Home » HP Manuals » Desktops » HP ProLiant xw2x220c » Manual Viewer

HP ProLiant xw2x220c Remote Graphics Software 5.2.5 User Guide - Page 25

Single Sign-on and Easy Login, Step 1: Authenticating, the RGS connection, Step 2: Authorization

View all HP ProLiant xw2x220c manuals

Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

If another user is already logged into the Remote Computer, the second authentication step is replaced by an authorization step, in which the currently logged-in user receives an authorization prompt to allow or disallow the new user to join (connect to) the existing desktop session (see Figure 2-12). The new user is allowed to connect to the existing RGS connection only if the currently logged-in user authorizes the connection. Figure 2-12 RGS connection process if another user is already logged into the Remote Computer Step 1: Authenticating the RGS connection Step 2: Authorization by the currently-logged in user RGS Connection Displayed on the Local Computer Displayed for the currently-logged in user There are a number of variations of the Standard Login process, as detailed in Section 5-3-1, "Standard Login." 2-10 Single Sign-on and Easy Login RGS supports two additional login methods (on certain Windows-based Remote Computers) which enable users to enter their credentials only once in connecting to a Remote Computer-these methods are described below, along with which authentication process is used: • Single Sign-on-The RGS connection authentication process is used (step 1 in Figure 2-11 and Figure 2-12). If authentication is successful, the user will immediately see the Windows desktop session without needing to explicitly log into Windows or unlock the desktop. Single Sign-on is described further in Section 5-3-3, "Single Sign-on." • Easy Login-The Windows log in process is used (step 2 in Figure 2-11, either a Windows login dialog or an unlock dialog). If Windows authentication is successful, the user will immediately see the desktop session without needing to be explicitly authenticated by the RGS Receiver/Sender. Easy Login is described further in Section 5-3-2, "Easy Login." If neither Single Sign-on nor Easy Login is selected, the default Standard Login will be used. In terms of selecting between Single Sign-on and Easy Login, two factors to consider are: • If Single Sign-on is used with HP Session Allocation Manager (SAM), the user will only need to enter their credentials once to connect to multiple Remote Computers. The credentials are entered when authenticating with SAM-thereafter, each RGS connection is automatically authenticated, and a Remote Display Window from each Remote Computer is automatically displayed on the Local Computer. • Easy Login supports GINA (Graphical Identification and Authentication) chaining, allowing custom 3rd party login mechanisms to be integrated into RGS. Single Sign-on does not support chaining of 3rd party GINA modules. For example, a 3rd party fingerprint reader will typically install a custom GINA module. The GINA module will allow the user to be authenticated through their standard username/password mechanism (because the GINA modules are chaining) or with their fingerprint. The fingerprint reader would be physically attached to the Local Computer but would be logically connected to the Remote Computer using remote USB. If Easy Login is used, only a single login step is required-the fingerprint reader will provide the credentials for logging into the Remote Computer. RGS overview 25

Section	Page
Introduction to HP Remote Graphics Software	11
Typical RGS configuration	12
RGS Sender and Receiver	13
RGS features	14
Additional RGS features	14
Tabloid-size page	15
Obtaining HP technical support	15
RGS overview	16
Supported computers and operating systems	17
RGS version numbering	18
RGS licensing	18
RGS products	19
Sender and Receiver interoperability	21
Application support	21
Networking support	21
Connection topologies	21
The Remote Computer frame buffer	21
One-to-one connection	22
Many-to-one connection	23
One-to-many connection	23
Establishing an RGS connection using Standard Login	24
Single Sign-on and Easy Login	25
RGS operating modes	26
Multi-monitor configurations	27
Remote Computer monitor blanking overview	28
Video overlay surfaces	28
Image quality	29
Remote USB overview	30
USB session switching	30
Isochronous USB support	30
Install-time configuration of remote USB	31
Unique smartcard handling	32
Computers supporting remote USB	34
Supported USB devices	34
Remote audio overview	34
Remote audio on Windows	35
Remote audio on Linux	36
Support of sound recording devices on Windows	37
Computers and operating systems which support RGS audio	38
Remote Clipboard overview	39
Interoperability of RGS and Microsoft Remote Desktop Connect	41
Using RGS with desktop virtualization	41
Remote Computer power saving states	42
Supported keyboard locales	42
RGS security features	43
Installing RGS	44
Installing RGS on Windows	44
Installing the Receiver on Windows	44
Manual installation of the Receiver on Windows	44
Automatic installation of the RGS Receiver on Windows	46
Receiver installation log file	47
Uninstalling the RGS Receiver on Windows	47
Installing the Sender on Windows	48
Manual installation of the Sender on Windows	48
Using the RGS Diagnostics Tool on Windows	50
Starting the Sender on Windows	51
The Sender GUI on Windows	52
Manually starting and stopping the Sender on Windows	52
Setting the Windows Sender process priority	53
Setting the Sender process priority using regedit	54
Setting the Sender process priority using PTF	55
Using the rgadmin tool	56
Installing and enabling Single Sign-on	58
1. Enabling Single Sign-on during installation	58
2. Using the rgadmin tool to enable Single Sign-on	59
3. Manually enabling Single Sign-on	59
Setting the local security policy	60
Disabling Single Sign-on	60
1. Using the rgadmin tool to disable Single Sign-on	60
2. Manually disabling Single Sign-on	60
Installing and Enabling Easy Login	61
1. Enabling Easy Login during installation	61
2. Using the rgadmin tool to enable Easy Login	61
3. Manually enabling Easy Login	61
Chaining custom GINA modules for Easy Login	62
1. Install time specification of the custom GINA module	62
2. Using the rgadmin tool to specify a custom GINA module	62
3. Manually enabling hprgina.dll to load a custom GINA modul	62
Setting the Local Security Policy	63
Disabling Easy Login	63
1. Using the rgadmin tool to disable Easy Login	63
2. Manually disabling Easy Login	63
Automatic installation of the RGS Sender on Windows	64
Sender installation log file on Windows	65
Uninstalling the RGS Sender on Windows	65
Installing RGS on Linux	66
Installing the Receiver on Linux	66
Uninstalling the Receiver on Linux	67
Installing audio on the Linux Receiver	67
Audio Requirements	67
System Preparation	67
Customized Audio Installation	67
Installing the Sender on Linux	69
Starting the Sender on Linux	71
Disabling the Sender GUI on Linux	72
Uninstalling the Sender on Linux	72
Pre-connection checklist	73
Local Computer (Receiver) checklist	73
Remote Computer (Sender) checklist	73
NIC binding on the Sender	75
Manual NIC reconfiguration	75
NIC reconfiguration using the NIC binding properties	77
Using RGS through a firewall	78
Using RGS	79
Using RGS in Normal Mode	79
Receiver Control Panel	81
Setup Mode	81
Remote Display Window Toolbar	84
Remote Computer monitor blanking operation	85
Linux connection considerations	86
Full-screen crosshair cursors	86
Gamma correction on the Receiver	86
Black or blank connection session with the Linux Sender	86
RGS login methods	87
Standard Login	87
Easy Login	89
Single Sign-on	90
Changing your password	91
Collaborating	92
Creating a collaboration session	92
Collaboration notification dialog	93
Advanced capabilities	95
General options	96
Remote audio operation	97
Configuring audio on the Sender	97
Calibrating audio on the Sender	100
Disabling audio on the Sender	102
Using audio	103
Potential audio issues	104
Remote USB operation	105
Attaching a local USB device to a Remote Computer	106
USB session switching	108
Supported remote USB devices	108
Remote USB Access Control List	109
Determining USB device information	111
Determining USB device information for Windows	111
Determining USB device information for Linux	111
Verifying the USB data	111
Troubleshooting remote USB	112
Computers supporting remote USB	112
Supported USB devices	112
Check USB cable connections	112
Reset the USB device	112
Enable Remote USB	113
HP Remote Virtual USB Driver	114
USB device drivers and program support	115
Network timeouts	116
Network timeouts	116
Receiver network timeouts	117
Sender network timeout	119
Network timeout issues	120
Dialog timeouts	121
Hotkeys	122
Changing the Setup Mode hotkey sequence	123
Remote Clipboard operation	124
Remote Clipboard data transfers	125
Remote Clipboard filtering	127
Using the RGS log to detect clipboard problems	128
Receiver and Sender logging	131
Receiver logging	131
Sender logging	132
Statistics	133
Using Directory Mode	134
Directory file format	134
Starting the Receiver in Directory Mode	135
RGS properties	136
Property syntax	136
Setting property values in a configuration file	136
Setting properties on the command line	137
Authenticator properties	137
RGS Receiver properties	138
Receiver property hierarchy	138
Properties set using the Receiver Control Panel	138
Receiver command line properties	138
rgreceiverconfig file properties	138
Archive file properties	138
Receiver default properties	138
Receiver property groups	139
Receiver general properties	142
Receiver browser properties	147
Receiver audio properties	148
Receiver microphone property	148
Receiver USB properties	148
Receiver network properties	149
Receiver hotkey properties	149
Receiver Remote Clipboard properties	150
Receiver logging properties	151
Receiver image codec properties	152
Windows placement and size properties	153
RGS Sender properties	154
Sender command line properties	154
rgsenderconfig file properties	154
Sender default properties	154
Sender property groups	154
Sender general properties	155
Sender microphone property	156
Sender network timeout properties	157
Sender USB access control list properties	157
Sender NIC binding properties	157
Sender clipboard property	158
Sender event logging on Windows	159
The HPRemote log	159
Usages of the HPRemote log	161
Additional information on event logging	162
Remote Application Termination	163
RGS connection and user status	163
HPRemote log format	163
Sample agent	165
Agent design issues	169
Desktop session logout	169
Selective environment shutdown	169
Wrapping applications of interest	169
Administrator alerts	170
Anticipating user disconnects and reconnects	170
General agent design guidelines	170
Additional safeguard features for Windows systems	170
RGS Sender Service Recovery Settings	170
Microsoft Remote Desktop Recovery	171
Optimizing RGS performance	172
Performance tuning for all platforms	172
Performance tuning for Windows	172
Troubleshooting graphics performance	172
Configuring your network for optimal performance	173
Troubleshooting RGS	174
Potential RGS issues and troubleshooting suggestions	174
RGS error messages	175
Receiver error messages	175
Appendix A: Using RGS with HP VDI	178
A-1 VMware ESX networking considerations	179
A-2 Using RGS with static HP VDI	179
A-2-1 Create a new virtual machine	179
A-2-2 Modify the VMware ESX configuration (.vmx file)	180
A-2-3 Installing the RGS Sender on the virtual machine	182
A-3 Using RGS with dynamic HP VDI (based on VMware View)	182
A-3-1 Create a new virtual machine	183
A-3-2 Install the RGS Sender on View Master/Parent VM and mo	183
A-3-3 Install View Agent on View Master/Parent VM	183
A-3-4 Install the RGS Receiver and View Client on the client	183
A-4 Running RGS diagnostics	184
A-5 Disabling the RGS warning popup	184
A-6 RGS operating modes available with VDI	184
A-7 Using HP Session Allocation Manager with HP VDI	184
Appendix B: USB devices supported by RGS	185

Match case Limit results 1 per page

RGS overview 25

If another user is already logged into the Remote Computer, the second authentication step is replaced by an

authorization step

, in which the currently logged-in user receives an authorization prompt to allow or disallow the

new user to join (connect to) the existing desktop session (see Figure 2-12). The new user is allowed to connect to

the existing RGS connection only if the currently logged-in user authorizes the connection.

Figure 2-12

RGS connection process if another user is already logged into the Remote Computer

There are a number of variations of the

Standard Login

process, as detailed in Section 5-3-1, “

Standard Login

.”

2-10 Single Sign-on and Easy Login

RGS supports two additional login methods (on certain Windows-based Remote Computers) which enable users to

enter their credentials only

once

in connecting to a Remote Computer—these methods are described below, along

with which authentication process is used:

•

Single Sign-on

—The RGS connection authentication process is used (step 1 in Figure 2-11 and Figure 2-12).

If authentication is successful, the user will immediately see the Windows desktop session without needing to

explicitly log into Windows or unlock the desktop. Single Sign-on is described further in Section 5-3-3,

“

Single Sign-on

.”

•

Easy Login

—The Windows log in process is used (step 2 in Figure 2-11, either a Windows login dialog or

an unlock dialog). If Windows authentication is successful, the user will immediately see the desktop session

without needing to be explicitly authenticated by the RGS Receiver/Sender. Easy Login is described further

in Section 5-3-2, “

Easy Login

.”

If neither Single Sign-on nor Easy Login is selected, the default Standard Login will be used. In terms of selecting

between Single Sign-on and Easy Login, two factors to consider are:

•

Single Sign-on

is used with HP Session Allocation Manager (SAM), the user will only need to enter their

credentials once to connect to multiple Remote Computers. The credentials are entered when authenticating

with SAM—thereafter, each RGS connection is automatically authenticated, and a Remote Display Window

from each Remote Computer is automatically displayed on the Local Computer.

•

Easy Login

supports GINA (Graphical Identification and Authentication) chaining, allowing custom 3

party

party GINA

modules.

For example, a 3

party fingerprint reader will typically install a custom GINA module. The GINA module

will allow the user to be authenticated through their standard username/password mechanism (because the

GINA modules are chaining) or with their fingerprint. The fingerprint reader would be physically attached to

the Local Computer but would be logically connected to the Remote Computer using remote USB. If Easy

logging into the Remote Computer.

Step 1: Authenticating

the RGS connection

Step 2: Authorization

by the currently-logged

in user

RGS Connection

Displayed on the Local Computer

Displayed for the currently-logged in user