hi guys
i implemented vmware horizon workspace in my test enviorment. it is working very well. but now i have two questions:
1. is it possible to add smb storage from a windows fileserver to the data appliance? i like to sync automatcally the homefolder on windows fileserver with vmware view workspace on data appliance. and this for all my domain users. (so i think the vmware horizon agent is not the right tool for this action)
2. is it possible to implement twolayer authentication? i use two layer for vmware horizon view in this lab, but i cant find any documentation or button for twolayer auth in vmware horizon workspace
thank you very much for help
kind regards
Hi..
I'm glad you like what you are seeing so far..
1. No, today it is not possible to add Windows shares to Data.
2. Horizon Workspace 1.0 supports RSA Secure ID for two factor authentication.
Hi..
I'm glad you like what you are seeing so far..
1. No, today it is not possible to add Windows shares to Data.
2. Horizon Workspace 1.0 supports RSA Secure ID for two factor authentication.
@r0ck,
Please see the documentation around adding a new connector and RSA securID to see how to enable 2 factor auth.
Hi
From what I can see, Horizon Workspace do NOT support 2 factor authentication. I have tried to configure 2 factor with RSA SecureID, but it seems to be an either or configuration. Either Active Directory OR RSA SecurID. This really isn't good enough...
Please correct me if I'm wrong and I have missed something...
You can only use one authentication mechanism per connector so to have two you need to deploy another connector.
For example here at VMware we have one for external connections (RSA SecurID) and one for internal connections (AD).
// Linjo
Having one connector for internal and another for external access is no problem, but that does not help the fact that Horizon Workspace does not support 2 factor authentication. Are there any plans to implement 2-factor?
Not sure what you mean by that, RSA SecurID is 2-factor authentication...
http://www.emc.com/security/rsa-securid.htm
// Linjo
OK, maybe I am using the wrong term then. What I mean is combining Active Directory and RSA. Just like you can on Horizon View. Meaning that you first authenticate against RSA, then your Active Directory.
Sorry about the confusion.
Aha, then I understand you.
No, that cannot be done when authenticating to Horizon Workspace, however if you are authenticating with RSA SecurID then you will need to supply your AD Username/Password if you are accessing a View Desktop from Workspace, that is because you will need that to authenticate to the Windows-session.
Our PM:s are monitoring this thread and hoping that they take your request about using both RSA SecurID and AD-login on the same connector in the same session.
// Linjo
Thanks for your response. I do hope your PM's are listening
@moug,
View asks for password because it needs to log you in to the windows desktop, which requires a password.
In the regular horizon use case, we don't need your password, so, we just ask for RSA securID.
This has never been tagged as a security issue on our end. Just asking for RSA Secur ID passcode was enough.
Can you please elaborate on why you need it? Is it more for security or other reasons?
Hi
It is for security reasons. We want 2 layers of authentication for all external access. A personal (complex) password (from AD) in addition to a PIN (from RSA) makes a more secure solution. Especially when you use On-Demand token codes. These codes are usually sent to the users mobile phone. If the phone is secured with a PIN, the user probably uses the same PIN on RSA and as a passcode to the workspace client...
Another thing I would like to see in Horizon Workspace, is a session timeout policy...