View Agent Direct-Connection Plug-In Administration VMware Horizon 7 7.2 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
View Agent Direct-Connection Plug-In Administration You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2013–2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents View Agent Direct-Connection Plug-In Administration 1 Installing View Agent Direct-Connection Plug-In 7 View Agent Direct-Connection Plug-In System Requirements Install View Agent Direct-Connection Plug-In 7 Install View Agent Direct-Connection Plug-In Silently 8 5 7 2 View Agent Direct-Connection Plug-In Advanced Configuration 11 View Agent Direct-Connection Plug-In Configuration Settings 11 Disabling Weak Ciphers in SSL/TLS 14 Replacing the Default Self-Signed SSL Server Certificate 15 Au
View Agent Direct-Connection Plug-In Administration 4 VMware, Inc.
View Agent Direct-Connection Plug-In Administration View Agent Direct-Connection Plug-In Administration provides information about installing and configuring View Agent Direct-Connection Plugin. This plug-in is an installable extension to View Agent that allows Horizon Client to directly connect to a virtual machine-based desktop, a Remote Desktop Services (RDS) desktop, or an application without using View Connection Server.
View Agent Direct-Connection Plug-In Administration 6 VMware, Inc.
Installing View Agent DirectConnection Plug-In 1 View Agent Direct-Connection (VADC) Plug-In enables Horizon Clients to directly connect to virtual machine-based desktops, RDS desktops, or applications. VADC Plug-In is an extension to View Agent and is installed on virtual machine-based desktops or RDS hosts.
View Agent Direct-Connection Plug-In Administration Procedure 1 Download the VADC Plug-In installer file from the VMware download page at http://www.vmware.com/go/downloadview. The installer filename is VMware-viewagent-direct-connection-x86_64-y.y.y-xxxxxx.exe for 64-bit Windows or VMware-viewagent-direct-connection--y.y.y-xxxxxx.exe for 32-bit Windows, where y.y.y is the version number and xxxxxx is the build number. 2 Double-click the installer file. 3 (Optional) Change the TCP port number.
Chapter 1 Installing View Agent Direct-Connection Plug-In 2 Run the VADC Plug-In installer file with command-line options to specify a silent installation. You can optionally specify additional MSI properties. The following example installs VADC Plug-In with default options. VMware-viewagent-direct-connection--y.y.y-xxxxxx.exe /s The following example installs VADC Plug-In and specifies a TCP port that vadc will listen to for remote connections. VMware-viewagent-direct-connection--y.y.y-xxxxxx.
View Agent Direct-Connection Plug-In Administration 10 VMware, Inc.
View Agent Direct-Connection Plug-In Advanced Configuration 2 You can use the default View Direct-Connection Plug-In configuration settings or customize them through Windows Active Directory group policy objects (GPOs) or by modifying specific Windows registry settings.
View Agent Direct-Connection Plug-In Administration Table 2‑1. View Agent Direct-Connection Plug-In Configuration Settings (Continued) 12 Setting Registry Value Type Description Disclaimer Enabled disclaimerEnabled REG_SZ The value can be set to TRUE or FALSE. If set to TRUE, show disclaimer text for user acceptance at login. The text is shown from 'Disclaimer Text' if written, or from the GPO Configuration\Windows Settings\Security Settings\Local Policies\Security Options: Interactive logon.
Chapter 2 View Agent Direct-Connection Plug-In Advanced Configuration Table 2‑1. View Agent Direct-Connection Plug-In Configuration Settings (Continued) Setting Registry Value Type Description External Framework Channel Port externalFrameworkCha nnelPort REG_SZ The port number sent to the Horizon Client for the destination TCP port number that is used for the Framework Channel protocol. A + character in front of the number indicates a relative number from the port number used for HTTPS.
View Agent Direct-Connection Plug-In Administration You can set policies that override these registry settings by using the Local Policy Editor or by using Group Policy Objects (GPOs) in Active directory. Policy settings have precedence over normal registry settings. A GPO template file is supplied to configure policies. When ViewView Agent and the plug-in are installed in the default location, the template file has the following location: C:\Program Files\VMware\VMware View\Agent\extras\view_agent_direct_
Chapter 2 View Agent Direct-Connection Plug-In Advanced Configuration 6 Exit the Group Policy Management Editor. 7 Restart the VADC machines for the new group policy to take effect. Note If Horizon Client is not configured to support any cipher that is supported by the virtual desktop operating system, the TLS/SSL negotiation will fail and the client will be unable to connect.
View Agent Direct-Connection Plug-In Administration When Horizon Client is on a different network and a NAT device is between Horizon Client and the desktop running the plug-in, a NAT or port mapping configuration is required. For example, If there is a firewall between the Horizon Client and the desktop the firewall is acting as a NAT or port mapping device. An example deployment of a desktop whose IP address is 192.168.1.1 illustrates the configuration of NAT and port mapping.
Chapter 2 View Agent Direct-Connection Plug-In Advanced Configuration Figure 2‑3. PCoIP From a Client via a NAT Device and Port Mapping IP address 192.168.1.1 NAT PNAT IP address 10.1.1.9 PCoIP Client View Desktop TCP DST 10.1.1.1:14172 SRC 10.1.1.9:? TCP DST 192.168.1.1:4172 SRC 192.168.1.9:? UDP DST 10.1.1.1:14172 SRC 10.1.1.9:55000 UDP DST 192.168.1.1:4172 SRC 192.168.1.9:? UDP DST 10.1.1.9:55000 SRC 10.1.1.1:14172 PCoIP server UDP DST 192.168.1.9:? SRC 192.168.1.
View Agent Direct-Connection Plug-In Administration Table 2‑2. NAT and Port Mapping Values VM# Desktop IP Address HTTPS RDP PCOIP (TCP and UDP) Framework Channel 0 192.168.0.0 10.20.30.40:1000 -> 192.168.0.0:443 10.20.30.40:1001 -> 192.168.0.0:3389 10.20.30.40:1002 -> 192.168.0.0:4172 10.20.30.40:1003 -> 192.168.0.0:32111 1 192.168.0.1 10.20.30.40:1005 -> 192.168.0.1:443 10.20.30.40:1006 -> 192.168.0.1:3389 10.20.30.40:1007 -> 192.168.0.1:4172 10.20.30.40:1008 -> 192.168.0.1:32111 2 192.
Setting Up HTML Access 3 View Agent Direct-Connection (VADC) Plug-In supports HTML Access to virtual machine-based desktops and RDS desktops. HTML Access to RDS applications is not supported.
View Agent Direct-Connection Plug-In Administration Set Up Static Content Delivery If the HTML Access client needs to be served by the desktop, you must perform some setup tasks on the desktop. This enables a user to point a browser directly at a desktop. Prerequisites n Download the View HTML Access portal.war zip file from the VMware download page at http://www.vmware.com/go/downloadview. The filename is VMware-Horizon-View-HTML-Access-y.y.y-xxxxxx.zip, where y.y.
Chapter 3 Setting Up HTML Access 21 Unzip portal.zip to the folder C:\inetpub\wwwroot. If necessary, adjust the permissions on the folder to allow files to be added. The folder C:\inetpub\wwwroot\portal is created. 22 Open Notepad. 23 Create the file C:\inetpub\wwwroot\Default.
View Agent Direct-Connection Plug-In Administration Disable HTTP/2 Protocol on Windows 10 and Windows 2016 Desktops With some web browsers, you might encounter the error ERR_SPDY_PROTOCOL_ERROR when accessing a Windows 10 VADC or Windows 2016 VADC desktop. You can prevent this error by disabling the HTTP/2 protocol on the desktop. Procedure 22 1 Start the Windows Registry Editor.
Setting Up View Agent Direct Connection on Remote Desktop Services Hosts 4 Horizon 7 supports Remote Desktop Services (RDS) hosts that provide RDS desktops and applications that users can access from Horizon Clients. An RDS desktop is based on a desktop session to an RDS host. In a typical Horizon 7 deployment, clients connect to desktops and applications through Horizon Connection Server.
View Agent Direct-Connection Plug-In Administration Desktop Entitlements To entitle a user to launch an RDS desktop, perform the following steps: n Ensure that the user is a member of the local group View Agent Direct-Connection Users. By default, all authenticated users are a members of this group. n For Windows Server 2008 R2 SP1, in RemoteApp Manager, ensure that the RD Session Host Server is configured to Show a remote desktop connection to this RD Session Host server in RD Web Access.
Troubleshooting View Agent DirectConnection Plug-In 5 When using View Agent Direct-Connection Plug-In, you might encounter known issues. When you investigate a problem with View Agent Direct-Connection Plug-In, make sure that the correct version is installed and running. If a support issue needs to be raised with VMware, always enable full logging, reproduce the problem, and generate a Data Collection Tool (DCT) log set. VMware technical support can then analyze these logs.
View Agent Direct-Connection Plug-In Administration Solution u Configure at least 128 MB of video RAM for each virtual machine. Enabling Full Logging to Include TRACE and DEBUG information View Agent Direct-Connection Plug-In writes log entries to the standard View Agent log. TRACE and DEBUG information is not included in the log by default. Problem The View Agent log does not contain TRACE and DEBUG information. Cause Full logging is not enabled.
Index A applications, entitling 23 authorizing Horizon Client 15 C certificate authority, add to Windows certificate store 18 silent install 8 system requirements for virtual machinebased desktops 7 W weak ciphers in SSL/TLS, disabling 14 D desktops, RDS 23 H HTML Access disable HTTP/2 protocol 22 install View Agent for 19 set up trusted CA-signed SSL server certificate 21 setting up 19 setting up static content delivery 20 N Network Address Translation (NAT), advanced addressing scheme 17 P port ma
View Agent Direct-Connection Plug-In Administration 28 VMware, Inc.
