3.1
Table Of Contents
- View Manager Administration Guide
- Contents
- About This Book
- Introduction
- Installation
- View Administrator
- Virtual Desktop Deployment
- Client Management
- View Client and View Portal
- Client Connections from the Internet
- Creating SSL Server Certificates
- Using Existing SSL Certificates
- Smart Card Authentication
- RSA SecurID Authentication
- View Client Command Line Options
- Virtual Printing
- Adobe Flash Bandwidth Reduction
- Client Device Information
- Enabling HP RGS Display Protocol
- View Composer
- Overview of View Composer
- Preparing VirtualCenter for View Composer
- Preparing a Parent VM
- Deploying Linked Clone Desktops from View Manager
- Refreshing, Recomposing, and Rebalancing Linked Clone Desktops
- Using an Existing View Composer Database
- Using the SviConfig Tool for View Composer
- Offline Desktop
- Component Policies
- Unified Access
- Troubleshooting
- locked.properties
- Glossary
- Index
VMware, Inc. 101
Chapter 5 Client Management
Using keytool to Create a Truststore
Fromacommandprompt,enterthefollowing:
keytool -import -alias <alias> -file <certificate>
-keystore <truststore_filename>
Inthiscommand,<alias>isaunique(case‐insensitive)nameforanewentityentryinthe
truststore(inthiscase,th ecertificateyouareabouttoimport), <certificate>isthe
nameoftherootCAcertificateyoupreviouslyobtainedorexported,and<truststore
filename>isthenameofth etruststore
outputfile.
Enabling Smart Card Authentication on the Server
AlltypesofViewConnectionServersupportsmartcardauthenticationbutitis
recommendedthatonlysecurityserversareconfiguredtoallowsmartcardaccess.
If youaddsmartcardsupporttostandardorreplicaserversyouwillbepromptedto
selectacertificateeverytimeyouconnecttoViewAdministratoron
thosesystems.
To add smart card authentication to View Connection Server
1Copythetruststorefileyoupreviouslycreated(<truststore_filename>)tothe
followinglocationonViewConnectionServer:
%ProgramFiles%\VMware\VMware View\Server\sslgateway\conf
2 Createatextfilecalledlocked.propertiesthatcontainsthefollowingentries:
trustKeyfile=<truststore filename>
trustStoretype=JKS
useCertAuth=true
ThevaluefortrustKeyfilemustcorrespondtothatof
<truststore filename>.
YoumustrestarttheViewConnectionServerserviceforthesechangestotakeeffect.
N
OTEYoumaybeaskedtocreateapasswordforthekeystore—thisisnotrequiredfor
futureprocedures,butyoushouldrememberitifyouwanttoaddadditional
certificatestothetruststoreatalaterdate.
NOTEInenvironmentswherenotalluserswillauthenticateusingasmartcarditis
alsorecommendedthatyouconfigureanew(oranadditional)securityserver
specificallyforthepurposeofclientsmartcardauthentication.
N
OTEOnceastandardorreplicaViewConnectionServerhasbeenconfigured,you
willbepromptedtochooseacertificatewhenloggingintoViewPortalortoView
Administratoronthatserver.