User manual
Table Of Contents
- Using VMware Horizon Client for Windows
- Contents
- Using VMware Horizon Client for Windows
- System Requirements and Setup for Windows-Based Clients
- System Requirements for Windows Clients
- System Requirements for Real-Time Audio-Video
- System Requirements for Scanner Redirection
- System Requirements for Serial Port Redirection
- System Requirements for Multimedia Redirection (MMR)
- System Requirements for Flash Redirection
- System Requirements for Microsoft Lync with Horizon Client
- Requirements for Using URL Content Redirection
- Requirements for Using Skype for Business with Horizon Client
- Smart Card Authentication Requirements
- Device Authentication Requirements
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Clearing the Last User Name Used to Log In to a Server
- Configure VMware Blast Options
- Using Internet Explorer Proxy Settings
- Horizon Client Data Collected by VMware
- Installing Horizon Client for Windows
- Configuring Horizon Client for End Users
- Common Configuration Settings
- Using URIs to Configure Horizon Client
- Configuring Certificate Checking for End Users
- Configuring Advanced TLS/SSL Options
- Configure Application Reconnection Behavior
- Using the Group Policy Template to Configure VMware Horizon Client for Windows
- Running Horizon Client from the Command Line
- Using the Windows Registry to Configure Horizon Client
- Managing Remote Desktop and Application Connections
- Connect to a Remote Desktop or Application
- Use Unauthenticated Access to Connect to Remote Applications
- Tips for Using the Desktop and Application Selector
- Share Access to Local Folders and Drives
- Hide the VMware Horizon Client Window
- Reconnecting to a Desktop or Application
- Create a Desktop or Application Shortcut on Your Client Desktop or Start Menu
- Switch Desktops or Applications
- Log Off or Disconnect
- Working in a Remote Desktop or Application
- Feature Support Matrix for Windows Clients
- Internationalization
- Enabling Support for Onscreen Keyboards
- Resizing the Remote Desktop Window
- Monitors and Screen Resolution
- Connect USB Devices
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Copying and Pasting Text and Images
- Using Remote Applications
- Printing from a Remote Desktop or Application
- Control Adobe Flash Display
- Clicking URL Links That Open Outside of Horizon Client
- Using the Relative Mouse Feature for CAD and 3D Applications
- Using Scanners
- Using Serial Port Redirection
- Keyboard Shortcuts
- Troubleshooting Horizon Client
- Index
Use the Horizon Client Conguration ADMX template le (vdm_client.admx) to set the verication mode.
All ADMX les that provide group policy seings are available in a .zip le named VMware-Horizon-
Extras-Bundle-x.x.x-yyyyyyy.zip, where x.x.x is the version and yyyyyyy is the build number. You can
download this GPO bundle from the VMware Horizon download site at
hp://www.vmware.com/go/downloadview. For information about using this template to control GPO
seings, see “Using the Group Policy Template to Congure VMware Horizon Client for Windows,” on
page 42.
N You can also use the Horizon Client Conguration ADMX template le to restrict the use of certain
cryptographic algorithms and protocols before establishing an encrypted SSL connection. For more
information about this seing, see“Security Seings for Client GPOs,” on page 45.
If you do not want to congure the certicate verication seing as a group policy, you can also enable
certicate verication by adding the CertCheckMode value name to one of the following registry keys on the
client computer:
n
For 32-bit Windows: HKEY_LOCAL_MACHINE\Software\VMware, Inc.\VMware VDM\Client\Security
n
For 64-bit Windows: HKLM\SOFTWARE\Wow6432Node\VMware, Inc.\VMware VDM\Client\Security
Use the following values in the registry key:
n
0 implements Do not verify server identity certificates.
n
1 implements Warn before connecting to untrusted servers.
n
2 implements Never connect to untrusted servers.
If you congure both the group policy seing and the CertCheckMode seing in the registry key, the group
policy seing takes precedence over the registry key value.
N In a future release, conguring this seing using the Windows registry might not be supported. A
GPO seing must be used.
Setting the Certificate Checking Mode for Horizon Client
Administrators and sometimes end users can congure whether client connections are rejected if any or
some server certicate checks fail.
Certicate checking occurs for SSL connections between Connection Server and Horizon Client. Certicate
verication includes the following checks:
n
Has the certicate been revoked?
n
Is the certicate intended for a purpose other than verifying the identity of the sender and encrypting
server communications? That is, is it the correct type of certicate?
n
Has the certicate expired, or is it valid only in the future? That is, is the certicate valid according to
the computer clock?
n
Does the common name on the certicate match the host name of the server that sends it? A mismatch
can occur if a load balancer redirects Horizon Client to a server that has a certicate that does not match
the host name entered in Horizon Client. Another reason a mismatch can occur is if you enter an IP
address rather than a host name in the client.
Using VMware Horizon Client for Windows
40 VMware, Inc.