Sun Logo




Sun Secure Global Desktop 4.5 Administration Guide

820-6689-10


Contents

Preface

Networking and Security

Overview of Networks and Security

Connections Between Client Devices and SGD Servers

Connections Between SGD Servers and Application Servers

UNIX or Linux System Application Servers

Microsoft Windows Application Servers

Web Application Servers

Connections Between SGD Servers in an Array

The SGD Gateway

DNS Names

Configuring External DNS Names

procedure iconsmall spaceHow to Configure the External DNS Names of an SGD Server

Changing the Peer DNS Name of an SGD Server

procedure iconsmall spaceHow to Change the Peer DNS Name of an SGD Server

Configuring Application Servers after Changing a Peer DNS Name

Proxy Servers

Supported Proxy Servers

Configuring Client Proxy Settings

HTTP Connections

AIP Connections

Using Proxy Server Automatic Configuration Scripts

Proxy Server Exception Lists

Proxy Server Timeouts

Configuring Server-Side Proxy Servers

procedure iconsmall spaceHow to Configure Array Routes

Firewalls

Firewalls Between Client Devices and SGD Servers

Firewalls Between SGD Servers

Firewalls Between SGD Servers and Application Servers

Other Firewalls

Securing Connections Between Client Devices and SGD Servers

Setting Up Secure Client Connections

Setting Up Secure Client Connections (Automatic Configuration)

Setting Up Secure Client Connections (Manual Configuration)

Using Server SSL Certificates

Supported Certificate Authorities

Using an SSL Certificate Obtained for Another Product

Self-Signed SSL Certificates

Obtaining and Installing a Server SSL Certificate

procedure iconsmall spaceHow to Generate a Certificate Signing Request

procedure iconsmall spaceHow to Install a Server SSL Certificate

procedure iconsmall spaceHow to Install an SSL Certificate Obtained for Another Product

procedure iconsmall spaceHow to Install the CA Certificate for an Unsupported CA

procedure iconsmall spaceHow to Install a CA Certificate Chain

procedure iconsmall spaceHow to Replace a Server SSL Certificate

Enabling SGD Security Services With Automatic Configuration

procedure iconsmall spaceHow to Enable SGD Security Services With Automatic Configuration

Using HTTPS Connections to the SGD Web Server

Using Firewall Traversal

procedure iconsmall spaceHow to Configure Firewall Traversal

Securing SOAP Connections to an SGD Server

procedure iconsmall spaceHow to Secure the SOAP Connections to an SGD Server

Securing the SOAP Connections From Remote Hosts

Enabling SGD Security Services

procedure iconsmall spaceHow to Enable SGD Security Services for an SGD Server

Using Connection Definitions

procedure iconsmall spaceHow to Enable Connection Definition Processing

procedure iconsmall spaceHow to Configure Connection Definitions

Client Connections and Security Warnings

Browser and Java Plugin Tool Security Warnings

SGD Server SSL Certificate Security Warnings

Untrusted Initial Connection Warnings

The SSL Daemon

procedure iconsmall spaceHow to Tune SSL Daemon Processes

procedure iconsmall spaceHow to Change SSL Daemon Log Filters

procedure iconsmall spaceHow to Change SSL Daemon Maximum Restart Attempts

Selecting a Cipher Suite for Secure Client Connections

procedure iconsmall spaceHow to Change the Cipher Suite for Secure Client Connections

Using External SSL Accelerators

procedure iconsmall spaceHow to Enable External SSL Accelerator Support

Securing Connections Between SGD Servers

Using Secure Intra-Array Communication

Managing CA and Peer SSL Certificates

procedure iconsmall spaceHow to Enable Secure Intra-Array Communication

Selecting a Cipher Suite for Secure Intra‐Array Communication

procedure iconsmall spaceHow to Change the Cipher Suite for Secure Intra‐Array Communication

Securing Connections to Application Servers with SSH

SSH Support

Configuring the SSH Client

procedure iconsmall spaceHow to Set Global SSH Client Options

procedure iconsmall spaceHow to Set Application SSH Client Options

Enabling X11 Forwarding

procedure iconsmall spaceHow to Enable X11 Forwarding

Using SSH and the X Security Extension

procedure iconsmall spaceHow to Enable the X Security Extension

Using SSH and X Authorization

Using Advanced SSH Functions

Known Limitation With Client Keys

User Authentication

Secure Global Desktop Authentication

User Identity

User Profile

System Authentication Mechanisms

Password Expiry

Security and Passwords

Application Authentication

Login Scripts

Configuring Application Authentication

The Application Server Password Cache

Managing the Application Server Password Cache

Security and the Password Cache

Windows Domains and the Password Cache

Using RSA SecurID for Application Authentication

Supporting Users in Different Locales

Adding Support for System Prompts in Different Languages

Enabling an Input Method

Active Directory Authentication

How Active Directory Authentication Works

User Identity and User Profile

Setting Up Active Directory Authentication

Configuring SGD for Kerberos Authentication

Synchronizing System Clocks

Kerberos Configuration File

procedure iconsmall spaceHow to Enable Active Directory Authentication

procedure iconsmall spaceHow to Configure SSL Connections to Active Directory

Anonymous User Authentication

How Anonymous User Authentication Works

User Identity and User Profile

Application Sessions and Password Cache Entries

procedure iconsmall spaceHow to Enable Anonymous User Authentication

LDAP Authentication

How LDAP Authentication Works

User Identity and User Profile

Supported LDAP Directory Servers

Sun Java System Directory Server

Microsoft Active Directory

Novell eDirectory

procedure iconsmall spaceHow to Enable LDAP Authentication

Restricting the LDAP Users That Can Log In to SGD

procedure iconsmall spaceHow to Configure an LDAP Login Filter

SecurID Authentication

Supported Versions of SecurID

How SecurID Authentication Works

User Identity and User Profile

Setting Up SecurID Authentication

Configuring SGD servers as Agent Hosts

procedure iconsmall spaceHow to Configure an SGD Server as an Agent Host

procedure iconsmall spaceHow to Enable SecurID Authentication

Third-Party and Web Server Authentication

How Third-Party Authentication Works

Search Local Repository

Search LDAP Repository

Use Default Third-Party Identity

procedure iconsmall spaceHow to Enable Third-Party Authentication

Web Server Authentication

How Web Server Authentication Works

Security Considerations of Using Web Server Authentication

Enabling Web Server Authentication

procedure iconsmall spaceHow to Enable Web Server Authentication for the SGD Web Server

Using Authentication Plug-ins With Web Server Authentication

procedure iconsmall spaceHow to Enable Support for Other Environment Variables for Web Server Authentication

Using Client Certificates With Web Server Authentication

procedure iconsmall spaceHow to Enable Support for the SSL_CLIENT_S_DN_CN Variable

SGD Administrators and Third-Party Authentication

Trusted Users and Third-Party Authentication

Information for Application Developers

procedure iconsmall spaceHow to Create a New Trusted User

UNIX System Authentication

How UNIX System Authentication Works

Search Unix User ID in Local Repository

Search Unix Group ID in Local Repository

Use Default User Profile

UNIX System Authentication and PAM

procedure iconsmall spaceHow to Enable UNIX System Authentication

Windows Domain Authentication

How Windows Domain Authentication Works

User Identity and User Profile

procedure iconsmall spaceHow to Enable Windows Domain Authentication

Passwords, Domains, and Domain Controllers

procedure iconsmall spaceHow to Specify a Domain Controller on a Different Subnet

Troubleshooting Secure Global Desktop Authentication

Setting Log Filters for Authentication Problems

Tuning LDAP Performance for Authentication

LDAP User Name Search Attributes

LDAP Timeout

LDAP Cache

Troubleshooting Active Directory Authentication

LDAP Discovery Timeout

Searching Only the Global Catalog

Troubleshooting LDAP Authentication

Troubleshooting Web Server Authentication

Web Server Authentication Fails

Users See the Standard SGD Login Page

Users Get the Wrong Webtop

Denying Users Access to SGD After Failed Login Attempts

procedure iconsmall spaceHow to Enable the Login Failure Handler

procedure iconsmall spaceHow to Change the Number of Login Attempts

Users Cannot Log In to Any SGD Server

Using Shared Accounts for Guest Users

procedure iconsmall spaceHow to Share a User Profile Between Users

Solaris OS Users Cannot Log in When Security is Enabled

An Ambiguous User Name Dialog Is Displayed When a User Tries to Log in

Troubleshooting Application Authentication

Users Can Start Applications With Different User Names and Passwords

Using Windows Terminal Services, Users Are Prompted for User Names and Passwords Too Often

SGD Prompts the User

Terminal Server Prompts the User

Publishing Applications to Users

Organizations and Objects

Organizational Hierarchies

The User Profiles Tab

The Applications Tab

The Application Servers Tab

The System Objects Organization

SGD Object Types

Directory Object: Organization

Directory (Light) Object: Domain Component

Directory Object: Organizational Unit

Directory (Light) Object: Active Directory Container

User Profile Object

Group Object

Windows Application Object

X Application Object

Character Application Object

Document Object

3270 Application Object

5250 Application Object

Application Server Object

Designing the Organizational Hierarchy

Naming Objects in the Organizational Hierarchy

Populating the SGD Organizational Hierarchy Using a Batch Script

LDAP Mirroring

An Example of LDAP Mirroring

SGD Administrators

procedure iconsmall spaceHow To Add an SGD Administrator

procedure iconsmall spaceHow To Remove an SGD Administrator

Publishing Applications

Local Assignments

procedure iconsmall spaceHow to Assign Application Servers to Applications

procedure iconsmall spaceHow to Assign Applications to Users

LDAP Assignments

procedure iconsmall spaceHow to Assign Applications to LDAP Users

procedure iconsmall spaceHow to Assign Applications to Members of LDAP Groups

procedure iconsmall spaceHow to Assign Applications Using LDAP Searches

Using LDAP Searches

Reviewing Assignments

Tuning LDAP Group Searches

procedure iconsmall spaceHow to Increase the LDAP Group Search Depth

procedure iconsmall spaceHow to Configure LDAP Group Reverse Attributes

procedure iconsmall spaceHow to Configure LDAP Group Membership Attributes

procedure iconsmall spaceHow to Configure LDAP Group Short Name Attributes

LDAP Person Object Search Filter

procedure iconsmall spaceHow to Change the LDAP Person Object Search Filter

Troubleshooting LDAP Assignments

Configuring Applications

Supported Applications

Supported Installation Platforms for the SGD Enhancement Module

Windows Applications

Configuring Windows Application Objects

Creating Windows Application Objects on the Command Line

Using Microsoft RDP

Configuring Microsoft Windows Terminal Services for Use With SGD

Microsoft Windows Remote Desktop

Seamless Windows

Key Handling for Windows Terminal Services

Returning Client Device Information for Windows Terminal Services Sessions

The SGD Terminal Services Client

Running Windows Applications on Client Devices

X Applications

Configuring X Application Objects

Creating X Application Objects on the Command Line

Supported X Extensions

X Authorization

X Fonts

Using Your Own X Fonts

procedure iconsmall spaceHow to Configure SGD to Use Your Own X Fonts

Keyboard Maps

Character Applications

Configuring Character Application Objects

Creating Character Application Objects on the Command Line

Terminal Emulator Keyboard Maps

Default Mappings

Creating a Keyboard Map

Key Names

Client Device Keys

Application Server Keystrokes

Terminal Emulator Attribute Maps

procedure iconsmall spaceHow to Create Your Own Attribute Map

Editing Character Attributes

Terminal Emulator Color Maps

Examples of Using Color Maps

Tips on Configuring Applications

Starting an Application or Desktop Session Without Displaying a Webtop

Using My Desktop

Using the SGD Client in Integrated Mode

Using SGD Web Services

Using Multihead Or Dual Head Monitors

Disabling Shared Resources

Configuring the Correct Desktop Size

Setting Up the Monitors

Improving the Performance of Windows Desktop Sessions

Improving the Performance of Java Desktop System Desktop Sessions or Applications

Configuring the X Application Object for Java Desktop System

Disabling Default Java Desktop System Settings

Documents and Web Applications

Creating a Virtual Classroom

procedure iconsmall spaceHow to Create the Teacher’s Application Object

procedure iconsmall spaceHow to Create the Classroom Application

Configuring Common Desktop Environment Applications

Configuring a CDE Desktop Session

Configuring a CDE Application

Using CDE and SSH

Configuring VMS Applications

Configuring the Login Script Used for the Application

Configuring the Transport Variable in the Login Script

Disabling X Security

3270 and 5250 Applications

Troubleshooting Applications

Using Shadowing to Troubleshoot a User’s Problem

An Application Does Not Start

Checking the Configuration of the Application Object

Checking the Launch Details and Error Logs

Troubleshooting ErrApplicationServerTimeout Errors

Troubleshooting ErrApplicationServerLoginFailed Errors

An Application Exits Immediately After Starting

Applications Disappear After About Two Minutes

An Application Session Does Not End When the User Exits an Application

Applications Fail To Start When X Authorization Is Enabled

A Kiosk Application Is Not Appearing Full-Screen

An Application’s Animation Appears ‘Jumpy’

Font Problems with X Applications

Display Problems With High Color X Applications

The X Application Fails With a Color Planes Error

The Colors Appear Strange

The X Application Uses Too Much Bandwidth

8-bit Applications Exit With a PseudoColor Visual Error

Clipped Windows With Client Window Management Applications

Emulating a Sun Keyboard

In Some X Applications, the Alt and AltGraph Keys Do Not Work

Display Update Issues When Shadowing Over a Low Bandwidth Connection

Client Device Support

Printing

Overview of SGD Printing

Setting Up Printing

Configuring Microsoft Windows Application Servers for Printing

Configuring Printing for Microsoft RDP

Configuring Other Microsoft Windows Application Servers for Printing

Configuring UNIX and Linux Platform Application Servers for Printing

procedure iconsmall spaceHow to Install an SGD Printer Queue on a UNIX or Linux Platform Application Server

The SGD Printer Queue Installation Script

Configuring Printing for CUPS

Printing With the SGD lp and lpr Scripts

Configuring an SGD Server for Printing

Checking the Ghostscript Installation on the SGD Host

Configuring the SGD Host to Accept Remote Print Requests

Configuring SGD Print Job Conversion

Configuring Printing to Microsoft Windows Client Devices

PDF Printing

Printer-Direct Printing

Configuring Printing to UNIX, Linux, and Mac OS X Platform Client Devices

PDF Printing

Printer-Direct Printing

Managing Printing

The tarantella print Command

Setting a Time Limit for Print Jobs

User Management of Print Jobs

Users Cannot Print From Applications Displayed Through SGD

Client Devices Checklist

Application Server Checklist

SGD Server Checklist

Tracing a Print Job

Troubleshooting Other Printing Problems

Troubleshooting Printer Preferences and Settings

Print Jobs Can Be Queued When SGD Printing is Disabled

Fonts Do Not Print Correctly With PDF Printing

Changing Printer Names in Windows Application Sessions

Changing the Names of the PDF Printers

Users See a Printer Called ‘_Default’ in a Windows Application Session?

Client Drive Mapping

Setting Up Client Drive Mapping

Configuring UNIX and Linux Platform Application Servers for CDM

Configuring an NFS Share for CDM

Configuring a Shared Directory on the Application Server

Configuring How Client Drives Are Displayed on UNIX Platforms

Starting CDM Processes on the Application Server

Configuring Microsoft Windows Application Servers for CDM

Remapping or Hiding Microsoft Windows Application Server Drives

Enabling CDM Services in SGD

procedure iconsmall spaceHow to Enable SGD Client Drive Mapping Services

procedure iconsmall spaceHow to Run CDM and Another SMB Service on the Same Host

Configuring the Drives Available to UNIX, Linux, and Mac OS X Platform Client Devices

Configuring the Drives Available to Microsoft Windows Client Devices

An Example of Configuring Drive Availability for Users

Troubleshooting Client Drive Mapping

No Client Drives Are Mapped Within the User’s Session or There Are Fewer Drives Than Expected

Invalid Password Errors on Microsoft Windows Application Servers

Windows Client Drives Are Mapped Using Unexpected Drive Letters

More Client Drives Are Mapped Than Expected

The Recycle Bin Does Not Work As Expected

Mapped Drives Have Unusual Names

CDM Limitations for Shared Users

Logging for CDM

Enabling CDM Logging for the SGD Array

CDM Diagnostics for Microsoft Windows Application Servers

CDM Diagnostics for Unix or Linux Platform Application Servers

Audio

Setting Up Audio

Configuring Microsoft Windows Application Servers for Audio

Configuring UNIX and Linux Platform Application Servers for Audio

Installing the Audio Module

Starting the Audio Module

About the SGD Audio Daemon

Configuring X Applications for Audio

Enabling SGD Audio Services

procedure iconsmall spaceHow to Enable the SGD Windows Audio Service

procedure iconsmall spaceHow to Enable the SGD UNIX Audio Service

Configuring Client Devices for Audio

Troubleshooting Audio in Applications

No Audio Plays At All

Audio Is Muffled or Distorted

Not All Users Require Audio

Enabling UNIX Audio Debug Logging

Copy and Paste

Using Copy and Paste

Controlling Copy and Paste in Applications

Configuring Global Copy and Paste Settings for the SGD Array

Configuring Copy and Paste for Specific Users

Configuring Copy and Paste for Specific Applications

An Example of Using Clipboard Security Levels

Tips on Configuring Copy and Paste

Copy and Paste Troubleshooting

Smart Cards

Using Smart Cards With Windows Applications

Smart Cards Supported by SGD

Setting Up Access to Smart Cards

Configuring the Microsoft Windows Application Server for Smart Cards

Application Server Authentication Dialog Settings

Enabling Smart Cards in SGD

procedure iconsmall spaceHow to Enable Smart Cards in SGD

Configuring Smart Card Readers on Client Devices

Microsoft Windows Client Devices

Linux Platform and Solaris OS Client Devices

procedure iconsmall spaceHow to Log In to a Microsoft Windows Application Server With a Smart Card

Troubleshooting Smart Cards

Serial Ports

Setting Up Access to Serial Ports

Configuring the Microsoft Windows Application Server

Enabling Serial Port Access in SGD

procedure iconsmall spaceHow to Enable Access to Serial Ports

Configuring the Client Device

SGD Client and Webtop

Supported Client Platforms

The SGD Client

Overview of the SGD Client

Configuring the SGD Client

The SGD Client Helper

Installing the SGD Client

Automatic Installation of the SGD Client

procedure iconsmall spaceHow to Enable Automatic Installation for Roaming User Profiles

Manual Installation of the SGD Client

Running the SGD Client From the Command Line

Command-Line Examples

Web Services Developer Options

Accessing SGD Without Using Java Technology

procedure iconsmall spaceHow to Access SGD Without Using Java Technology

Client Profiles

Client Profiles and the SGD Client

Managing Client Profiles

procedure iconsmall spaceHow to Configure Client Profile Editing for Users

Client Profile Settings

About the Profile Cache

Microsoft Windows Users With Roaming User Profiles

Integrated Mode

Working in Integrated Mode

Setting Up the SGD Client for Integrated Mode

Authentication Token Authentication

How Authentication Token Authentication Works

Authentication Tokens and Security

procedure iconsmall spaceHow to Enable Authentication Token Authentication

Administering Authentication Tokens

Troubleshooting Automatic Logins

Configuring the Client Profile for Integrated Mode

Configuring Applications for Integrated Mode

Webtops

Setting the Language for the Webtop

Overriding the Default Language for the Webtop

Relocating the Webtop

procedure iconsmall spaceHow to Relocate the Webtop to Your Own JSP Technology Container

SGD Servers, Arrays, and Load Balancing

Arrays

The Structure of an Array

Replicating Data Across the Array

Array Communication

Adding and Removing SGD Servers From An Array

procedure iconsmall spaceHow to Add a Server to an Array

procedure iconsmall spaceHow to Remove a Server From an Array

procedure iconsmall spaceHow to Change the Primary Server in an Array

Configuring Arrays and Servers

Array Failover

Examples of How Array Failover Works

Configuring Array Failover

About the Backup Primaries List

Cleaning an Array

Load Balancing

User Session Load Balancing

Using The Load-Balancing JSP Technology Page to Distribute User Sessions

procedure iconsmall spaceHow to Configure the Load‐Balancing JSP Technology Page to Distribute User Sessions

Using an External Mechanism to Distribute User Sessions

procedure iconsmall spaceHow to Configure the Load‐Balancing JSP Technology Page for an External Load Balancing Mechanism

procedure iconsmall spaceHow to Configure the Load‐Balancing JSP Technology Page for Use With My Desktop

Additional Load‐Balancing JSP Technology Page Configuration

Application Session Load Balancing

Application Load Balancing

Defining the Application Servers to Run the Application

Selecting the Load Balancing Method

Load Balancing Groups

How Application Load Balancing Works

Application Server Availability

Load Balancing Groups

Server Affinity

The Relative Power of the Application Servers

The Application Server With the Least Load

How Advanced Load Management Works

Tuning Application Load Balancing

Application Server’s Relative Power

Load Balancing Listening Ports

SGD Requests Updates From an Application Server

Frequency of the Load Calculation

Frequency of Updates to the Primary SGD Server

Reliability of CPU and Memory Data

Frequency of Updates to Array Members

Editing Application Load Balancing Properties

The Global Load Balancing Properties File

The Application Server Load Balancing Properties File

procedure iconsmall spaceHow to Create an Application Server Load Balancing Properties File

The Load Balancing Service Properties File

SGD Web Server

Introducing the SGD Web Server

Using Another Web Server With SGD

Securing the SGD Web Server

The httpd.conf.secure File

Administration Console

Running the Administration Console

Supported Browsers for the Administration Console

Starting the Administration Console

Deploying the Administration Console on Other Web Application Containers

Avoiding SGD Datastore Update Problems

Performing Array Operations Using the Administration Console

Displaying Online Help Over HTTPS Connections

Administration Console Configuration Settings

Number of Search Results

Synchronization Wait Period

Searching and Displaying LDAP Data

Session Timeout

Securing Access to the Administration Console

Monitoring and Logging

The SGD Datastore

User Sessions and Application Sessions

User Sessions

Application Sessions

Anonymous Users and Shared Users

Using Log Filters to Troubleshoot Problems With an SGD Server

Selecting a Component and Subcomponent

Selecting the Severity

Selecting a Destination

Examples of Using Log Filters

Viewing Log Output

Using Log Filters for Auditing

Viewing Audit Log Information

Examples of Using Log Filters for Auditing

Using Log Filters to Troubleshoot Problems With Protocol Engines

Examples of Using PE Log Filters

PE Log File Destinations

Viewing PE Log Output

Resetting a PE Log Filter

SGD Web Server Logging

Tomcat JSP Technology Container Logs

Apache Web Server Logs

SGD Client Logging

Licensing and SGD

License Keys and Licenses

User-Based Licenses

License Administration

Licensing Microsoft Windows Terminal Services

Managing CALs From the Command-Line

SGD Server Certificate Stores

The CA Certificate Truststore

procedure iconsmall spaceHow to Import CA Certificates or Certificate Chains into the CA Certificate Truststore

The Client Certificate Store

procedure iconsmall spaceHow to Create a Client Certificate CSR for an SGD Server

procedure iconsmall spaceHow to Install a Client Certificate for an SGD Server

SGD Installations

About Your SGD Installation

bin Directory

etc Directory

lib Directory

var Directory

webserver Directory

Backing Up and Restoring an SGD Installation

procedure iconsmall spaceHow to Make a Full Backup of an SGD Installation

Restoring a Damaged SGD Component

procedure iconsmall spaceHow to Do a Full Restore of an SGD Installation

Troubleshooting Arrays and Load Balancing

Troubleshooting Array Failover

Showing Status Information For an SGD Array

Enabling Array Failover Logging

Troubleshooting Advanced Load Management

The Load Balancing Service Is Not Working

SGD Ignores an Application Server Load Balancing Properties File

One of the Application Servers Is Never Picked

One of the Application Servers Is Always Picked

Two Identical Application Servers, But One Runs More Applications Than the Other

The SGD Server Log File Shows an Update Received for an Unknown ID

SGD Uses Too Much Network Bandwidth

Users Cannot Connect to an SGD Server When It Is In Firewall Traversal Mode

Users Cannot Relocate Their Sessions

Global Settings and Caches

Secure Global Desktop Authentication Tab

The Authentication Wizard

Token Generation

Description

Command Line

Password Cache

Description

Command Line

Third-Party Authentication

Description

Command Line

System Authentication

Description

Command Line

Search Local Repository

Description

Command Line

Search LDAP Repository

Description

Command Line

Use Default Third-Party Identity

Description

Command Line

Use Default LDAP Profile

Description

Command Line

Use Closest Matching LDAP Profile

Description

Command Line

LDAP/Active Directory

Description

Command Line

Unix

Description

Command Line

Authentication Token

Description

Command Line

Windows Domain Controller

Description

Command Line

SecurID

Description

Command Line

Anonymous

Description

Command Line

Search Unix User ID in Local Repository

Description

Command Line

Search Unix Group ID in Local Repository

Description

Command Line

Use Default User Profile

Description

Command Line

Windows Domain

Description

Command Line

Active Directory

Description

Command Line

LDAP

Description

Command Line

URLs

Description

Command Line

User Name and Password

Description

Command Line

Connection Security

Description

Command Line

Active Directory Base Domain

Description

Command Line

Active Directory Default Domain

Description

Command Line

Application Authentication Tab

Password Cache Usage

Description

Command Line

Action When Password Expired

Description

Command Line

Smart Card Authentication

Description

Command Line

Dialog Display

Description

Command Line

“Save Password” Box

Description

Command Line

“Always Use Smart Card” Box

Description

Command Line

Display Delay

Description

Command Line

“Launch Details” Pane

Description

Command Line

Communication Tab

Unencrypted Connections Port

Description

Command Line

Encrypted Connections Port

Description

Command Line

AIP Keepalive Frequency

Description

Command Line

Timeout for User Session Resumability

Description

Command Line

Timeout for General Resumability

Description

Command Line

Resource Synchronization Service

Description

Command Line

Client Device Tab

Client Drive Mapping

Description

Command Line

Windows Internet Name Service (WINS)

Description

Command Line

Fallback Drive Search

Description

Command Line

Windows Audio

Description

Command Line

Windows Audio Sound Quality

Description

Command Line

Unix Audio

Description

Command Line

Unix Audio Sound Quality

Description

Command Line

Smart Card

Description

Command Line

Serial Port Mapping

Description

Command Line

Copy and Paste

Description

Command Line

Client’s Clipboard Security Level

Description

Command Line

Time Zone Map File

Description

Command Line

Editing

Description

Command Line

Printing Tab

Client Printing

Description

Command Line

Universal PDF Printer

Description

Command Line

Make Universal PDF Printer the Default

Description

Command Line

Universal PDF Viewer

Description

Command Line

Make Universal PDF Viewer the Default

Description

Command Line

Postscript Printer Driver

Description

Command Line

Performance Tab

Application Session Load Balancing

Description

Command Line

Application Load Balancing

Description

Command Line

Security Tab

New Password Encryption Key

Description

Command Line

Timeout for Print Name Mapping

Description

Command Line

Connection Definitions

Description

Command Line

X Authorization for X Display

Description

Command Line

Monitoring Tab

Log Filter

Description

Command Line

Billing Service

Description

Command Line

Licenses Tab

New License Key

Description

Licenses Table

Key

User

Application

Load Management

Command Line

Array Failover Tab

Enable Array Failover

Description

Command Line

Array Monitor Interval

Description

Command Line

Array Monitor Attempts

Description

Command Line

Caches Tab

Passwords Tab

Description

Adding Entries to the Password Cache

Command Line

Tokens Tab

Description

Command Line

Secure Global Desktop Server Settings

Secure Global Desktop Servers Tab

The Secure Global Desktop Server List Table

Command Line

General Tab

External DNS Names

Description

Command Line

User Login

Description

Command Line

Redirection URL

Description

Command Line

Security Tab

Connection Types

Description

Command Line

SSL Accelerator Support

Description

Command Line

Firewall Forwarding URL

Description

Command Line

Performance Tab

Maximum Simultaneous Requests

Description

Command Line

Maximum Simultaneous User Sessions

Description

Command Line

Maximum File Descriptors

Description

Command Line

JVM Size

Description

Command Line

Daily Resource Synchronization Time

Description

Command Line

Load Balancing Groups

Description

Command Line

Protocol Engines Tab

Character Protocol Engine Tab

Maximum Sessions

Description

Command Line

Exit Timeout

Description

Command Line

Command-Line Arguments

Description

Command Line

X Protocol Engine Tab

Monitor Resolution

Description

Command Line

Font Path

Description

Command Line

RGB Database

Description

Command Line

Keyboard Map

Description

Command Line

Client Window Size

Description

Command Line

Session Start Timeout

Description

Command Line

Maximum Sessions

Description

Command Line

Exit Timeout

Description

Command Line

Command-Line Arguments

Description

Command Line

Execution Protocol Engine Tab

Maximum Sessions

Description

Command Line

Exit Timeout

Description

Command Line

Login Script Directory

Description

Command Line

Command-Line Arguments

Description

Command Line

Channel Protocol Engine Tab

Packet Compression

Description

Command Line

Packet Compression Threshold

Description

Command Line

Exit Timeout

Description

Command Line

Print Protocol Engine Tab

Packet Compression

Description

Command Line

Packet Compression Threshold

Description

Command Line

Exit Timeout

Description

Command Line

Audio Protocol Engine Tab

Packet Compression

Description

Command Line

Smart Card Protocol Engine Tab

Packet Compression

Description

Command Line

User Sessions Tab

The User Session List Table

Command Line

Application Sessions Tab

The Application Session List Table

Command Line

User Profiles, Applications, and Application Servers

SGD Objects

3270 Application Object

5250 Application Object

Application Server Object

Character Application Object

Directory: Organization Object

Directory: Organizational Unit Object

Directory (Light): Active Directory Container Object

Directory (Light): Domain Component Object

Document Object

Group Object

User Profile Object

Windows Application Object

X Application Object

Attributes Reference

Address

Description

Command Line

Answerback Message

Description

Command Line

Application Command

Description

Command Line

Application Load Balancing

Description

Command Line

Application Resumability

Description

Command Line

Application Resumability: Timeout

Description

Command Line

Application Sessions Tab

Description

Command Line

Application Start

Description

Command Line

Arguments for Command

Description

Command Line

Arguments for Protocol

Description

Command Line

Assigned Applications Tab

Description

Command Line

Assigned User Profiles Tab

Description

Command Line

Attribute Map

Description

Command Line

Audio Redirection Library

Description

Command Line

Background Color

Description

Command Line

Bandwidth Limit

Description

Command Line

Border Style

Description

Command Line

Client Drive Mapping

Description

Command Line

Client Printing

Description

Command Line

Client Printing: Override

Description

Command Line

Client Profile Editing

Description

Command Line

Code Page

Description

Command Line

Color Depth

Description

Command Line

Color Map

Description

Command Line

Color Quality

Description

Command Line

Command Compression

Description

Command Line

Command Execution

Description

Command Line

Comment

Description

Command Line

Connection Closed Action

Description

Command Line

Connection Method

Description

Command Line

Connections

Description

Command Line

Connection Method: ssh Arguments

Description

Command Line

Copy and Paste

Description

Command Line

Copy and Paste: Application’s Clipboard Security Level

Description

Command Line

Cursor

Description

Command Line

Cursor Key Codes Modification

Description

Command Line

Delayed Updates

Description

Command Line

Displayed Soft Buttons

Description

Command Line

Domain Name

Description

Command Line

Email Address

Description

Command Line

Emulation Type

Description

Command Line

Environment Variables

Description

Command Line

Escape Sequences

Description

Command Line

Euro Character

Description

Command Line

‘File’ and ‘Settings’ Menus

Description

Command Line

Font Family

Description

Command Line

Font Size

Description

Command Line

Font Size: Fixed Font Size

Description

Command Line

Foreground Color

Description

Command Line

Graphics Acceleration

Description

Command Line

Hints

Description

Command Line

Hosted Applications Tab

Description

Command Line

Hosting Application Servers Tab

Description

Command Line

Icon

Description

Command Line

Inherit Assigned Applications from Parent

Description

Command Line

Interlaced Images

Description

Command Line

Keep Launch Connection Open

Description

Command Line

Keyboard Codes Modification

Description

Command Line

Keyboard Map

Description

Command Line

Keyboard Map: Locked

Description

Command Line

Keyboard Type

Description

Command Line

Kiosk Mode Escape

Description

Command Line

Line Wrapping

Description

Command Line

Load Balancing Groups

Description

Command Line

Login

Description

Command Line

Login: Multiple

Description

Command Line

Login Name

Description

Command Line

Login Script

Description

Command Line

Make Universal PDF Printer the Default

Description

Command Line

Make Universal PDF Viewer the Default

Description

Command Line

Members Tab

Description

Command Line

Menu Bar

Description

Command Line

Middle Mouse Timeout

Description

Command Line

Monitor Resolution

Description

Command Line

Mouse

Description

Command Line

Name

Description

Command Line

Number of Sessions

Description

Command Line

Numpad Codes Modification

Description

Command Line

Passwords Tab

Description

Command Line

Password Cache Usage

Description

Command Line

Postscript Printer Driver

Description

Command Line

Prompt Locale

Description

Command Line

Scroll Style

Description

Command Line

Serial Port Mapping

Description

Command Line

Server Address

Description

Command Line

Server Port

Description

Command Line

Session Termination

Description

Command Line

Share Resources Between Similar Sessions

Description

Command Line

Status Line

Description

Command Line

Surname

Description

Command Line

SWM Local Window Hierarchy

Description

Command Line

Terminal Type

Description

Command Line

Tokens Tab

Description

Command Line

Universal PDF Printer

Description

Command Line

Universal PDF Viewer

Description

Command Line

URL

Description

Command Line

User Sessions Tab

Description

Command Line

Window Close Action

Description

Command Line

Window Color

Description

Command Line

Window Color: Custom Color

Description

Command Line

Window Management Keys

Description

Command Line

Window Manager

Description

Command Line

Window Size: Client’s Maximum Size

Description

Command Line

Window Size: Columns

Description

Command Line

Window Size: Height

Description

Command Line

Window Size: Lines

Description

Command Line

Window Size: Maximized

Description

Command Line

Window Size: Scale to Fit Window

Description

Command Line

Window Size: Width

Description

Command Line

Window Type

Description

Command Line

Window Type: New Browser Window

Description

Command Line

Windows Protocol

Description

Command Line

Windows Protocol: Try Running From Client First

Description

Command Line

X Security Extension

Description

Command Line

Commands

The tarantella Command

Syntax

Description

Examples

The tarantella archive Command

Syntax

Description

Examples

The tarantella array Command

Syntax

Description

Examples

tarantella array add_backup_primary

Syntax

Description

Examples

tarantella array clean

Syntax

Description

Examples

tarantella array detach

Syntax

Description

Examples

tarantella array edit_backup_primary

Syntax

Description

Examples

tarantella array join

Syntax

Description

Examples

tarantella array list

Syntax

Examples

tarantella array list_backup_primaries

Syntax

Description

Examples

tarantella array make_primary

Syntax

Description

Examples

tarantella array remove_backup_primary

Syntax

Description

Examples

The tarantella cache Command

Syntax

Description

Examples

The tarantella config Command

Syntax

Description

Examples

tarantella config edit

Syntax

Description

Examples

tarantella config list

Syntax

Description

Examples

The tarantella emulatorsession Command

Syntax

Description

Examples

tarantella emulatorsession list

Syntax

Description

Examples

tarantella emulatorsession info

Syntax

Description

Examples

tarantella emulatorsession shadow

Syntax

Description

Examples

tarantella emulatorsession suspend

Syntax

Description

Examples

tarantella emulatorsession end

Syntax

Description

Examples

The tarantella help Command

Syntax

Description

Examples

The tarantella license Command

Syntax

Description

Examples

tarantella license add

Syntax

Description

Examples

tarantella license info

Syntax

Description

Examples

tarantella license list

Syntax

Description

Examples

tarantella license query

Syntax

Description

Examples

tarantella license remove

Syntax

Description

Examples

tarantella license status

Syntax

Description

Examples

The tarantella object Command

Syntax

Description

Examples

tarantella object add_host

Syntax

Description

Examples

tarantella object add_link

Syntax

Description

Examples

tarantella object add_member

Syntax

Description

Examples

tarantella object delete

Syntax

Description

Examples

tarantella object edit

Syntax

Description

Examples

tarantella object list_attributes

Syntax

Description

Examples

tarantella object list_contents

Syntax

Description

Examples

tarantella object new_3270app

Syntax

Description

Examples

tarantella object new_5250app

Syntax

Description

Examples

tarantella object new_charapp

Syntax

Description

Examples

tarantella object new_container

Syntax

Description

Examples

tarantella object new_dc

Syntax

Description

Examples

tarantella object new_doc

Syntax

Description

Examples

tarantella object new_group

Syntax

Description

Examples

tarantella object new_host

Syntax

Description

Examples

tarantella object new_org

Syntax

Description

Examples

tarantella object new_orgunit

Syntax

Description

Examples

tarantella object new_person

Syntax

Description

Examples

tarantella object new_windowsapp

Syntax

Description

Examples

tarantella object new_xapp

Syntax

Description

Examples

tarantella object remove_host

Syntax

Description

Examples

tarantella object remove_link

Syntax

Description

Examples

tarantella object remove_member

Syntax

Description

Examples

tarantella object rename

Syntax

Description

Examples

tarantella object script

Syntax

Description

Examples

The tarantella passcache Command

Syntax

Description

Examples

tarantella passcache delete

Syntax

Description

Examples

tarantella passcache edit

Syntax

Description

Examples

tarantella passcache list

Syntax

Description

Examples

tarantella passcache new

Syntax

Description

Examples

The tarantella print Command

Syntax

Description

Examples

tarantella print cancel

Syntax

Description

Examples

tarantella print list

Syntax

Description

Examples

tarantella print move

Syntax

Description

Examples

tarantella print pause

Syntax

Description

Examples

tarantella print resume

Syntax

Description

Examples

tarantella print start

Syntax

Description

Examples

tarantella print status

Syntax

Description

Examples

tarantella print stop

Syntax

Description

Examples

The tarantella query Command

Syntax

Description

Examples

tarantella query audit

Syntax

Description

Examples

tarantella query billing

Syntax

Description

Examples

tarantella query errlog

Syntax

Description

Examples

tarantella query uptime

Syntax

Description

Examples

The tarantella restart Command

Syntax

Description

Examples

tarantella restart sgd

Syntax

Description

Examples

tarantella restart webserver

Syntax

Description

Examples

The tarantella role Command

Syntax

Description

Examples

tarantella role add_link

Syntax

Description

Examples

tarantella role add_member

Syntax

Description

Examples

tarantella role list

Syntax

Description

Examples

tarantella role list_links

Syntax

Description

Examples

tarantella role list_members

Syntax

Description

Examples

tarantella role remove_link

Syntax

Description

Examples

tarantella role remove_member

Syntax

Description

Examples

The tarantella security Command

Syntax

Description

Examples

tarantella security certinfo

Syntax

Description

Examples

tarantella security certrequest

Syntax

Description

Examples

tarantella security certuse

Syntax

Description

Examples

tarantella security customca

Syntax

Description

Examples

tarantella security decryptkey

Syntax

Description

Examples

tarantella security disable

Syntax

Description

Examples

tarantella security enable

Syntax

Description

Examples

tarantella security fingerprint

Syntax

Description

Examples

tarantella security peerca

Syntax

Description

Examples

tarantella security selfsign

Syntax

Description

Examples

tarantella security start

Syntax

Description

Examples

tarantella security stop

Syntax

Description

Examples

The tarantella setup Command

Syntax

Description

Examples

The tarantella start Command

Syntax

Description

Examples

tarantella start cdm

Syntax

Description

Examples

tarantella start sgd

Syntax

Description

Examples

tarantella start webserver

Syntax

Description

Examples

The tarantella status Command

Syntax

Description

Examples

The tarantella stop Command

Syntax

Description

Examples

tarantella stop cdm

Syntax

Description

Examples

tarantella stop sgd

Syntax

Description

Examples

tarantella stop webserver

Syntax

Description

Examples

The tarantella tokencache Command

Syntax

Description

Examples

tarantella tokencache delete

Syntax

Description

Examples

tarantella tokencache list

Syntax

Description

Examples

The tarantella tscal Command

Syntax

Description

Examples

tarantella tscal free

Syntax

Description

Examples

tarantella tscal list

Syntax

Description

Examples

tarantella tscal return

Syntax

Description

Examples

The tarantella uninstall Command

Syntax

Description

Examples

The tarantella version Command

Syntax

Description

Examples

The tarantella webserver Command

Syntax

Description

Examples

tarantella webserver add_trusted_user

Syntax

Description

Examples

tarantella webserver delete_trusted_user

Syntax

Description

Examples

tarantella webserver list_trusted_users

Syntax

Description

Examples

The tarantella webtopsession Command

Syntax

Description

Examples

tarantella webtopsession list

Syntax

Description

Examples

tarantella webtopsession logout

Syntax

Description

Examples

Login Scripts

Login Scripts Supplied With SGD

Login Scripts Used When Configuring Applications

Login Scripts Containing Common Code

Login Script Tcl Commands and Procedures

Controlling the SGD Application Authentication Dialog

authrequest

authenticate

authenticate2

customauthenticate

userauthenticate

Controlling the SGD Progress Dialog

loaderror

clienttimer

canceltimer

progress

Controlling the Connection to the Application Server

setbuffer

locallaunch

tarantella

sgdconnect

Login Script Variables

Guaranteed Login Script Variables

Optional Login Script Variables

Login Script Timeouts

Expect Timeouts

timeouts(hostprobe)

timeouts(prelogin)

timeouts(loggedin)

Client Timers

timers(login)

timers(env)

timers(runmain)

timers(build)

timers(total)

Other Timeouts

Login Script Error Messages

Glossary