User manual
Table Of Contents
- Using VMware Horizon Client for Mac
- Contents
- Using VMware Horizon Client for Mac
- Setup and Installation
- System Requirements for Mac Clients
- System Requirements for Real-Time Audio-Video
- Smart Card Authentication Requirements
- Touch ID Authentication Requirements
- Requirements for Using URL Content Redirection
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Install Horizon Client on Mac
- Upgrade Horizon Client Online
- Add Horizon Client to Your Dock
- Configuring Certificate Checking for End Users
- Configure Advanced TLS/SSL Options
- Configuring Log File Collection Values
- Configure VMware Blast Options
- Horizon Client Data Collected by VMware
- Using URIs to Configure Horizon Client
- Managing Remote Desktop and Application Connections
- Setting the Certificate Checking Mode for Horizon Client
- Configure Horizon Client to Select a Smart Card Certificate
- Connect to a Remote Desktop or Application
- Share Access to Local Folders and Drives
- Clicking URL Links That Open Outside of Horizon Client
- Open a Recent Remote Desktop or Application
- Connecting to a Server When Horizon Client Starts
- Configure Horizon Client to Forget the Server User Name and Domain
- Hide the VMware Horizon Client Window
- Configure Keyboard Shortcut Mappings
- Configure Mouse Shortcut Mappings
- Configure Horizon Client Shortcuts
- Searching for Desktops or Applications
- Select a Favorite Remote Desktop or Application
- Switch Desktops or Applications
- Log Off or Disconnect
- Using a Touch Bar with Horizon Client
- Autoconnect to a Remote Desktop
- Configure Reconnect Behavior for Remote Applications
- Enable the Application Pre-Launch Feature in Horizon Client
- Removing a Server Shortcut from the Home Window
- Reordering Shortcuts
- Using a Microsoft Windows Desktop or Application on a Mac
- Feature Support Matrix for Mac
- Internationalization
- Monitors and Screen Resolution
- Using Exclusive Mode
- Connect USB Devices
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Copying and Pasting Text and Images
- Using Remote Applications
- Saving Documents in a Remote Application
- Printing from a Remote Desktop or Application
- PCoIP Client-Side Image Cache
- Troubleshooting Horizon Client
- Index
Configuring Certificate Checking for End Users
Administrators can congure the certicate verication mode so that, for example, full verication is always
performed.
Certicate checking occurs for SSL connections between Connection Server and Horizon Client.
Administrators can congure the verication mode to use one of the following strategies:
n
End users are allowed to choose the verication mode. The rest of this list describes the three
verication modes.
n
(No verication) No certicate checks are performed.
n
(Warn) End users are warned if a self-signed certicate is being presented by the server. Users can
choose whether or not to allow this type of connection.
n
(Full security) Full verication is performed and connections that do not pass full verication are
rejected.
For details about the types of verication checks performed, see “Seing the Certicate Checking Mode for
Horizon Client,” on page 26.
You can set the verication mode so that end users cannot change it. Set the "Security Mode" key in
the /Library/Preferences/com.vmware.horizon.plist le on Mac clients to one of the following values:
n
1 implements Never connect to untrusted servers.
n
2 implements Warn before connecting to untrusted servers.
n
3 implements Do not verify server identity certificates.
Configure Advanced TLS/SSL Options
You can select the security protocols and cryptographic algorithms that are used to encrypt communications
between Horizon Client and Horizon servers and between Horizon Client and the agent in the remote
desktop.
These security options are also used to encrypt the USB channel (communication between the USB plugin
and the agent on the remote desktop).
By default, TLSv1.0, TLSv1.1, and TLSv1.2 are enabled. SSL v2.0 and 3.0 are not supported. The default
cipher control string is "!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH
+AES:RSA+AES".
N If TLSv1.0 and RC4 are disabled, USB redirection does not work when users are connected to
Windows XP remote desktops. Be aware of the security risk if you choose to make this feature work by
enabling TLSv1.0 and RC4.
If you congure a security protocol for Horizon Client that is not enabled on the Horizon server to which the
client connects, a TLS/SSL error occurs and the connection fails.
I At least one of the protocol versions that you enable in Horizon Client must also be enabled on
the remote desktop. Otherwise, USB devices cannot be redirected to the remote desktop.
For information about conguring the security protocols that are accepted by Connection Server instances,
see the View Security document.
Procedure
1 Select VMware Horizon Client > Preferences from the menu bar, click Security, and click Advanced.
2 To enable or disable a security protocol, select the check box next to the security protocol name.
Using VMware Horizon Client for Mac
14 VMware, Inc.