VMware Horizon Community
rafly20
Contributor
Contributor

VMware Horizon ios App w/ Bluetooth CAC Reader to access Remote Desktop

Hi,

I recently purchased a FEITIAN bR301 BLE Contact Bluetooth 4.2 Smart Card Reader to use with my IPAD/Iphone with the intent of accessing Air Force Desktop Anywhere through the VMware Horizon App. Currently when I try to access desktop anywhere, I get an access denied error message.

I'm following the VMware iOS installation guide and am stuck on section "Create a Virtual Smart Card". Specifically, the issue is with prerequisite of downloading the Purebred app. When I search "purebred" in the app store, I get several BlackBerry and PIV-D options. I'm not sure which one is correct. As it is right now, when I got to settings-> Derived Credentials, all options are grayed out.

Thanks for the help.

9 Replies
FelixYan
VMware Employee
VMware Employee

Hi Rafly20,

What's your Horizon iOS Client version? From Horizon 8, Physical smart card is not supported on Horizon mobile client. Derived Credentials(Virtual smart card) feature supports mobile Client. So far, only Purebred Credential Provider is supported by Horizon Mobile Client Derived Credentials feature. Purebred can manage the mobile device, and push the P12 format cert/key to your device. Then Horizon Client uses the cert/key for smart card authentication. From the description, looks like your environment doesn't involve Purebred.

Reply
0 Kudos
rafly20
Contributor
Contributor

Looks like my Horizon version doesn't support a physical smart card then. I doubt the Air Force will allow a virtual smart card option on our personal devices. We use Blackberry UEM on our government issued IPAD to create a credential profile that allows us to check our e-mail without a smart card. Unfortunately, any personal device has to have a USB or Bluetooth smart card to access the remote desktop. On my PC, I can use VMware but I was hoping to be able to do the same from my personal IPAD.

Would an older version of Horizon be an option? Would any of these other VMware apps work?

Reply
0 Kudos
LukePilk
Contributor
Contributor

Has there been any movement on this? Will we see cac reader compatibility for iPadOS/iOS any time in the future??

 

Reply
0 Kudos
FelixYan
VMware Employee
VMware Employee

You're using Horizon Mobile Client 2111 which doesn't support Physical smart card. Horizon iOS/Android 5.4 client is the last version we support baiMobile(Physical smart card). Once user upgrades the client to 5.5, they will loss the feature.

Reply
0 Kudos
FelixYan
VMware Employee
VMware Employee

Hi Luke, Horizon iOS/Android Client is moving to Derived Credentials solution(Virtual smart card). Administrator can use Purebred/WS1 PIV-D to manage and deliver user's cert/key to mobile device, then Horizon iOS/Android Client can create Virtual smart card instead.

Tags (1)
Reply
0 Kudos
LukePilk
Contributor
Contributor

That's the issue. By moving to derived credentials you've eliminated the ability of those who do not have an administration willing to create derived credentials for every user. In my case about 1 million or so to be able to use your product in the way that would benefit them.

 

Reply
0 Kudos
LukePilk
Contributor
Contributor

any way to go back to that better version then..?

Reply
0 Kudos
dngfo
Contributor
Contributor

I’m interested in a solution as well. If derived creds are not an option, we’re out of luck? Any chance that feature will make a return? 

Reply
0 Kudos
Reotch
Contributor
Contributor

Now that iOS 16.1 natively supports Smart Cards and Certificates, it seems strange that VMWare wouldn't reintroduce Smart Card support.  Did they remove the support because they want to force another solution (that they're selling)?

Reply
0 Kudos