
n
With View Connection Server 5.0 and later releases, when you run the installer, you authorize a View
Administrators account. You can specify the local Administrators group or a domain user or group
account. View assigns full View Administration rights, including the right to install replicated View
Connection Server instances, to this account only. If you specify a domain user or group, you must
create the account in Active Directory before you run the installer.
n
With View 5.1 and later releases, when you back up View Connection Server, the View LDAP
configuration is exported as encrypted LDIF data. To restore the encrypted backup View configuration,
you must provide the data recovery password. The password must contain between 1 and 128
characters.
Security-Related Requirements
n
View Connection Server requires an SSL certificate that is signed by a CA (certificate authority) and that
your clients can validate. To improve the security of Horizon View deployments, VMware is
deprecating support for View Client authentication and brokering over a non-secured HTTP
connection. In the past, you could use the default self-signed certificate that is generated in the absence
of a CA-signed certificate. With View 5.1 and later releases, you must replace the default self-signed
certificate as soon as possible. Self-signed certificates are shown as invalid in View Administrator.
Also, as a security enhancement, updated View clients expect information about the server's certificate
to be communicated as part of the XML handshake between client and server. Often updated clients do
not trust self-signed certificates. For complete information about security certificate requirements, see
"Configuring SSL Certificates for View Servers" in the VMware Horizon View Installation guide.
NOTE If your original servers already have SSL certificates signed by a CA, during the upgrade,
Horizon View imports your existing CA-signed certificate into the Windows Server certificate store.
n
Certificates for vCenter Server, View Composer, and Horizon View servers must include certificate
revocation lists (CRLs). For more information, see "Configuring Certificate Revocation Checking on
Server Certificates" in the VMware Horizon View Installation guide.
IMPORTANT If your company uses proxy settings for Internet access, you might have to configure your
View Connection Server hosts to use the proxy. This step ensures that servers can access certificate
revocation checking sites on the Internet. You can use Microsoft Netshell commands to import the
proxy settings to View Connection Server. For more information, see "Troubleshooting View Server
Certificate Revocation Checking" in the VMware Horizon View Administration guide.
n
If you plan to pair a security server with this View Connection Server instance, verify that Windows
Firewall with Advanced Security is set to on in the active profiles. It is recommended that you turn this
setting to on for all profiles. By default, IPsec rules govern connections between security server and
View Connection Server and require Windows Firewall with Advanced Security to be enabled.
n
If your network topology includes a firewall between a security server and a View Connection Server
instance, you must configure the firewall to support IPsec. See the VMware Horizon View Installation
document.
If you plan to perform fresh installations of View Connection Server instances on additional physical or
virtual machines, see the complete list of installation requirements in the VMware Horizon View Installation
document.
Virtualization Software Requirements for View Connection Server
View Connection Server requires certain versions of VMware virtualization software.
If you are using vSphere, you must use a supported version of vSphere ESX/ESXi hosts and vCenter Server.
Chapter 3 System Requirements for Upgrades
VMware, Inc. 17
Komentáře k této Příručce