Using login banners with VMware View 4

Almost all government agencies, whether federal, state or local, or any organization that adheres to stringent security standards (such as hospitals), use banners or disclaimers during the user log on process.

The banner is set via group or local policy, and often looks like this to the user:

    Requires Free Membership to View

You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.

By using this website...

Banners are useful; they are intimidating, they cast some semblance of legal jurisdiction over systems, but they do not cooperate well with single sign-on (SSO) and the user's experience.

Banners or disclaimers mean that typically users have to enter their credentials more than once. When and end-user fires up the VMware View client and clicks Connect, he only wants to enter his credentials once.

Here is what the experience looks like for the end-user:

He enters his credentials into the VMware View client and then selects his desktop pool of choice. If a banner is not in use, he has immediate access to his desktop.

However, if a banner is in use, he receives a banner pop-up. When the user clicks OK, the systems shows the user the Windows XP log-in box, asking for credentials a second time.

If you need to show a banner for security reasons and use VMware View 4, there is a way to change the user experience so that end-users only have to enter log-on credentials once.

To do so, remove the Windows banner and use a banner created by the VMware View client.

Here's how:

  1. Using the VMware View admin console, go to Configuration, then Global Settings, then Pre-Login Message. Click Edit.
  2. Enter the Windows banner message into this field, and remove it from the group/local policy affecting the virtual desktop.

Following these steps, end users will be forced to click through the banner warning when connecting to the View Connection Server.

You might want to place the computer accounts for the virtual desktops in their own organization unit and disable the Windows banner there. That way, all of the machines that are not accessing the system via virtual desktop will receive the usual Windows banner.

ABOUT THE AUTHOR: Jason Langone heads virtualization, cloud computing and storage for MicroTech, a service-disabled, veteran-owned and 8(a) small business. Langone won the VMware Vanguard Award in 2007 and has architected some of the largest virtualization and cloud computing implementations to date.

This was first published in July 2010

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.