6.0
Table Of Contents
- View Security
- Contents
- View Security
- View Security Reference
- View Accounts
- View Security Settings
- View Resources
- View Log Files
- View TCP and UDP Ports
- Services on a View Connection Server Host
- Services on a Security Server
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Index
Table 1‑6. Security Settings in the Horizon Client Configuration Template (Continued)
Setting Registry Value Name Description
Ignore
unknown
certificate
authority
problems
IgnoreUnknownCa
Determines whether errors that are associated with an unknown
Certificate Authority (CA) on the server certificate are ignored. These
errors occur when the server sends a certificate that is signed by an
untrusted third-party CA.
This setting is disabled by default.
This setting applies to View 4.6 and earlier releases only.
EnableTicketS
SLAuth
EnableTicketSSLAuth
Enables SSL encrypted framework channel. This setting can have the
following values:
n
Enable: Enable SSL, allow fallback to desktops with no SSL
support.
n
Disable: Disable SSL.
n
Enforce: Enable SSL, refuse to connect to desktops with no SSL
support.
The default value is Enable.
SSLCipherList SSLCipherList
Configures cipher list to restrict the use of certain cryptographic
algorithms and protocols before establishing an encrypted SSL
connection.
The default value is 'SSLv3:TLSv1:TLSv1.1:AES:!
aNULL:@STRENGTH'. That means: SSL v3.0, TLS v1.0 and TLS v1.1
are enabled (SSL v2.0 and TLS v1.2 are disabled).
For more information about these settings and their security implications, see the View Administration
document.
Security-Related Settings in the Scripting Definitions Section of the
Horizon Client Configuration Template
Security-related settings are provided in the Scripting Definitions section of the ADM template file for
Horizon Client (vdm_client.adm). Unless noted otherwise, the settings include both a Computer
Configuration setting and a User Configuration setting. If you define a User Configuration setting, it
overrides the equivalent Computer Configuration setting.
Settings for Scripting Definitions are stored in the registry on the host machine under
HKLM\Software\Policies\VMware, Inc.\VMware VDM\Client.
Table 1‑7. Security-Related Settings in the Scripting Definitions Section
Setting Registry Value Name Description
Connect all USB
devices to the
desktop on
launch
connectUSBOnStartup
Determines whether all of the available USB devices on the client
system are connected to the desktop when the desktop is launched.
This setting is disabled by default.
Connect all USB
devices to the
desktop when
they are plugged
in
connectUSBOnInsert
Determines whether USB devices are connected to the desktop when
they are plugged in to the client system.
This setting is disabled by default.
Logon Password Password
Specifies the password that Horizon Client uses during login. The
password is stored in plain text by Active Directory.
This setting is undefined by default.
For more information about these settings and their security implications, see the View Administration
document.
Chapter 1 View Security Reference
VMware, Inc. 15