VMware Horizon Community
admin
Immortal
Immortal
‎10-14-2011 03:05 AM

View 5.0 LDAP Security Settings

Hi All,

I am referring to Page-16 on VMware View Security Guide v5.0 which is available at 

http://pubs.vmware.com/view-50/topic/com.vmware.ICbase/PDF/view-50-security.pdf

On this page, there are 3 settings to be done in AD/LDAP:

Name-value pairAttributeSetting
csallowunencryptedstartsessionpae-NameValuePair1
pae-OVDIKeyCipherAES-128
pae-SSOCredentialCacheTimeout15

All View Components are added to a domain controller. But, I could not find these settings in AD schema. Also, I could not find

cn=common,ou=global,ou=properties,dc=vdi,dc=vmware,dc=int and neither could I connect to

dc=vdi,dc=vmware,dc=int through ADSI utility.

Any help please?

Thanks and regards,

Pravin Goyal

0 Kudos
4 Replies
WilliamReid
Enthusiast
Enthusiast
‎10-14-2011 05:56 PM

Hi there,

Are you sure you're using adsi edit on one of the Connection Servers?

From that page...

"Security-related settings are provided in View LDAP under the object path cn=common,ou=global,ou=properties,dc=vdi,dc=vmware,dc=int.

You can use the ADSI Edit utility to change the value of these settings on a View Connection Server instance.

The change propagates automatically to all other View Connection Server instances in a group."

Wm

0 Kudos
admin
Immortal
Immortal
‎10-16-2011 06:52 PM

Hi William,

I am more than sure that I am not seeing these properties from ADSI on View Connection Server. Additionaly, I even logged on the domain controller and there is no such property present ANYWHERE.

Are there special cases or do we need to configure something somewhere to be able to see/edit these properties?

Please help.

Thanks and regards,

Pravin Goyal

0 Kudos
admin
Immortal
Immortal
‎10-16-2011 11:06 PM

Finally,

I could connect. Below is what I had to do:

Untitled.jpg

Then, I could see the contents. Also, these settings seem to be specific to Connection Server and these settings are not stored on Domain Controller to which connection Server is attached. Right?

Thanks all for your time. Smiley Happy

0 Kudos
npeter
Expert
Expert
‎10-16-2011 11:53 PM

Hi Pravin,

>Also, these settings seem to be specific to Connection Server and these  settings are not stored on Domain Controller to which connection Server  is attached. Right?

Yes, you are connecting to View connection server's database stored in an ADAM instance, which is located in each connection server.

-Noble

-nObLe
0 Kudos