VMware View

WWPass Authentication for VMware View – Certificate Based Implemenation Guide#

CHAPTER 1 – OVERVIEW#

VMware View supports user authentication with X.509 certificates (smart cards).

This setup requires a fully deployed Windows Public Key Infrastructure with personal certificates on users’ WWPass accounts. When this type of authentication is set, VMware View provides Single Sign-On feature: user is further automatically logged into Windows Virtual Desktop session.

VMware View Single Sign-On is an out-of-the box technology that does not require any dedicated software and is especially useful when user certificates are used in other parts of corporate networks, such as SSH login, Remote Desktop access, etc.

Should you have any questions about WWPass EAS, please contact WWPass support at support@wwpass.com

CHAPTER 2 – REQUIREMENTS#

Below is the list of requirements for WWPass authentication for VMware Single Sign-On.

Server side Requirements#
  • VMware vSphere ESXi - 4.0 or later
  • VMware Horizon View Connection Server - 5.1 or later
Client side Requirements#
  • Web Browser - support for Flash Plugin (required to administer VMware View server)
  • VMware Horizon Client
    • 3.4 or later for Linux OS
    • 5.1 or later for Windows OS
  • WWPass Security Pack - 3.1 or later
  • WWPass Key - activated

CHAPTER 3 – CERTIFICATES ON THE VIEW CONNECTION SERVERS#

Before setting up WWPass authentication for VMware View Single Sign-On be sure that your root or intermediate certificates are properly installed. For further help with installing your certificates properly refer to:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2013044

note
  1. All root and intermediate certificates required by your organization to validate SmartCards should be in DER format and have '.cer' extension.
  2. In step 13 of the knowledge base article above, the password must be at least 6 characters and must be enclosed within quotes even if it doesn’t contain spaces or special characters.

CHAPTER 4 – SETTING UP WWPASS AUTHENTICATION#

To customize authentication with WWPass Key, open VMware View Administrator in your web browser (Internet Explorer is recommended).

  1. Expand View Configuration section in the left menu.

    VMware View Administrator

  2. Select Servers in the left menu and open Connection Servers tab in the right pane.

    VMware View Administrator

  3. Select the server to customize and click Button Edit

    VMware View Administrator

  4. Select the Authentication tab.

    VMware View Administrator

  5. Under Smart card authentication option:

    • select “Required” to allow authentication only with WWPass Key;

    or

    • select “Optional” to allow authentication both with WWPass Key and login and password.

    Edit View Connection Server Settings

  6. Click Button OK