7.0
Table Of Contents
- View Architecture Planning
- Contents
- View Architecture Planning
- Introduction to View
- Planning a Rich User Experience
- Feature Support Matrix for Horizon Agent
- Choosing a Display Protocol
- Using Hosted Applications
- Using View Persona Management to Retain User Data and Settings
- Using USB Devices with Remote Desktops and Applications
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Using 3D Graphics Applications
- Streaming Multimedia to a Remote Desktop
- Printing from a Remote Desktop
- Using Single Sign-On for Logging In
- Monitors and Screen Resolution
- Managing Desktop and Application Pools from a Central Location
- Advantages of Desktop Pools
- Advantages of Application Pools
- Reducing and Managing Storage Requirements
- Application Provisioning
- Deploying Individual Applications Using an RDS Host
- Deploying Applications and System Updates with View Composer
- Deploying Applications and System Updates with Instant Clones
- Managing VMware ThinApp Applications in View Administrator
- Deploying and Managing Applications Using App Volumes
- Using Existing Processes or VMware Mirage for Application Provisioning
- Using Active Directory GPOs to Manage Users and Desktops
- Architecture Design Elements and Planning Guidelines for Remote Desktop Deployments
- Virtual Machine Requirements for Remote Desktops
- View ESXi Node
- Desktop Pools for Specific Types of Workers
- Desktop Virtual Machine Configuration
- RDS Host Virtual Machine Configuration
- vCenter Server and View Composer Virtual Machine Configuration
- View Connection Server Maximums and Virtual Machine Configuration
- vSphere Clusters
- Storage and Bandwidth Requirements
- View Building Blocks
- View Pods
- Advantages of Using Multiple vCenter Servers in a Pod
- Planning for Security Features
- Understanding Client Connections
- Choosing a User Authentication Method
- Restricting Remote Desktop Access
- Using Group Policy Settings to Secure Remote Desktops and Applications
- Using Smart Policies
- Implementing Best Practices to Secure Client Systems
- Assigning Administrator Roles
- Preparing to Use a Security Server
- Understanding View Communications Protocols
- Overview of Steps to Setting Up a View Environment
- Index
Using Single Sign-On for Logging In
The single-sign-on (SSO) feature allows end users to supply Active Directory login credentials only once.
If you do not use the single-sign-on feature, end users must log in twice. They are first prompted for Active
Directory credentials to log in to View Connection Server and then are prompted log in to their remote
desktop. If smart cards are also used, end users must sign in three times because users must also log in
when the smart card reader prompts them for a PIN.
For remote desktops, this feature includes a credential provider dynamic-link library.
True SSO
With the True SSO feature, introduced with Horizon 7 and VMware Identity Manager 2.6, users are no
longer required to supply Active Directory credentials at all. After users log in to VMware Identity Manager
using any non-AD method (for example, RSA SecurID or RADIUS authentication), users are not prompted
to also enter Active Directory credentials in order to use a remote desktop or application.
If a user authenticates by using smart cards or Active Directory credentials, the True SSO feature is not
necessary, but you can configure True SSO to be used even in this case. Then any AD credentials that the
user provides are ignored and True SSO is used.
True SSO works by generating a unique, short-lived certificate for the Windows logon process. You must set
up a Certificate Authority, if you do not already have one, and a certificate Enrollment Server in order to
generate short-lived certificates on behalf of the user. You install the Enrollment Server by running the View
Connection Server installer and selecting the Enrollment Server option.
True SSO separates authentication (validating a user's identity) from access (such as to a Windows desktop
or application). User credentials are secured by a digital certificate. No passwords are vaulted or transferred
within the data center. For more information, see the View Administration document.
Monitors and Screen Resolution
You can extend a remote desktop to multiple monitors. If you have a high-resolution monitor, you can see
the remote desktop or application in full resolution.
If you are using All Monitors display mode and click the Minimize button, if you then maximize the
window, the window will go back to All Monitors mode. Similarly, if you are using Fullscreen mode and
minimize the window, when you maximize the window, the window will go back to Fullscreen mode on
one monitor.
Using All Monitors in a Multiple-Monitor Setup
Regardless of the display protocol, you can use multiple monitors with a remote desktop. If you have
Horizon Client use all monitors, if you maximize an application window, the window expands to the full
screen of only the monitor that contains it.
Horizon Client supports the following monitor configurations:
n
If you use 2 monitors, the monitors are not required to be in the same mode. For example, if you are
using a laptop connected to an external monitor, the external monitor can be in portrait mode or
landscape mode.
n
If have a version of Horizon Client that is earlier than 4.0, and you use more than 2 monitors, the
monitors must be in the same mode and have the same screen resolution. That is, with Horizon Client
3.x, if you use 3 monitors, all 3 monitors must be in either portrait mode or landscape mode and must
use the same screen resolution.
View Architecture Planning
32 VMware, Inc.