Today's objective will cover some protocol settings, we will touch GPOs, Flash and 3D rendering etc… So today's post, VCP6-DTM Objective 2.3 – Configure PCoIP/RDP Protocol Settings, is another chapter, another objective towards the VCP6-DTM certification exam which we're covering on our VCP6-DTM Study Guide Page. We're not done yet, but were about half way through.
Considering the recent announces about Horizon 7 I believe that the exam's topics and objectives will get modified accordingly in the future. But for now this is not the case, and we just stick with what's on the official VMware blueprint, covering the VCP6-DTM exam. Lets continue and clear out another topic today.
vSphere Knowledge
- Configure HTML access
- Describe protocol requirements
- Locate ADM template files
- Explain GPO settings
- Configure flash quality and throttling
- Configure 3D rendering capabilities
Tools
- Horizon View Administration Guide
- Horizon View Architecture Planning Guide
- Horizon View Administrator
- Horizon View ADM files
Configure HTML access
HTML access (VMware Blast) allows access with any client without the need to have previously installed the view client application. Just inside a browser. During the installation of Horizon View connection server, the HTML access is an installation option (checked by default) and the installer configures the VMware Horizon View Connection Server (Blast-In) rule in Windows Firewall to open TCP port 8443, used by HTML Access.
Blast connections however limit the number of simultaneous connections for one connection server to 800 (it's 2000 simultaneous connections for PCoIP). Check the image below from the View Architecture planning PDF.
Describe protocol requirements
When using the Blast Secure Gateway:
- Browser TCP 8443 > Connection Server TCP 22443 > View Desktop
- Browser TCP 8443 > Security Server TCP 22443 > View Desktop
When not using the Blast Secure Gateway:
- Browser TCP 22443 > View Desktop
In all cases:
- Browser TCP 443 > Connection Server
- Browser TCP 443 > Security Server
- The Remote Experience Agent must be installed in the View Desktop. Install this feature in the parent image, and recompose the pool to ensure all View machines have this installed.
- In the View Administrator page, edit the pool settings and ensure that the maximum resolution of any one monitor setting must be 1920×1200 or higher so that the View desktop has at least 17.58 MB of video RAM.
- The HTML Access setting must be enabled within the pool.
- You must install the HTML Access Web Portal on the View Connection server to enable the HTML Access functionality. For more information, see the Horizon View HTML Access document.
Check this KB as well: Troubleshooting VMware Horizon View HTML Access
The HTML access needs to be used with compatible browsers. The progress in browsers technology is so fast that telling you that you must have Chrome version 20 or 30 wouldn't make sense. It's just too fast. But compatible browsers like chrome, Firefox or latest IE
For Blast Secure Gateway and the HTML Access agent, by default, TLS 1.1 and TLS 1.2 are enabled and TLS 1.0 is disabled. You can configure the security protocols and cipher suites for both components. See Configuring Security Protocols and Cipher Suites for Blast Secure Gateway in the View Security document and Configure Security Protocols and Cipher Suites for HTML Access Agent in the Horizon Client and View Agent Security document.
Locate ADM template files
View provides several component-specific Group Policy Administrative (ADM and ADMX) template files. You can optimize and secure remote desktops and applications by adding the policy settings in these ADM and ADMX template files to a new or existing GPO in Active Directory. All ADM and ADMX files that provide group policy settings for View are available in a bundled .zip file named VMware-Horizon-View-Extras-Bundle-x.x.x-yyyyyyy.zip
View PCoIP Session Variables (pcoip.adm) – Contains policy settings related to the PCoIP display protocol.
View PCoIP Client Session Variables (pcoip.client.adm) – Contains policy settings related to the PCoIP display protocol that affect Horizon Client for Windows.
You can easily import them into the a new or existing policy via right click the Administrative Templates > Add/remove Templates ….
They'll appear under the “Classic Administrative Templates (ADM)” …
Explain GPO settings
there are quite a few values which can be overridden, through those adm templates. Those are quite self-explanatory. I'd invite you to go through one by one, and see by yourself what options are there …
Configure flash quality and throttling
Flash config affects frame rate of flash content. Here you can control the bandwidth and quality of the movies.
Configure 3D rendering capabilities
3D Rendering Options:
- Hardware – The virtual machine must have access to a physical GPU. If the GPU is not available, the virtual machine cannot power on.
- Software – The virtual machine's virtual device uses a software renderer and will not attempt to use a GPU, even if one if present.
- Automatic – The default setting. The virtual device selects whether to use a physical GPU or software-based rendering. If a GPU is available on the system and has the resources required by the virtual machine, the virtual machine uses the GPU. Otherwise software rendering is used.
When click the question mark next to the 3D renderer, you'll get further explanation…
When you change the Allow users to chose protocol from Yes to No, you'll “unlock” the grayed out option…
If you choose “manage using vSphere client” then you have to specify the amount of memory through vSphere web client.
So you can also change the settings on the virtual hardware (through vSphere Web client only!!)
When you create or edit a virtual machine, you can configure 3D graphics to take advantage of Windows AERO, CAD, Google Earth, and other 3D design, modeling, and multimedia applications. You can enable 3D on virtual machines that have Windows desktop or Linux guest operating systems.
Not all guests support 3D graphics. To verify 3D support for a guest operating system, see the VMware Compatibility Guide here. Linux distributions must have a 3.2 or later kernel.
Check the VCP6-DTM Study Guide Page.
