2.0
Table Of Contents
- VMware ACE Administrator’s Manual
- Contents
- About This Book
- Introduction and System Requirements
- Learning the Basics of Workstation ACE Edition
- Terminology for This Chapter
- Setting Up Your Administrative Workstation
- Overview of the Workstation ACE Edition Window
- Accessing Commands in the Workstation ACE Edition Window
- Workstation ACE Edition Window Elements
- ACE Master Icons in the Sidebar
- Adding ACE Masters to ACE 2 Management Servers
- Viewing ACE Masters in the Sidebar
- Using the ACE Icons on the Home Page
- Viewing the Summary for an ACE Master
- Viewing the Summary for All ACE Instances Managed by an ACE 2 Management Server
- ACE Menu
- New ACE Master, Connect to ACE 2 Management Server, and Open Hot Fix Commands in the File Menu
- ACE Master Toolbar
- Creating Packages to Distribute to Users
- Basic Steps for Creating and Deploying ACE Packages
- Keeping Users Up-to-Date
- Installing, Configuring, and Upgrading Workstation ACE Edition
- Installing and Configuring the ACE 2 Management Server
- ACE 2 Management Server Setup Options
- System Requirements for the ACE 2 Management Server
- Features of the ACE 2 Management Server
- Components of the ACE 2 Management Server
- Using SSL Certification and Protocol
- Installing the ACE 2 Management Server
- Configuring the ACE 2 Management Server
- Using Event Logs
- Stopping and Starting the Apache Service Manually
- Logging On to the ACE 2 Management Server
- Using the ACE 2 Management Server
- Unblocking Port Traffic and Changing Port Assignments
- Creating and Configuring ACE Masters
- Creating an ACE Master
- Creating a New ACE Master
- Cloning an ACE Master from an Existing ACE Master
- Cloning an ACE Master from an Existing Virtual Machine
- Cloning a Virtual Machine from an ACE Instance
- Networking ACE Instances
- ACE Master Settings
- Virtual Machine Settings
- Setting and Using Policies and Customizing VMware Player
- Taking Advantage of Policies
- Using the Policy Editor
- Setting Policies
- Setting Access Control Policies - Activation and Authentication
- Setting Host-Guest Data Script Policies
- Setting Expiration Policies
- Setting Copy Protection Policies
- Setting Resource Signing Policies
- Setting Network Access Policies
- Before You Begin: Read These Notes About Host Policies
- Getting Started with Setting Network Access
- Using the Network Access Wizard to Configure Network Access
- Using the Zone, Ruleset, and Rule Editors to Configure Network Access
- Using the Zone Editor to Set Up and Configure Network Zones
- Using the Ruleset and Rule Editors to Configure Host and Guest Access
- Network Properties Packaging
- Understanding the Interaction of Host Access and Guest Access Filters With Tunneling Protocols
- Setting Removable Devices Policies
- Setting USB Device Policies
- Setting Virtual Printer Policies
- Setting Runtime Preferences Policies
- Setting Snapshot Policies
- Setting Administrator Mode Policies
- Setting Hot Fix Policies
- Setting Policy Update Frequency
- Writing Plug-In Policy Scripts
- Customizing the VMware Player Interface
- Package Settings
- Custom EULA
- Instance Customization
- Benefits of Instance Customization
- Overview of the Instance Customization Process
- Before You Specify Instance Customization Settings, Perform These Tasks
- Downloading the Microsoft Sysprep Deployment Tools
- Specifying Package Settings for Instance Customization
- Placeholder Values to Use in Instance Customization
- Packaging with Instance Customization Enabled
- How ACE Instance Customization Completes on the ACE User’s Machine
- Package Lifetime
- Encryption
- Deployment Platform
- Setting Up a Remote Domain Join
- Troubleshooting Setup Issues
- Creating Packages and Deploying Them to Users
- Preview, Save, Test, Publish
- Pocket ACE
- Installing and Using VMware Player and ACE Instances
- Installing the ACE Package on a Windows Host Computer and Running the ACE Instance
- Installing VMware Player on a Windows Host Computer
- Installing an ACE Instance on a Windows Host Computer
- Installing an ACE Package Silently on a Windows Host Computer
- Uninstalling VMware Player from a Windows Host Computer
- Uninstalling an ACE Instance from a Windows Host Computer
- Running the ACE Instance on a Windows Host Computer
- Installing the ACE Package on a Linux Host Computer and Running the ACE Instance
- Installing VMware Player on a Linux Host Computer
- Installing the ACE Instance on a Linux Host Computer
- Installing an ACE Package Silently on a Linux Host Computer
- Uninstalling an ACE Instance from a Linux Host Computer
- Uninstalling VMware Player from a Linux Host Computer
- Running the ACE Instance on a Linux Host Computer
- Controlling Which Virtual Machines and ACE Instances Run on a Host
- Running VMware Player
- Starting VMware Player
- Entering a Client License in VMware Player for an ACE Instance
- Quitting VMware Player
- Enlarging VMware Player to Fill the Screen
- Understanding VMware Player Status Indicators
- Viewing Messages, Notifications, and the ACE Information Dialog Box
- Controlling Devices Attached to VMware Player
- Setting VMware Player Preferences
- Taking Snapshots in VMware Player
- Using Shared Folders
- Printing from VMware Player
- Troubleshooting Problems
- Troubleshooting Tools
- Preserving the State of an ACE Instance
- Installing the ACE Package on a Windows Host Computer and Running the ACE Instance
- Instance View
- Opening a View of All Instances Managed by a Server
- Setting Up Queries to Search for Instances
- Showing, Hiding, Moving, and Resizing Columns in the Instances Table
- Adding Custom Database Fields by Adding Columns
- Changing the Sort Order of the Instances Table
- Deactivating and Reactivating Instances from the Instance View
- Resetting Expiration Dates for an Expired Instance by Clicking Reactivate
- Using the Details View
- Using the Connect to ACE 2 Management Server Command to Open an Instance View
- Appendix: Using the VMware ACE 2 Management Server Database Schema and Querying the Audit Event Log Data
- Glossary
- Index
- Updates for the VMware ACE Administrator’s Manual
VMware, Inc. 63
Chapter 4 Installing and Configuring the ACE 2 Management Server
VMwarePlayerdoesanintegritycheckofthecertificatestoreincludedinthepackage
everytimeitcommunicateswiththeserver.
TheVMwarePlayerapplicationdoesnotuseanycertificatesstoredinthehostsystem,
becausetheirintegritycannotbeverified.
BecausethePlayerdoesnottrustanycertificatesstoredon
thehostmachinethatitis
runningonandinsteadreliesonacompletecertificationchainthatisincludedinthe
ACEpackage,theuseofself‐signedcertificatesisadequateformostsecurityneeds.
If,however,yourenterpriserequirestheuseofacertificatesignedbyacertificate
authority(internal
orcommercial),youcansetupthattypeofkey/certificatepairfor
theACEpackagestouse.Acertificateauthority,orCA,isanentitythatissuesandsigns
public‐keycertificates,typicallyforafee.See“SettingUpYourOwnSelf‐Signed
Certificates,Third‐PartySignedCertificates,orCertificates
fromanInternalCertificate
Authority,”below,fordetails.
Setting Up Your Own Self-Signed Certificates, Third-Party
Signed Certificates, or Certificates from an Internal Certificate
Authority
IfyouwanttousecustomSSLcertificates,eitheryourownself‐signedcertificatesor
thoseofathird‐partyorinternalCA(certificateauthority),youmustprovidethe
variousneededcertificate,key,and(inthecaseofCAs)certificatechainfiles.Thesefiles
mustbePEM‐encoded.Afteryouhave
createdorobtainedthesefiles,youplacethem
inthecorrectdirectorybyuploadingthemfromtheCustomSSLCertificatespagein
theserversetupWebapplication.
N
OTEIfyouchangethecustomSSLcertificateforyourACE2ManagementServer,
youneedtoupdatetheResourcedirectoryforallofyourexistingACEinstances.You
candothisbycreatinganddistributingacustompackagethatcontainsonlyResources.
SeeChapter8,“CreatingPackagesandDeployingThem
toUsers,”onpage187for
moreinformation.
N
OTEACE2ManagementServeronlysupportspublickeycertificatesthathavebeen
signedusingtheSHA1algorithm.Anyotheralgorithmswillresultinanerrorwhenthe
ACEisdeployed.
NOTEWorkstationACEEditiononlysupportscertificatesignaturesthatusetheSHA1
algorithmdigest.