VMware View supports user authentication with X.509 certificates (smart cards).
This setup requires a fully deployed Windows Public Key Infrastructure with personal certificates on users’ WWPass accounts. When this type of authentication is set, VMware View provides Single Sign-On feature: user is further automatically logged into Windows Virtual Desktop session.
VMware View Single Sign-On is an out-of-the box technology that does not require any dedicated software and is especially useful when user certificates are used in other parts of corporate networks, such as SSH login, Remote Desktop access, etc.
Should you have any questions about WWPass EAS, please contact WWPass support at firstname.lastname@example.org
Below is the list of requirements for WWPass authentication for VMware Single Sign-On.
- VMware vSphere ESXi - 4.0 or later
- VMware Horizon View Connection Server - 5.1 or later
- Web Browser - support for Flash Plugin (required to administer VMware View server)
- VMware Horizon Client
- 3.4 or later for Linux OS
- 5.1 or later for Windows OS
- WWPass Security Pack - 3.1 or later
- WWPass Key - activated
Before setting up WWPass authentication for VMware View Single Sign-On be sure that your root or intermediate certificates are properly installed. For further help with installing your certificates properly refer to:
- All root and intermediate certificates required by your organization to validate SmartCards should be in DER format and have '.cer' extension.
- In step 13 of the knowledge base article above, the password must be at least 6 characters and must be enclosed within quotes even if it doesn’t contain spaces or special characters.
To customize authentication with WWPass Key, open VMware View Administrator in your web browser (Internet Explorer is recommended).
Expand View Configuration section in the left menu.
Select Servers in the left menu and open Connection Servers tab in the right pane.
Select the server to customize and click
Select the Authentication tab.
Under Smart card authentication option:
- select “Required” to allow authentication only with WWPass Key;
- select “Optional” to allow authentication both with WWPass Key and login and password.