-
-
-
-
-
Recent Posts
Recent Comments
- My Homepage on SSL Certificates in Connection Server/Security Server
- D. Garrett on Motorola Xoom versus Apple’s iPad2
- Astie on Motorola Xoom versus Apple’s iPad2
- myvirtualcloud.net » Weekly VDI Digest March 22, 2011 on VMware View and Sentillion SSO – Part 2
- myvirtualcloud.net » Weekly VDI Digest March 15, 2011 on Dedicated vSphere Infrastructure for View?
Archives
Categories
Meta
VMware View 5.1 and above SSL Certs
Recently I had the pleasure of setting up GoDaddy certificates on a View Security Server. In View 5.1 the process has changed somewhat and it reality it has gotten easier! There are several good blogs as well as KB articles, listed at the end of this entry. The one that actually outlines it is http://kb.vmware.com/kb/2032400.
Using the Microsoft Certreq tool on a Windows 2008 R2 server that is the Security Server, here is an outline of the steps:
1. Create the configuration file in the request.inf format.
;—————– request.inf —————–
[Version]Signature=”$Windows NT$”
[NewRequest]
Subject = “CN=View_Server_FQDN, OU=Organizational_Unit_Name, O=Organization_Name, L=City_Name, S=State_Name, C=Country_Name” ; replace attributes in this line using example below
KeySpec = 1
KeyLength = 2048
; Can be 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
FriendlyName = “vdm”
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = “Microsoft RSA SChannel Cryptographic Provider”
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
[RequestAttributes]
; SAN=”dns=FQDN_you_require&dns=other_FQDN_you_require”
;———————————————–
2. Open the file in an editor and update the Subject field.
Subject = “CN=view.company.com, OU=Helpdesk, O=IT, L=Palo Alto, S=California, C=US”
3. Save it to a folder such as C:\Certs.
Generate a CSR using the configuration file:
1. Open a CMD prompt with “Run as Administrator”. Change to the directory that the file was saved off to.
cd C:\certs
2. Generate the CSR file.
certreq -new request.inf certreq.txt
3. Open the “certreq.txt” file in an editor and paste that into the CA request to obtain a signed certificate.
4. Save off the resulting certificate files from the CA and copy them into a cert.cer file (as well as the root and intermediate files, root.cer & intermediate.cer).
Import the signed certificate:
1. Open a CMD prompt with “Run as Administrator”. Change to the directory that the file was saved off to.
2. In the directory with the *.cer files run the certreq tool again.
certreq – accept cert.cer
3. If you originally had a self signed certificate, make sure to remove the friendly name of “vdm” from it.
4. restart the View services or reboot.
Verify in the MMC snap in for Certificates:
KB Articles:
http://kb.vmware.com/kb/2032400
http://kb.vmware.com/kb/2021537
http://kb.vmware.com/kb/2020913
Blogs:
http://fojta.wordpress.com/2012/05/27/vmware-view-5-1-and-ssl-certificate-replacement/
http://my-virt.alfadir.net/2012/05/generate-view-5-1-certificat/
Posted in PCoIP, Security, SSL, View
Leave a comment
The Wait is Over
- Great New -
The wait is over and customers can now use View 5.1 and 5.1.1 with the latest update to ESXi for vSphere 5.1.
Posted in vCenter, VDI, View, vSphere
Leave a comment
Great Blog on upcoming 3D capabilities in View
VMware View 3D Gaming Experience
Simon Long posted a great blog at http://www.simonlong.co.uk/blog/2012/10/25/vmware-view-3d-gaming-experience/ about the both at VMWorld 2012.
Posted in 3D, VDI, View
Leave a comment
Bypassing KMS activation on Windows 7/Vista in View Composer
There used to be a VMware KB article that described how to bypass license activation for MAK copies of Windows (KB 1026556), it was updated and now doesn’t include how to do bypass – instead it says contact support. Of coarse use of MAK licenses are not supported, but in testing there are two registry keys that will allow you to move forward. So, here they are, but use at your own risk!
To enable QuickPrep to activate licenses for MAK clients:
In the guest operating system on the parent virtual machine, start the Windows Registry Editor and navigate to this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmware-viewcomposer-ga
Navigate to the AllowActivateMAKLicense registry value. The default value is 0.
Set the value to 1.
To bypass license activation by QuickPrep:
In the guest operating system on the parent virtual machine, start the Windows Registry Editor and navigate to this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmware-viewcomposer-ga
Navigate to the SkipLicenseActivation registry value. The default value is 0.
Set the value to 1.
Posted in Security, VDI, View
Leave a comment
Windows 8 in View
Do you want to run Windows 8 in View? With the release of Windows 8 rapidly approaching, VMware is ahead of the game! Robert Baesman just released a great blog on how to set it up over on the VMware EUC blog (http://blogs.vmware.com/euc/2012/07/experimenting-with-windows-8-desktops-in-view.html). Go for it!!!
Posted in VDI, View
Leave a comment
VMware vC Ops for View
Ran into an issue this week with environments that are running vC Ops for View and have upgraded their View environment from 5.0 to 5.1, for some reason the collector seems to check out OK on all the test, but the information doesn’t get back into the vC Ops appliance. Looks like this:
This is because the View credentials used by the View adapter do not have correct privileges. Previously we’ve recommended that the account used by the View adapter be part of the local admins group on the View Connection Server. In View 5.0 this group was included with View administrators by default but that doesn’t appear to be the case in 5.1. Therefore, the View PowerShell commands don’t work because the account doesn’t have sufficient privileges.
To work around this, simply make sure that the credentials used by the View adapter are included with at least the “Administrators (Read only)” role in the View admin console (either directly or by group membership).
Posted in Enterprise Management, vCenter, VDI, View
Leave a comment
VMware View Mobile Secure Desktop
Great new series from VMware training. Register for this 12 part series and get a free ebook with all the material. Quote from the VMware page below:
The VMware View Mobile Secure Desktop is a pre-tested and fully validated solution that provides end users with contextually aware, policy-driven access to virtual desktops across devices and locations.
In this 12 part bootcamp we will show you how to get started and how to successfully roll out and deploy virtual desktops and applications and infrastructure to securely support mobile users. We will have sessions covering everything from design considerations to location based printing and implementing high-performance, policy driven access through vShield and leading security technologies.
We will also touch on VMware’s new vCOPs for View and how you can take advantage of Radius for two factor authentication. At the end of this bootcamp, you should have a good understanding of the VMware View Mobile Secure Desktop Solution, how to roll it out and how to optimize View in your environment.
The bootcamp begins Monday, July 16th. A new bootcamp video will be released each subsequent morning. Be sure to also check for related blog postings along the way!
Register here - http://info.vmware.com/content/17583_Mobile_Desktop_Bootcamp_REG
Posted in ThinApp, VDI, View
Leave a comment
New VMware ThinApp Point Release
VMware ThinApp 4.7.2: Minor release, major new features for Horizon!
This new release of VMware ThinApp includes:
- A mechanism for updating ThinApp packages in Horizon Application Manager
- A new relink –h command to enable prior ThinApp packages for Horizon
- RemoveSandboxOnStart, a new Package.ini parameter
Read more here - http://blogs.vmware.com/euc/2012/07/vmware-thinapp-4-7-2-horizon-features.html
Posted in ThinApp
Leave a comment