7.0
Table Of Contents
- View Upgrades
- Contents
- View Upgrades
- View Upgrade Overview
- System Requirements for Upgrades
- Upgrading View Server Components
- Upgrading View Composer
- Upgrading View Connection Server
- Preparing View Connection Server for an Upgrade
- Upgrade View Connection Servers in a Replicated Group
- Enable TLSv1.0 on vCenter Connections from Connection Server
- Upgrade to the Latest Version of View Connection Server on a Different Machine
- Create a Replicated Group After Reverting View Connection Server to a Snapshot
- Upgrading View Security Server
- Upgrading View Servers in a Cloud Pod Architecture Environment
- Upgrading View Servers to Allow HTML Access
- Upgrade vCenter Server
- Accept the Thumbprint of a Default SSL Certificate
- Using View Group Policy Administrative Template Files
- Upgrade ESXi Hosts and Their Virtual Machines
- Upgrading Remote Desktops and Horizon Client
- Post-Upgrade Tasks to Enable New Features in Your View Setup
- Applying View Patches
- Upgrading vSphere Components Separately in a View Environment
- Index
n
The domain user account that you use to install the new version of View Connection Server must have
administrative privileges on the View Connection Server host. The View Connection Server
administrator must have administrative credentials for vCenter Server.
n
When you run the installer, you authorize a View Administrators account. You can specify the local
Administrators group or a domain user or group account. View assigns full View Administration
rights, including the right to install replicated View Connection Server instances, to this account only. If
you specify a domain user or group, you must create the account in Active Directory before you run the
installer.
n
When you back up View Connection Server, the View LDAP configuration is exported as encrypted
LDIF data. To restore the encrypted backup View configuration, you must provide the data recovery
password. The password must contain between 1 and 128 characters.
Security-Related Requirements
n
View Connection Server requires an SSL certificate that is signed by a CA (certificate authority) and that
your clients can validate. Although a default self-signed certificate is generated in the absence of a CA-
signed certificate when you install View Connection Server, you must replace the default self-signed
certificate as soon as possible. Self-signed certificates are shown as invalid in View Administrator.
Also, updated clients expect information about the server's certificate to be communicated as part of the
SSL handshake between client and server. Often updated clients do not trust self-signed certificates.
For complete information about security certificate requirements, see "Configuring SSL Certificates for
View Servers" in the View Installation guide. Also see the Scenarios for Setting Up SSL Connections to View
document, which describes setting up intermediate servers that perform tasks such as load balancing
and off-loading SSL connections.
NOTE If your original servers already have SSL certificates signed by a CA, during the upgrade, View
imports your existing CA-signed certificate into the Windows Server certificate store.
n
Certificates for vCenter Server, View Composer, and View servers must include certificate revocation
lists (CRLs). For more information, see "Configuring Certificate Revocation Checking on Server
Certificates" in the View Installation guide.
IMPORTANT If your company uses proxy settings for Internet access, you might have to configure your
View Connection Server hosts to use the proxy. This step ensures that servers can access certificate
revocation checking sites on the Internet. You can use Microsoft Netshell commands to import the
proxy settings to View Connection Server. For more information, see "Troubleshooting View Server
Certificate Revocation Checking" in the View Administration guide.
n
If you plan to pair a security server with this View Connection Server instance, verify that Windows
Firewall with Advanced Security is set to on in the active profiles. It is recommended that you turn this
setting to on for all profiles. By default, IPsec rules govern connections between security server and
View Connection Server and require Windows Firewall with Advanced Security to be enabled.
n
If your network topology includes a firewall between a security server and a View Connection Server
instance, you must configure the firewall to support IPsec. See the View Installation document.
n
You might need to make security protocol configuration changes to continue to be compatible with
vSphere. If possible, apply patches to ESXi and vCenter Server to support TLSv1.1 and TLSv1.2 before
upgrading View Connection Server. If you cannot apply patches, reenable TLSv1.0 on View Connection
Server before upgrading. For more information, see “Enable TLSv1.0 on vCenter Connections from
Connection Server,” on page 35.
View Upgrades
16 VMware, Inc.