With VMware View Server using LDAPS (port 636)

Similar Questions

• With VMware View can use persistent disks and roaming profiles together

  Site already has XP roaming profiles configuration and are again VDI Win7 so new profiles (username.v2) will be created anyway. However, I want to continue to use roaming profiles, hosted on a server so that the data is replicated and backed up. (redundant solutions already in place) Initially while we configure persistent discs and the VDI will be not synchronize with the roaming profile on D:\   I confirmed that my roaming profiles work very well on a physical system running Win7, but problems with the VDI. I was wondering if I can get them in sync in the current configuration, or if I should scrap the drive persistent in a way that the data will be all stay and synchronize on roaming profile constantly even if I refresh or update my Golden VDI image?

  Hi, welcome in the community

  If you want to use your existing installation of roaming profile, then the best option is do not use "persistent" disk configuration Redirect to drive persistent static and it brings the use of extra storage.

  While commissioning a desk with persistent disk pool, view and changes the path of the user in HKLM\Software\Microsoft\Windows NT\CurrentVersion\Profile profile list to the D drive.  This may conflict with your roaming profile configuration. To confirm that, in the physical machine, change string values "Default", 'Profile directory' and 'Public' in the list of profiles registry which refers to a new path.

  > If I should scrap the persistent drive in a way that the data will be all remain and synchronize with roaming profile constantly even if I refresh or update my Golden VDI image?

  Yes, it could be a convenient option for you. Deploy pools dedicated without redirection of the user's data

• How to fix VMware View Server certificate revocation check connection error?

  Dear community,

  For about 2 weeks, I feel a revocation of the certificate check error in our environment Horizon see 6.2. The strange thing is that, within 12 hours about two (replication) connection servers and the vCenter Server / server of composer (on the same machine) are considered as having invalid certificates, even if, in fact, they are valid (CA certificates). We use no security servers.

  The view admin console shows the following for servers connection:

  The server certificate is not approved.

  The server certificate cannot be verified.

  For the vCenter, he said (that I have validated manually the certificate):

  No problems found.

  Certificate is not approved, but the thumbprint of the certificate is accepted.

  With the connection series on 'full', States that the login server logs for the vCenter server:

  TRACE (B 17-0 - 0E98) < VCHealthUpdate > [NativeKeyVault] validateCertificateChain response: {result = FAIL, EndEntityReasons = cantCheckRevoked, ChainReasons = invalid, SelfSigned = false, EndErrorCode = 16777280, EndInfoCode = 258, ChainErrorCode = 16777280, ChainInfoCode = 256, PolicyErrorCode =-2146885613}

  As far as I can see there no similar entries for login server certificates in the newspaper.

  At the moment I am under the environment with composer and vCenter certificates manually valid and invalid connection (red) server certificates (as view clients and browsers are not disabled).

  I already checked that I am able to do everything 'green' again via setting the registry key 'CertificateRevocationCheckType'2 (as described here Configure the server certificates certificate revocation check). This brings me to the conclusion that one of the intermediate certificates cannot be validated. So, I had the information a "version" of an intermediate (intermediate certification authority) certificate has been revoked. There seems to be no coincidence - like the time point is as well, but this particular version does not appear to be used in the servers of my connection.

  However, even with full logging enabled, I can't information which (intermediate) certificate cannot be validated and why. I expected to see something like 'OCSP verification' or 'check the CRL' but I can't find it in the newspapers. However, I noticed that one of the intermediate certificates lacked the OCSP URL (even if the field "Authority Information Access" existed). Of course I updated the certificate with a version that contains the OCSP URL, but it has not changed anything.

  In addition, I checked manually all of the certificates in the chain with openssl (for OCSP) and CRLs as well, but everything seems to be OK (all URLS are accessible and no opportunity of certificate has been revoked). Actually, I do not interpret the error as "that the connection to the server is an invalid certificate because it has been revoked", but "it cannot check if it has been revoked. The servers do not need a proxy and nothing configured, so (I checked the proxy settings system context, also).

  For now, the problem is not critical, such as 'red' status connection server has no effect on our customers and so I could turn off certificate revocation check (or switch to check that the certificate of the server (2)). But of course, I would really solve the problem.

  Is there someone who can give me a hint on what to check, for example, how do I know which certificate cannot be controlled and why? Someone had the same or a similar problem? Support VMware is working on the problem as well, but they seem don't know is not the problem, either.

  I appreciate the thoughts and responses! Thank you!

  Best regards

  Fabian

  Dear community,

  During this time, I was able to correct the error described at the beginning of this thread. Jump to the end to see what could probably help you...

  1. At first, I installed an additional standalone VMware View Server connection in order to check the following related certificates:
     1. VMware support always told me to renew my certificates because they "were not valid" etc. - even if in fact they were (like external URL calls and attested manual verification and tests).
     2. That's why I created new additional certificates for the login server and configured to include the vCenter even as my production environment - only difference was I didn't inlcude the composer who runs the server vCenter himself.
     3. The result was that the server was "green" including both the vCenter Server certificate which could be 'not reliable' by the environment of production - strange, huh?
  2. After I reset the additional server to a turned wink where connection to the server was not yet installed (before that, I uninstalled the connection to the server in case there is information in vCenter thereon) and reinstalled as a replica of the production environment server. Somehow I expected this, but still quite strange the vCenter Server (and composer) now again was considered "invalid", even if the certificate of the server connection itself considered still valid and green. For test purposes, so I put certifice revocation checking on '2' (only one server certificate check) - but only on the 'old' production servers' and 'magical' everything has been considered valid. So as I see it, there seems to be some sort of information stored on the 'old' connection servers that makes them believe that invalid certificates and that the information is replicated on the third server unless I lower the revocation of the certificate controls on these servers. Altervative explanation could be that VMware View does not accept certificates with aliases that do not include the 'real' server name - that is / was in fact certificates the old servers connection. The new server certificate connection included the real name and the alias. I understand if this is the case, but then I expect that it be documented somewhere (I have not found this information) and also wouldn't understand why it worked without problem for several years before.
  3. After finding that out, I created new certificates for the 'old' connection servers, including aliases and real names and replaced the certificate on one of the servers (and restarted the login server) - only a few successfully. Once I put the revocation checking on '4' again on this server, the login server certificate was still considered valid, but not the vCenter and certificate of composer.
  4. Now, I've uninstalled the old login server (removed from the view) and reinstalled completely (including an update of the 2008 R2 2012 R2 OS) and after I have it reintegrated into the environment, everything remained green - as long I have will activate revocation checking on the second login server "old." This is why I did the same with this (completely reinstalled and reinstated it) and now everything is green with the revocation checking enabled on all replicas of server connection.
  5. The next step I uninstall the additional replica because I created only for troubleshooting purposes.

  So what will no doubt help in similar cases:

  • Reinstall the servers of connection one by one, including:
  • Uninstalling html access (if used), uninstall the login server to view, uninstall 'VMware' AD LDS Instance.
  • Removal of the connection to the server of replication group: run "s - r s uninstalled_ vdmadmin.exeservername" on one of the servers connection remaining.
  • Reinstall/Update OS (may not be necessary, but I did not test that)
  • Reininstall, return to the login server replica. If you used the certificates which included only the alias of the server I recommend you to create new ones, including the name of the server as well, but maybe it's not necessary as well. If you want to keep the certificates which only inlcude the alias it will be necessary to install this certificate after the first replication of the servers (see below).

  My question for technicians of VMware/developers: It is supported to use certificates include only the server alias. Otherwise why it worked before and where is it documented? Where are certificate cached information so that simply replace the certificate was only some, and not a complete success (see above). FYI - when I paired initially replicas that I had to install the CA (including only the pseudonym) after the first replication - now with certificates (including the server name and the alias), I could install the certificate before you replicate (= the login server installation).

• The installation of VMWare View Server program

  Hello

  I have a solution of ESXi, vSphere 5 where I host all my virtual servers with a virtual vCenter Management Standard.  I'm working on that I need for a configuration of VMWare View and I was hoping someone here could help me.

  I have 12 physical blades to host my VMWare View solution (according to the calculations of number of jobs) and I have VMWare View Bundle licenses.

  Ive been reading through the notes and he says that this set comes with an edition of vCenter.

  A few questions:

  My existing vCenter instance should be used to manage the VMWare View host or do I need to install a separate instance of vCenter VMWare View and use the license in the bundle?

  I guess I should install ESXi instances in the beam that will allow me to supply only desktop computers?

  If I have servers connection and composer, should they be hosted in Clusters VMWare View or the cluster of servers existing vsphere 5?

  If this is the case, I also have a question about the network configuration.  When I install the ESXi for VMWare View, will I still have a requirement for a management console, the vmkernel, and the 'Front End' (for users IP address) vnic to the vswitch?

  Another question about the round rbin DNS.  I try to also install Connection 2 and 2 servers of composer whose load is balanced.  Anyone has any info on setting up of Robin DNS?

  Thank you very much

  We use a 6 with network storage based physical NETWORK adapter configuration.

  You will have a default port for management.  vMotion is split to its own IP address, and these two vmkernel ports are on the same vSwitch, with natachasery used by one and waiting for the other.

  iSCSI must be separated from its own vSwitch and pair of NICs as well supported by linked vmkernel ports for redundancy and load balancing.

  This leaves at least another vSwitch and pair of natachasery to the actual traffic of vm.

  -KjB

  Post edited by: kjb007: said vSwitch

• Customer light HP t5325 doesn't work don't not with VMware View 5

  Hello

  I recently got a slim Pro HP t5325 customer for testing with VMware view 5. I ve the thin client to the latest firmware update:

  http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en & cc = us & prodTypeId = 12454 & prodSeriesId = 4063703 & prodNameId = 4063704 & swEnvOID = 4030 & swLang = 13 & mode = 2 & taskId = 135 & swItem = vc-99080-1)

  who has the view 4.6 customer and according to the VMware compatibility list:

  http://www.VMware.com/resources/compatibility/PDF/vi_view_guide.PDF

  It should work with view 5. But when I try to launch the client and connect to your desktop from view, he asks just a super quick message (which I don't see) and then it brands the "active" session, but it doesn't open anything . View 5 Client on my laptop works very well and I m able to access the same desktop VM.

  My current setup is:

  • vCenter server 5
  • ESXi5
  • VMware View 5

  What Miss me? Any help would be appreciated.

  Thank you!

  David

  Hello

  I had the same problem this week. He is not related to view 5, same problem exists also with 4.6.

  The problem seems to be that when you try to open the connection, the client calls a /usr/bin/view_wrapper.sh script and this script does NOT run with user privileges? However, if you switch to admin and then open the connection this script works well. You can test it by opening the X terminal in the thin client, then the su user and try to run the script manually /usr/bin/view_wrapper.sh start at 0 and you will get a prompt for sudo.

  I tried to add the useraccount 'user' in/etc/sudoers and allow that user rights sudo for view_client and view_wrapper.sh programs. Did not help

  If you add the user 'user' to the root group, connection opens fine but then you let the open thin client for the standard user to mess with.

  Quite a bug in the software? They don't do any test before releasing these?

• Problem in installing VMware View Server connection

  Hello

  As the first step to install the VMware View Manager, I tried to install the connection to the VMware View server on a virtual machine to Windows 2003 Server SP2. This machine is added to a domain under our Windows Active Directory. I can connect to the machine using user accounts that are on the directory to active directory. My problem is that when I try to install the view connection server, I get an error message indicating

  "The computer is a member of a domain, but no server connection was found. Please make sure that the computer is properly connected to a domain and that a domain controller is available before to perform this installation again'.

  Because I can log into the machine using accounts in active directory, I assume that the computer is properly connected in the field. I also confirmed that there is a domain controller in active directory. I tried to do the installation under an account that has administrative privileges for the object active directory, but also a local administrator account. Could someone suggest where I could go wrong?

  Thanks in advance

  Concerning

  Varun

  You have validated that DNS and WINS are configured correctly on the server you are trying to intall the broker for connections on?

  If you have found this device or any other useful post please consider the use of buttons useful/correct to award points

• ThinPro with VMware View USB Redirection

  Hi all:

  I'm trying to configure my workstation (t620 ThinPro 5.1 running) to start required services necessary for USB with VMware View forwarding at startup.  I tried to add the command to /etc/rc.local and created my own init.d script, but none of these options automatically launch services.  Run manually /etc/rc.local and the custom init.d script launches the services successfully.

  Has someone managed to get the necessary USB redirection services running at the start?  Any guidance is appreciated.

  Thank you.

  Solved my problem... changed under USB Manager Remote Protocol of VMware View.  Updated this setting caused VMware services to run at startup.

• Difference between Standalone Converter and converter integrated with VMware vCenter Server?

  What is the difference between Standalone Converter and converter integrated with VMware vCenter Server, except that it comes integrated with Vcenter and another does not?
  Please confirm is there the technical differences between them?

  Also take a look at the Release Notes for vCenter Server 4.1.

  of http://www.vmware.com/support/vsphere4/doc/vsp_esx41_vc41_rel_notes.html

  VMware vCenter Converter plugin. VMware vSphere 4.1 and later versions of the update and patch are the latest editions of the VMware vCenter Converter plugin for vSphere Client. VMware will continue to update and support the free Converter Standalone product, which allows conversions from sources such as physical machines, machine formats virtual VMware and Microsoft and some third-party disk image formats.

  André

• How to connect weblogic 9.2 with LDAP Port 636 (SSL Enabled)

  Hello
  
  We are currently connecting the weblogic administration console to LDAP using the port 989. Can someone tell us the details on how to connect Weblogic to Port 636 (SSL enabled).
  Requires you to install certificates of security for the same thing?
  
  Thank you

  Yes, the certificate will be provided by the LDAP Service provider.

  Check the SSL Configuration of the Weblogic Server.

  If using demo identity and demo trust, import the following

  keytool - v-import - alias ldapcert - keystore DemoTrust.jks - cert.cer - storepass DemoTrustKeyStorePassPhrase of the file

  If its custom identity and trust personalized, use the command below

  keytool - v-import - alias ldapcert - keystore cert.cer .jks-file - storepass

  Hope this helps,
  Faisal

• Can of POS used with Vmware vCenter Server 5 Standard license

  Hello team,

  Accroding to http://kb.vmware.com/selfservice/microsites/search.do?language=en_US & cmd = displayKC & externalId = 2016565

  WTP is supplied with vSphere Essentials more and more.

  I searched but did not meet solid information where he explains when licensed some don't need us to buy additional licenses for new features / applications, etc.
  I'm new to Vmware licenses hierarchy. We have Vmware vCenter Server Standard 5 license.
  Please point me to a URL that contains the hierarchy of Vmware licenses .

  Thank you much in advance.
  Niraj

  You can use vCenter Server Standard 5 licenses for POS. Everything we have features such as (profile of HA, DRS, FT, VDP, host, DVS etc.) you don't need to worry about the virtual server license Center. You must use the correct license vsphere host. But don't forget to think about some virtual server edition Center can handle some vsphere hosts.

  vCenter server 5 Essentials can manage only vSphere Essentials Plus or vSphere Essentials.

  vCenter Server Standard 5 licensecan eat only vSphere vSphere Enterprise and vSphere companies plus standards.

  You can activate the functionality of POS with vSphere Essentials Plus then you will need to use vCenter server 5 Essentials.If you use vCenter server standard for vSphere Essentials Plus so it give error or warning for violation of editing.

  Thank you

  Atul

• Samsung NC-240 - Windows 7 with VMware View connection problem

  Hi all

  My Samsung NC-240 is set to connect to my server VMware View Connection Manager. I can connect to one of my Windows XP via PCoIP or RDP virtual desktop very well, but I can't connect to my virtual Windows 7 desktop. Whenever I try to connect, it will be wrong and tell them "Session Lost!"

  Research in the NC-240 event log, I see the following:

  11 d, 00:01:09.260 > ready to connect to the host

  11 d, 00:01:21.990 > connection to the host (10.3.70.110, 00-00-00-00-00-00)

  11 d, 00:01:22.020 > using resolution 1920 x 1080 at 60 Hz on DVI port 0

  11 d, 00:01:22.150 > CONNECTED (10.3.70.110, 00-00-00-00-00-00)

  11 d, 00:01:22.160 > receiving power state updated: S0

  11 d, 00:01:22.960 > CURRENT SESSION

  11 d, 00:01:23.600 > (MGMT_RDP): invalid capability length (20)

  11 d, 00:01:23.600 > connection down (RDP protocol error detected)

  11 d, 00:01:23.680 > lost Session!

  11 d, 00:01:23.680 > (MGMT_RDP): INIT: received unknown event 0 x 20!

  Here is the information of the current version of my NC-240:

  Part number of the firmware: FW010034

  Hardware version:

  Firmware Version: 3.0

  Firmware Build ID: v250

  Firmware version Date: December 7, 2009 15:55:15

  PCoIP processor revision: 1.0

  Bootloader Version: 2.1

  Bootloader version identifier: v163

  Bootloader Build Date: August 28, 2008 16:56:13

  Here is the information of the current version of my Agent and VMware View VCM:

  VMware View 4.0.0 - 210939

  I appreciate any input.

  Thank you

  Sang A

  I think it's the same than P20 then try wyse page

• Need help... SSO configuration with vmware view

  Hi team,

  I'm under vmware view 5.1.2. I would like to configure SINGLE sign-on can we avoid to connect computers to office twice. But I'm really confused here in the configuration of SSO given that no official no documents for this.can a help me on this

  2. don't have us install and configure SSO on the remote machine where we have installed the vmware view client?

  or this sso must be installed on individual workstations?

  3. can I use vmware sso that comes with vcenter 5.1 for this set up?

  any help would be appreciated

  Kind regards

  Shan

  N ° you must install anything on virtual desktops other than the Agent of the view. This gives view SSO.

  You can talk about vCenter SSO who is not related to the PSO from view.

  To display, you must only install the software referenced in the view installation guide.

  Mark

• Native integration with VMware View

  I'm evaluating the access (without client) browser based virtual destops with Ericom AccessNow for VMware View software.

  Please find diagram of connection planned for use in the attached file.

  Does anyone has tried to do already?

  What is the best practice to integrate native and VMware View?

  Where can I find the rules of firewall used in the integration of product?

  Are there security issues with access by browser-based virtual desktops?

  Thank you much in advance.

  In general, we do not see a lot of native discussion here, so maybe this isn't the best place for this post.   You can try this http://communities.vmware.com/people/AdamG53 guy has sent a private message because he used to work for the natives.   I have not seen him active lately, so I don't know if it meets or not.

• Discover the virtual machine with VMware View 4.5.  "That underlies the virtual machine is not available.

  I have installed the following to an ESX 4.1 server:

  -VMware View connection server (Server 2008 R2 Ent)

  -V - Center (Server 2003 Std)

  Install the VMware Client with Local Mode 4.5 to a laptop

  Installed VMware Agent to a Windows XP and Win7 is a guest vm on the ESX Server.

  I can connet with success both of these machines.

  When I try to extract either of these machines, I get the error message after 2% saying, "underlying this desktop virtual machine is unavailable.

  

  Can someone tell what to do to solve this problem?  I can't find anything so far for this error.

  Thank you

  Did you install and configure a forwarding server?

  -Mike

• VMware View Server vCentre

  Hello

  I am designing a VDI solution and I have a question about the vCentre server that comes with the view license first.  This is a license fully functional vCentre or a watered-down version that allows to manage only the ESX hosts running vSphere for desktops.  I would have a few regular vSphere ESX hosts to the server infrastructure, vSphere for hosting desktops to virtual desktops, but manage all hosts of the vCentre even.

  Thank you!

  The vCenter Server you get with a view is a regular version, which can be used to display the VM client as well as view (connecting to server.) server infrastructure Use is limited to the above by the EULA (license agreement).

  If you plan to use a vCenter Server as well as your non-View server infrastructure, you need to obtain a separate license for vCenter Server and hosts for non-View systems to be licensed. However, technically, you can manage everything through one instance of vCenter.

  André