User manual
Table Of Contents
- Using VMware Horizon Client for Windows
- Contents
- Using VMware Horizon Client for Windows
- System Requirements and Setup for Windows-Based Clients
- System Requirements for Windows Clients
- System Requirements for Real-Time Audio-Video
- Requirements for Scanner Redirection
- Requirements for Using Multimedia Redirection (MMR)
- Requirements for Using Flash URL Redirection
- Requirements for Using Microsoft Lync with Horizon Client
- Smart Card Authentication Requirements
- Client Browser Requirements for Using the Horizon Client Portal
- Supported Desktop Operating Systems
- Preparing View Connection Server for Horizon Client
- Horizon Client Data Collected by VMware
- Installing Horizon Client for Windows
- Configuring Horizon Client for End Users
- Managing Remote Desktop and Application Connections
- Working in a Remote Desktop or Application
- Feature Support Matrix for Windows Clients
- Internationalization
- Enabling Support for Onscreen Keyboards
- Using Multiple Monitors
- Connect USB Devices
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Using Scanners
- Copying and Pasting Text and Images
- Using Remote Applications
- Printing from a Remote Desktop or Application
- Control Adobe Flash Display
- Using the Relative Mouse Feature for CAD and 3D Applications
- Keyboard Shortcuts
- Troubleshooting Horizon Client
- Index
The default setting includes cipher suites that use either 128-bit or 256-bit AES encryption, except for
anonymous DH algorithms, and sorts them by strength. In Horizon Client 3.3 and later, by default, TLS v1.0
and TLS v1.1 are enabled. (SSL v2.0 and v3.0, and TLS v1.2 are disabled.) In Horizon Client 3.2 and earlier,
by default, SSL v3.0 is also enabled. (SSL v2.0 and TLS v1.2 are disabled.)
NOTE In Horizon Client 3.1 and later, the USB service daemon adds RC4 (:RC4-SHA: +RC4) to the end of
the cipher control string when it connects to a remote desktop.
You should change the security protocols in Horizon Client only if your View server does not support the
current settings. If you configure a security protocol for Horizon Client that is not enabled on the View
server to which the client connects, an SSL error occurs and the connection fails.
IMPORTANT If the only protocol you enable on the client is TLS v1.1, you must verify that TLS v1.1 is also
enabled on the remote desktop. Otherwise, USB devices cannot be redirected to the remote desktop.
On the client system, you can use either a group policy setting or a Windows Registry setting to change the
default ciphers and protocols. For information about using a GPO, see the setting called "Configures SSL
protocols and cryptographic algorithms," in “Security Settings for Client GPOs,” on page 36. For
information about using the SSLCipherList setting in the Windows Registry, see “Using the Windows
Registry to Configure Horizon Client,” on page 51.
Using the Group Policy Template to Configure VMware Horizon Client
for Windows
VMware Horizon Client includes a Group Policy Administrative (ADM) template file for configuring
VMware Horizon Client. You can optimize and secure remote desktop connections by adding the policy
settings in this ADM template file to a new or existing GPO in Active Directory.
The View ADM template file contains both Computer Configuration and User Configuration group policies.
n
The Computer Configuration policies set policies that apply to Horizon Client, regardless of who is
running the client on the host.
n
The User Configuration policies set Horizon Client policies that apply to all users who are running
Horizon Client, as well as RDP connection settings. User Configuration policies override equivalent
Computer Configuration policies.
View applies policies at desktop startup and when users log in.
The Horizon Client Configuration ADM template file (vdm_client.adm) and all ADM and ADMX files that
provide group policy settings are available in a .zip file named VMware-Horizon-View-Extras-Bundle-x.x.x-
yyyyyyy.zip, where x.x.x is the version and yyyyyyy is the build number. You can download the file from the
VMware Horizon download site at http://www.vmware.com/go/downloadview. You must copy this file to
your Active Directory server and use the Group Policy Management Editor to add this administrative
template. For instructions, see the topic "Add View ADM Templates to a GPO" in the Setting Up Desktop and
Application Pools in View document.
Scripting Definition Settings for Client GPOs
You can set policies for many of the same settings used when you run VMware Horizon Client from the
command line, including desktop size, name, and domain name, among others.
The following table describes the scripting definition settings in the VMware Horizon Client Configuration
ADM template file. The template provides a Computer Configuration and a User Configuration version of
each scripting definition setting. The User Configuration setting overrides the equivalent Computer
Configuration setting.
Using VMware Horizon Client for Windows
34 VMware, Inc.