Manualshelf

5.0

ManualsBrandsVMware ManualsApplicationsView
11121314151617181920
Table Of Contents
Table 7. Security-Related Settings in the Scripting Definitions Section
Setting Registry Value Name Description
Connect all USB devices to the
desktop on launch
connectUSBOnStartu
p
Determines whether all of the available USB devices on
the client system are connected to the desktop when the
desktop is launched.
This setting is disabled by default.
Connect all USB devices to the
desktop when they are plugged
in
connectUSBOnInsert
Determines whether USB devices are connected to the
desktop when they are plugged in to the client system.
This setting is disabled by default.
Logon Password Password
Specifies the password that View Client uses during
login. The password is stored in plain text by Active
Directory.
This setting is undefined by default.
For more information about these settings and their security implications, see the VMware View
Administration document.
Security-Related Settings in View LDAP
Security-related settings are provided in View LDAP under the object path
cn=common,ou=global,ou=properties,dc=vdi,dc=vmware,dc=int. You can use the ADSI Edit utility to change
the value of these settings on a View Connection Server instance. The change propagates automatically to all
other View Connection Server instances in a group.
Table 8. Security-Related Settings in View LDAP
Name-value pair Attribute Description
cs-
allowunencryptedstartsessi
on
pae-NameValuePair
Allows static key protection to be used for single-sign on to
desktops that are not in a trusted domain where Security
Support Provider Interface (SSPI) negotiation is supported.
Static key protection is known to be relatively insecure
compared to SSPI.
If set to 0, static key protection is not allowed. This setting is
suitable if all the desktops are in trusted domains. If SSPI
negotiation fails, the session does not start.
If set to 1, static key protection can be used if SSPI negotiation
fails. This setting is suitable if some desktops are not in trusted
domains.
The default setting is 1.
pae-OVDIKeyCipher
Specifies the encryption key cipher that View Connection
Server uses to encrypt the virtual disk (.vmdk) file when users
check in and check out a local desktop.
You can set the encryption key cipher value to AES-128,
AES-192 orAES-256.
The default value is AES-128.
pae-
SSOCredentialCacheTi
meout
Sets the single sign-on (SSO) timeout limit in minutes after
which a user's SSO credentials are no longer valid.
The default value is 15.
A value of -1 means that no SSO timeout limit is set.
A value of 0 disables SSO.
VMware View Security
16 VMware, Inc.