Installation and Setup Guide
Table Of Contents
- VMware Horizon Client for Windows Installation and Setup Guide
- Contents
- VMware Horizon Client for Windows Installation and Setup Guide
- System Requirements and Setup for Windows-Based Clients
- System Requirements for Windows Client Systems
- System Requirements for Horizon Client Features
- Smart Card Authentication Requirements
- System Requirements for Real-Time Audio-Video
- System Requirements for Scanner Redirection
- System Requirements for Serial Port Redirection
- System Requirements for Multimedia Redirection (MMR)
- System Requirements for Flash Redirection
- Requirements for Using Flash URL Redirection
- System Requirements for HTML5 Multimedia Redirection
- System Requirements for Microsoft Lync with Horizon Client
- Requirements for Using URL Content Redirection
- Requirements for Using Skype for Business with Horizon Client
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Clearing the Last User Name Used to Log In to a Server
- Configure VMware Blast Options
- Using Internet Explorer Proxy Settings
- Horizon Client Data Collected by VMware
- Installing Horizon Client for Windows
- Configuring Horizon Client for End Users
- Common Configuration Settings
- Using URIs to Configure Horizon Client
- Setting the Certificate Checking Mode in Horizon Client
- Configuring Advanced TLS/SSL Options
- Configure Application Reconnection Behavior
- Using the Group Policy Template to Configure VMware Horizon Client for Windows
- Running Horizon Client From the Command Line
- Using the Windows Registry to Configure Horizon Client
- Managing Remote Desktop and Application Connections
- Connect to a Remote Desktop or Application
- Use Unauthenticated Access to Connect to Remote Applications
- Tips for Using the Desktop and Application Selector
- Share Access to Local Folders and Drives with Client Drive Redirection
- Hide the VMware Horizon Client Window
- Reconnecting to a Desktop or Application
- Create a Desktop or Application Shortcut on the Client Desktop or Start Menu
- Using Start Menu Shortcuts That the Server Creates
- Switch Desktops or Applications
- Log Off or Disconnect
- Working in a Remote Desktop or Application
- Feature Support Matrix for Windows Clients
- Internationalization
- Enabling Support for Onscreen Keyboards
- Resizing the Remote Desktop Window
- Monitors and Screen Resolution
- Connect USB Devices with USB Redirection
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Copying and Pasting Text and Images
- Using Remote Applications
- Printing from a Remote Desktop or Application
- Control Adobe Flash Display
- Clicking URL Links That Open Outside of Horizon Client
- Using the Relative Mouse Feature for CAD and 3D Applications
- Using Scanners
- Using Serial Port Redirection
- Keyboard Shortcuts
- Troubleshooting Horizon Client
- Index
You can use the Horizon Client Conguration ADMX template le (vdm_client.admx) to set the verication
mode. All ADMX les that provide group policy seings are available in a .zip le named VMware-Horizon-
Extras-Bundle-x.x.x-yyyyyyy.zip, where x.x.x is the version and yyyyyyy is the build number. You can
download this GPO bundle from the VMware Horizon download site at
hp://www.vmware.com/go/downloadview. For information about using this template to control GPO
seings, see “Using the Group Policy Template to Congure VMware Horizon Client for Windows,” on
page 44.
N You can also use the Horizon Client Conguration ADMX template le to restrict the use of certain
cryptographic algorithms and protocols before establishing an encrypted SSL connection. For more
information about this seing, see“Security Seings for Client GPOs,” on page 47.
If you do not want to congure the certicate verication seing as a group policy, you can also enable
certicate verication by adding the CertCheckMode value name to one of the following registry keys on the
client computer:
n
For 32-bit Windows: HKEY_LOCAL_MACHINE\Software\VMware, Inc.\VMware VDM\Client\Security
n
For 64-bit Windows: HKLM\SOFTWARE\Wow6432Node\VMware, Inc.\VMware VDM\Client\Security
Use the following values in the registry key:
n
0 implements Do not verify server identity certificates.
n
1 implements Warn before connecting to untrusted servers.
n
2 implements Never connect to untrusted servers.
If you congure both the group policy seing and the CertCheckMode seing in the registry key, the group
policy seing takes precedence over the registry key value.
N In a future release, conguring this seing using the Windows registry might not be supported. A
GPO seing must be used.
Configuring Advanced TLS/SSL Options
You can select the security protocols and cryptographic algorithms that are used to encrypt communications
between Horizon Client and servers, or between Horizon Client and the agent in the remote desktop.
These security options are also used to encrypt the USB channel.
With the default seing, cipher suites use 128- or 256-bit AES, remove anonymous DH algorithms, and then
sort the current cipher list in order of encryption algorithm key length.
By default, TLS v1.0, TLS v1.1, and TLS v1.2 are enabled. SSL v2.0 and v3.0 are not supported.
N If TLS v1.0 and RC4 are disabled, USB redirection does not work when users are connected to
Windows XP desktops. Be aware of the security risk if you choose to make this feature work by enabling
TLS v1.0 and RC4.
If you congure a security protocol for Horizon Client that is not enabled on the server to which the client
connects, a TLS/SSL error occurs and the connection fails.
I At least one of the protocols that you enable in Horizon Client must also be enabled on the
remote desktop. Otherwise, USB devices cannot be redirected to the remote desktop.
Chapter 3 Configuring Horizon Client for End Users
VMware, Inc. 43