i had prepared a demo of wmare horizon 5.3.2 to POC for my company. here is a trouble i can't figure it out : how to limits staffs who do not have the privilege to login from internet?( all the staff is permitted to log in from intranet of the company ,if you have the legal account )
thanks in advanced ^_^
As far as I know you can't do that per default. A way to handle it is by using 2-factor authentication. (For example with SMS Codes). Users that are not registered by the SMS-Gateway/SMS-Provider can't login as they never receive a SMS-Code.
You could just create two different pools. For the people who are allowed to login from the internet, entitle them to that pool and then mask the other pool from the external connection server.
To expand TomMar's reply a bit:
You'd need to set up at least 2 pools and decide which one will be accessible from external networks. Let's say PoolA accessible internally only, PoolB accessible internally and from outside.
Then set up at least 2 connection servers and decide which one will serve the external connections. F.x. CS1 works internally only, CS2 accessible from external networks (paired up with Security Server likely)
Then use restricted entitlements to control can use what: Restricting View Desktop Access
Create 2 tags, f.x. "internal only" and "unrestricted". You will apply those tags on your connection servers and pools. To put it simple, the connection will be allowed through only if the tags match.
Apply "internal only" tag to your PoolA, and "unrestricted" to PoolB
Then apply both tags to your internal connection server CS1, since all users might want to connect from corporate networks. And apply only "unrestricted" tag to CS2. Thus if someone attempts to use PoolA via CS2 (from external networks) the connection will not be allowed through since CS2 only has the "unrestricted" tag, however PoolA has "internal-only" tag - mismatch, deny.
Hope this makes sense
VMware needs to come up with a better solution for this problem that has existed forever.