Installation and Setup Guide
Table Of Contents
- VMware Horizon Client for Windows Installation and Setup Guide
- Contents
- VMware Horizon Client for Windows Installation and Setup Guide
- System Requirements and Setup for Windows-Based Clients
- System Requirements for Windows Client Systems
- System Requirements for Horizon Client Features
- Smart Card Authentication Requirements
- System Requirements for Real-Time Audio-Video
- System Requirements for Scanner Redirection
- System Requirements for Serial Port Redirection
- System Requirements for Multimedia Redirection (MMR)
- System Requirements for Flash Redirection
- Requirements for Using Flash URL Redirection
- Requirements for Using URL Content Redirection
- System Requirements for HTML5 Multimedia Redirection
- Requirements for the Session Collaboration Feature
- Requirements for Using Fingerprint Scanner Redirection
- Requirements for Using Microsoft Lync with Horizon Client
- Requirements for Using Skype for Business with Horizon Client
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Clearing the Last User Name Used to Log In to a Server
- Configure VMware Blast Options
- Using Internet Explorer Proxy Settings
- Horizon Client Data Collected by VMware
- Installing Horizon Client for Windows
- Configuring Horizon Client for End Users
- Common Configuration Settings
- Using URIs to Configure Horizon Client
- Setting the Certificate Checking Mode in Horizon Client
- Configuring Advanced TLS/SSL Options
- Configure Published Application Reconnection Behavior
- Using the Group Policy Template to Configure VMware Horizon Client for Windows
- Running Horizon Client From the Command Line
- Using the Windows Registry to Configure Horizon Client
- Managing Remote Desktop and Published Application Connections
- Connect to a Remote Desktop or Published Application
- Use Unauthenticated Access to Connect to Published Applications
- Tips for Using the Desktop and Application Selector
- Share Access to Local Folders and Drives with Client Drive Redirection
- Hide the VMware Horizon Client Window
- Reconnecting to a Desktop or Published Application
- Create a Desktop or Application Shortcut on the Client Desktop or Start Menu
- Using Start Menu Shortcuts That the Server Creates
- Switch Remote Desktops or Published Applications
- Log Off or Disconnect
- Working in a Remote Desktop or Application
- Feature Support Matrix for Windows Clients
- Internationalization
- Enabling Support for Onscreen Keyboards
- Resizing the Remote Desktop Window
- Monitors and Screen Resolution
- Use USB Redirection to Connect USB Devices
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Using the Session Collaboration Feature
- Copying and Pasting Text and Images
- Using Published Applications
- Printing from a Remote Desktop or Published Application
- Control Adobe Flash Display
- Clicking URL Links That Open Outside of Horizon Client
- Using the Relative Mouse Feature for CAD and 3D Applications
- Using Scanners
- Using Serial Port Redirection
- Keyboard Shortcuts
- Troubleshooting Horizon Client
Table 3‑10. PCoIP Client Session Variables (Continued)
Setting Description
Configure PCoIP
virtual channels
Specifies the virtual channels that can and cannot operate over PCoIP sessions. This setting also
determines whether to disable clipboard processing on the PCoIP host.
Virtual channels that are used in PCoIP sessions must appear on the virtual channel authorization
list. Virtual channels that appear in the unauthorized virtual channel list cannot be used in PCoIP
sessions.
You can specify a maximum of 15 virtual channels for use in PCoIP sessions.
Separate multiple channel names with the vertical bar (|) character. For example, the virtual channel
authorization string to allow the mksvchan and vdp_rdpvcbridge virtual channels is
mksvchan|vdp_rdpvcbridge.
If a channel name contains the vertical bar or backslash (\) character, insert a backslash character
before it. For example, type the channel name awk|ward\channel as awk\|ward\\channel.
When the authorized virtual channel list is empty, all virtual channels are disallowed. When the
unauthorized virtual channel list is empty, all virtual channels are allowed.
The virtual channels setting applies to both agent and client. Virtual channels must be enabled on
both agent and client for virtual channels to be used.
The virtual channels setting provides a separate check box that allows you to disable remote
clipboard processing on the PCoIP host. This value applies to the agent only.
By default, all virtual channels are enabled, including clipboard processing.
Configure SSL cipher
list
Configures an SSL cipher list to restrict the use of cipher suites before establishing an encrypted
SSL connection. The list consists of one or more cipher suite strings separated by colons. All cipher
suite strings are case insensitive.
The default value is ECDHE-RSA-AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:ECDHE-
RSA-AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:@STRENGTH.
If this setting is configured, the Enforce AES-256 or stronger ciphers for SSL connection
negotiation check box in the Configure SSL connections to satisfy Security Tools
setting is ignored.
This setting must be applied to both the PCoIP server and the PCoIP client.
Configure SSL
connections to satisfy
Security Tools
Specifies how SSL session negotiation connections are established. To satisfy security tools, such
as port scanners, enable this setting and do the following:
1 Store the certificate for the Certificate Authority that signed any Server certificate to be used with
PCoIP in the Trusted Root certificate store.
2 Configure the agent to load certificates only from the Certificate Store. If the Personal store for
the Local Machine is used, leave the CA Certificate store name unchanged with the value
ROOT, unless a different store location was used in step 1.
If this setting is disabled, the AES-128 cipher suite is not available and the endpoint uses
Certification Authority certificates from the machine account's MY store and Certification Authority
certificates from the ROOT store. This setting is disabled by default.
Configure SSL
protocols
Configures the OpenSSL protocol to restrict the use of certain protocols before establishing an
encrypted SSL connection. The protocol list consists of one or more OpenSSL protocol strings
separated by colons. All cipher strings are case insensitive.
The default value is TLS1.1:TLS1.2, which means that TLS v1.1 and TLS v1.2 are enabled and
SSL v2.0, SSLv3.0, and TLS v1.0 are disabled.
If this setting is set in both the client and the agent, the OpenSSL protocol negotation rule is
followed.
VMware Horizon Client for Windows Installation and Setup Guide
VMware, Inc. 69