefault)is
attemptedusingtheFQDN.However,theconnectionfailsiftheFQDNcannotbe
resolvedbytheexternalViewClient.Anexamplesequenceofexternalandinternal
clientinteractionswiththeserverisshowninFigure 5‐1
.