7.3. Secure Web Access with Oracle Secure Global Desktop

7.3.1. How to Set Up Oracle Secure Global Desktop Using the Oracle Secure Global Desktop VDI Broker
7.3.2. How to Set Up Oracle Secure Global Desktop and Access a Desktop Using Oracle Secure Global Desktop Application Objects

Oracle VDI supports secure web access through Oracle Secure Global Desktop.

The mechanism for accessing desktops using Oracle Secure Global Desktop has changed since previous releases. The My Desktop Application Object and corresponding expect script are no longer required for Oracle VDI.

Oracle Secure Global Desktop release 4.6 includes a VDI Broker as part of the Dynamic Launch feature. To make use of the Oracle Secure Global Desktop VDI Broker, Oracle Secure Global Desktop and the Oracle VDI must be installed on the same host.

The steps below are a summarized version of the instructions in the Oracle Secure Global Desktop documentation. For the detailed information, see Integrating Oracle Secure Global Desktop with Oracle VDI in the Oracle Secure Global Desktop 4.6 Administration Guide and the Oracle Secure Global Desktop 4.6 Installation Guide

7.3.1. How to Set Up Oracle Secure Global Desktop Using the Oracle Secure Global Desktop VDI Broker

  1. Install Oracle Secure Global Desktop.

  2. Create a Windows Application Object.

    You need to create a Windows Application Object to offer users an easy way to access the desktops managed by Oracle VDI. This can be done using the Oracle Secure Global Desktop command line or Administration Console.

    For example, to create a full screen kiosk Windows application using the Oracle Secure Global Desktop command line enter the following command.

    # /opt/tarantella/bin/tarantella object new_windowsapp \
    --name ".../_ens/o=applications/cn=Oracle VDI Desktop" \
    --width 1200 --height 1000 --maxinstances 1 --login windows.exp \
    --displayusing kiosk --maximize true
  3. Create a Dynamic Application Server for the VDI Broker.

    1. In the Administration Console, go to the Application Servers tab.

    2. Create a dynamic application server object for the VDI broker.

      1. Select an object in the organizational hierarchy.

      2. In the content area, click New.

        The Create a New Object window is displayed.

      3. In the Name field, type the name of the dynamic application server.

        For example, 'VDI Broker'.

      4. Ensure the Dynamic Application Server option is selected, and click Create.

    3. Configure the dynamic application server object.

      1. Click the View New Object link.

        The General tab for the dynamic application server object is displayed.

      2. In the Virtual Server Broker Class list, select VDI.

      3. In the Virtual Server Broker Parameters field, type 'localhost'.

        The VDI broker can only be used if Oracle Secure Global Desktop and Oracle VDI are installed on the same host.

      4. Click Save.

  4. Assign the VDI Dynamic Application Server to the VDI Windows application.

    Ensure that only the VDI Dynamic Application server is assigned to the application. Remove any conventional application server assignments.

    1. In the Administration Console, go to the Applications tab and select an application object or a group object.

    2. Go to the Hosting Application Servers tab.

    3. In the Editable Assignments table, click Add.

    4. Locate application server or group objects.

    5. Select the check box next to the application server or group objects and click Add.

  5. Assign the new Application Object to the users that need to access an Oracle VDI Desktop.

    By default, all the users are assigned to the Applications group so an easy way to do so is to add the newly created application object to the Applications group.

    # /opt/tarantella/bin/tarantella object add_member \
    --name ".../_ens/o=applications/cn=Applications" \
    --member ".../_ens/o=applications/cn=Oracle VDI Desktop"

    Creating the Application Object and adding the object to the Applications group can also be done via the Oracle Secure Global Desktop Administration Console.

  6. Access a desktop.

    1. Log into the Oracle Secure Global Desktop webtop.

      Use the URL http://<sgd-server>/sgd) as the user who has been assigned the pool/desktop.

      The Windows Application Object that you have previously created should appear in the list of applications on the left-hand side.

    2. Click the Application Object.

      You should be asked for user credentials. Then a Windows session for the user will appear on the assigned desktop.

7.3.2. How to Set Up Oracle Secure Global Desktop and Access a Desktop Using Oracle Secure Global Desktop Application Objects

If it is not possible to install Oracle Secure Global Desktop and the Oracle VDI on the same host, the Oracle Secure Global Desktop VDI Broker will not work. In that case, configure Oracle Secure Global Desktop using the procedure below.

  1. Install Oracle Secure Global Desktop.

  2. Create a Windows Application Object.

    You need to create a Windows application object to offer users an easy way to access the desktops managed by Oracle VDI. This can be done using the Oracle Secure Global Desktop command line or Administration Console.

    For example, to create a full screen kiosk Windows application using the Oracle Secure Global Desktop command line enter the following command.

    # /opt/tarantella/bin/tarantella object new_windowsapp \
    -name ".../_ens/o=applications/cn=Oracle VDI Desktop" \
    -width 1200 -height 1000 -maxinstances 1 -login windows.exp
    -displayusing kiosk -maximize true
  3. Configure an application server for the new Application Object.

    If theOracle Secure Global Desktop server and the Oracle VDI server are the same machine, no further commands are necessary. An application object will use the SGD server as the application host by default if an explicit application host isn't specified.

    1. However, if you need to create a host object, use the following command.

      /opt/tarantella/bin/tarantella object new_host \
      --name ".../_ens/o=appservers/cn=hostname" \
      --address "hostname.domain.com"
    2. To assign the host object to an application object.

      /opt/tarantella/bin/tarantella object add_host \
      --name ".../_ens/o=applications/cn=Oracle VDI Desktop" \
      --host ".../_ens/o=appservers/cn=hostname"
  4. Assign the new Application Object to the users that need to access an Oracle VDI Desktop.

    By default, all the users are assigned to the Applications group so an easy way to do so is to add the newly created application object to the Applications group.

    # /opt/tarantella/bin/tarantella object add_member \
    --name ".../_ens/o=applications/cn=Applications" \
    --member ".../_ens/o=applications/cn=Oracle VDI Desktop"

    Creating the Application Object and adding the object to the Applications group can also be done via the Oracle Secure Global Desktop Administration Console.

  5. Access a desktop.

    1. Log into the Oracle Secure Global Desktop webtop.

      Use the URL http://<sgd-server>/sgd) as the user who has been assigned the pool/desktop. The Windows Application Object that you've previously created should appear in the list of applications on the left-hand side.

    2. Click the Application Object.

      You should be asked for user credentials. Then a Windows session for the user will appear on the assigned desktop.