Exit Print View

Oracle Secure Global Desktop Administration Guide for Version 4.6

Previous Next

Document Information

Preface

1.  Networking and Security

2.  User Authentication

3.  Publishing Applications to Users

4.  Configuring Applications

5.  Client Device Support

6.  SGD Client and Webtop

7.  SGD Servers, Arrays, and Load Balancing

A.  Global Settings and Caches

Secure Global Desktop Authentication Tab

The Authentication Wizard

Token Generation

Password Cache

Third-Party Authentication

System Authentication

Search Local Repository

Search LDAP Repository

Use Default Third-Party Identity

Use Default LDAP Profile

Use Closest Matching LDAP Profile

LDAP/Active Directory

Unix

Authentication Token

Windows Domain Controller

SecurID

Anonymous

Search Unix User ID in Local Repository

Search Unix Group ID in Local Repository

Use Default User Profile

Windows Domain

Active Directory

LDAP

Service Objects Tab

The Service Objects List Table

Name

Type

Enabled

URLs

User Name and Password

Connection Security

Active Directory Base Domain

Active Directory Default Domain

Application Authentication Tab

Password Cache Usage

Action When Password Expired

Smart Card Authentication

Dialog Display

"Save Password" Box

"Always Use Smart Card" Box

Display Delay

"Launch Details" Pane

Communication Tab

Unencrypted Connections Port

Encrypted Connections Port

AIP Keepalive Frequency

Timeout for User Session Resumability

Timeout for General Resumability

Resource Synchronization Service

User Session Idle Timeout

Performance Tab

Application Session Load Balancing

Application Load Balancing

Client Device Tab

Windows Client Drive Mapping

Unix Client Drive Mapping

Dynamic Drive Mapping

Windows Audio

Windows Audio Sound Quality

Unix Audio

Unix Audio Sound Quality

Smart Card

Serial Port Mapping

Copy and Paste

Client's Clipboard Security Level

Time Zone Map File

Editing

Printing Tab

Client Printing

Universal PDF Printer

Make Universal PDF Printer the Default

Universal PDF Viewer

Make Universal PDF Viewer the Default

Postscript Printer Driver

Security Tab

New Password Encryption Key

Timeout for Print Name Mapping

Connection Definitions

X Authorization for X Display

Monitoring Tab

Log Filter

Billing Service

Resilience Tab

Array Failover

Monitor Interval

Monitor Attempts

Find Primary Interval

Find Primary Attempts

Action When Failover Ends

Backup Primaries

Caches Tab

Passwords Tab

Description

Command Line

Tokens Tab

Description

Command Line

B.  Secure Global Desktop Server Settings

C.  User Profiles, Applications, and Application Servers

D.  Commands

E.  Login Scripts

F.  Third-Party Legal Notices

Glossary

Index

Communication Tab

Settings on the Communication tab control connections between the client device, the SGD server, and application servers. They also control the resumability behavior for application sessions.

From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.

This tab contains the following sections:

Unencrypted Connections Port

Usage: Type a port number in the field.

Description

The TCP port number used for unencrypted connections between client devices and SGD servers.

Open this port in your firewall to enable connections from users who have standard connections. Standard connections are connections that do not use SSL.

You must restart every SGD server in the array for changes to this attribute to take effect.

The default is TCP port 3144.

Command Line

Command option: --array-port-unencrypted tcp-port

Usage: Replace tcp-port with the port number to use for unencrypted connections.

In the following example, TCP port 3144 is used for unencrypted connections.

--array-port-unencrypted 3144

Encrypted Connections Port

Usage: Type a port number in the field.

Description

The TCP port number used for encrypted connections between client devices and SGD servers.

Open this port in your firewall to enable connections from users who have secure (SSL-based) connections to SGD.

You must restart every SGD server in the array for changes to this attribute to take effect.

The default is TCP port 5307.

Command Line

Command option: --array-port-encrypted tcp-port

Usage: Replace tcp-port with the port number to use for encrypted connections.

In the following example, TCP port 5307 is used for encrypted connections.

--array-port-encrypted 5307

AIP Keepalive Frequency

Usage: Type a time period, measured in seconds, in the field.

Description

Determines how often a keepalive message is sent to client devices during application sessions. The default value is 100 seconds.

Some Hypertext Transfer Protocol (HTTP) proxy servers close a connection if there is no activity on it. Using a keepalive ensures that a connection stays open.

Set this to 0 to disable keepalive messages.

This attribute is also used keep open connections between the SGD Client and the SGD server for client drive mapping.

You must restart every SGD server in the array for changes to this attribute to take effect.

Command Line

Command option: --sessions-aipkeepalive secs

Usage: Replace secs with the keepalive time period, measured in seconds.

In the following example, a keepalive message is sent to the client device every 100 seconds.

--sessions-aipkeepalive 100

Timeout for User Session Resumability

Usage: Type a timeout value, measured in minutes, in the field.

Description

For applications configured to be resumable during the user session, the length of time in minutes that a suspended application session is guaranteed to be resumable for if the connection to SGD is lost. Note that if the user logs out, the application sessions end. See the Application Resumability attribute.

After this period, the SGD server ends the session.

You can override this setting using the Application Resumability: Timeout attribute of an application.

Note - If an application is terminated because the SGD Client exits unexpectedly, the timeout is the timeout plus 20 minutes.

Changes to this attribute take effect immediately.

Command Line

Command option: --sessions-timeout-session mins

Usage: Replace mins with the timeout value, measured in minutes.

In the following example, the application session is resumable for 1440 minutes (24 hours).

--sessions-timeout-session 1440

Timeout for General Resumability

Usage: Type a timeout value, measured in minutes, in the field.

Description

For applications configured to be generally resumable, the length of time in minutes that a suspended application session is guaranteed to be resumable for after the user logs out or the connection to SGD is lost. See the Application Resumability attribute.

After this period the SGD server ends the session.

You can override this setting using the Application Resumability: Timeout attribute of an application.

Note - If an application is terminated because the SGD Client exits unexpectedly, the timeout is the timeout plus 20 minutes.

Changes to this attribute take effect immediately.

Command Line

Command option: --sessions-timeout-always mins

Usage: Replace mins with the timeout value, measured in minutes.

In the following example, the application session is resumable for 11500 minutes.

--sessions-timeout-always 11500

Resource Synchronization Service

Usage: Select or deselect the check box.

Description

Whether to enable replication of resources for the array.

If enabled, synchronization starts at a time determined by the Daily Resource Synchronization Time for each SGD server in the array.

Resource synchronization is enabled by default.

Changes to this attribute take effect immediately.

Command Line

Command option: --array-resourcesync 1 | 0

Usage: Specify 1 (true) or 0 (false).

The following example disables resource synchronization for the array.

--array-resourcesync 0

User Session Idle Timeout

Usage: Type a timeout value, measured in seconds, in the field.

Description

User sessions are ended automatically if there has been no application session or webtop activity for the specified time period. The timeout applies to all SGD servers in the array.

The user session idle timeout is disabled by default. A setting of 0 turns off the feature.

Caution

Caution - Do not configure an idle timeout that is less than 300 seconds (five minutes).

Activity on the following devices has no effect on the idle timeout period:

You must restart every SGD server in the array for changes to this attribute to take effect.

Command Line

Command option: --webtop-session-idle-timeout secs

Usage: Replace secs with the timeout value, measured in seconds.

In the following example, user sessions are ended automatically after being inactive for 1800 seconds, or 30 minutes.

--webtop-session-idle-timeout 1800
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next