5.2
Table Of Contents
- VMware Horizon View Security
- Contents
- VMware Horizon View Security
- VMware Horizon View Security Reference
- View Accounts
- View Security Settings
- View Resources
- View Log Files
- View TCP and UDP Ports
- Services on a View Connection Server Host
- Services on a Security Server
- Services on a View Transfer Server Host
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Index
View Security Settings
VMware Horizon View includes several settings that you can use to adjust the security of the configuration.
You can access the settings by using View Administrator, by editing group profiles, or by using the ADSI Edit
utility, as appropriate.
Security-Related Global Settings in View Administrator
Security-related global settings for client sessions and connections are accessible under View Configuration
> Global Settings in View Administrator.
Table 1-3. Security-Related Global Settings
Setting Description
Change data recovery password The password is required when you restore the View LDAP
configuration from an encrypted backup.
When you install View Connection Server version 5.1 or later,
you provide a data recovery password. After installation,
you can change this password in View Administrator.
When you back up View Connection Server, the View LDAP
configuration is exported as encrypted LDIF data. To restore
the encrypted backup with the vdmimport utility, you must
provide the data recovery password. The password must
contain between 1 and 128 characters. Follow your
organization's best practices for generating secure
passwords.
Disable Single Sign-on for Local Mode operations Determines if single sign-on is enabled when users log in to
their local desktops.
This setting is disabled by default.
Enable automatic status updates Determines if View Manager updates the global status pane
in the upper left corner of View Administrator every few
minutes. The dashboard page of View Administrator is also
updated every few minutes.
This setting is disabled by default.
Message security mode Determines if signing and verification of the JMS messages
passed between View Manager components takes place.
If set to Disabled, message security mode is disabled.
If set to Enabled, View components reject unsigned
messages.
If set to Mixed, message security mode is enabled, but not
enforced for View components that predate View Manager
3.0.
The default setting is Enabled for new installations.
Reauthenticate secure tunnel connections after network
interruption
Determines if user credentials must be reauthenticated after
a network interruption when View clients use secure tunnel
connections to View desktops.
This setting offers increased security. For example, if a laptop
is stolen and moved to a different network, the user cannot
automatically gain access to the remote desktop because the
network connection was temporarily interrupted.
This setting is enabled by default.
Session timeout Determines how long a user can keep a session open after
logging in to View Connection Server.
The default is 600 minutes.
Chapter 1 VMware Horizon View Security Reference
VMware, Inc. 9