Oracle® Secure Global Desktop

Quick Start Guide for Release 5.6

November 2020

F28104-02


1 Preface

This document describes how to get started with using Oracle Secure Global Desktop (SGD). Instructions are given on how to install the software and log in to the SGD workspace. Procedures for configuring SGD to use an application server and for publishing an application on the SGD workspace are included.

The document is written for system administrators who are new to SGD and want to quickly get up and running with the product.

Related Documents

The documentation for this product is available at:

https://docs.oracle.com/en/virtualization/secure-global-desktop/index.html

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at https://www.oracle.com/corporate/accessibility/.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit https://www.oracle.com/corporate/accessibility/learning-support.html#support-tab.

Diversity and Inclusion

Oracle is fully committed to diversity and inclusion. Oracle recognizes the influence of ethnic and cultural values and is working to remove language from our products and documentation that might be considered insensitive. While doing so, we are also mindful of the necessity to maintain compatibility with our customers' existing technologies and the need to ensure continuity of service as Oracle's offerings and industry standards evolve. Because of these technical constraints, our effort to remove insensitive terms is an ongoing, long-term process.

Document Revision

Document generated on: 2020-11-05 (revision: 6692)

2 Installing the SGD Server

The following procedure describes how to install the SGD software on an Oracle Linux host.

Note

Before you begin, check the following:

  • (Optional) You have access to your SSL certificate and the private key and CA certificate, if needed. The certificates must be in PEM format.

  • Ports 80 and 443 are open in your firewall.

    If port 80 and port 443 are in use, you must either shut down the other services using those ports or configure the SGD server to use other ports.

  1. Obtain the SGD software.

    Download the software from the Oracle Software Delivery Cloud and save the software package file to a temporary directory on the host.

    The package file is named oracle-sgd-server-version.el7.x86_64.rpm, where version is the SGD software version number.

  2. Log in as superuser (root) on the host.

  3. Install SGD.

    If the package file is compressed, you must expand it before installing.

    From a temporary directory:

    # yum install /tempdir/oracle-sgd-server-version.el7.x86_64.rpm
    

    SGD is installed in the /opt/tarantella directory on the host.

  4. Start the SGD server.

    # /opt/tarantella/bin/tarantella start
    

    The software is installed and configured using the default settings.

3 Guidelines for Installing SGD Packages

Depending on your requirements, you may need to install some additional SGD packages.

HTML5 Client

By default, the HTML5 Client is not available for an SGD server. Administrators must install the following package on the SGD host:

oracle-sgd-webclient-version.el7.noarch.rpm

where version is the SGD software version number.

Extension Packages

To enable full support for SGD features such as printing and client drive mapping, install the relevant oracle-sgd-ext-* extension package on the SGD host:

  • oracle-sgd-ext-unixcdm-version.el7.noarch.rpm. For UNIX client drive mapping with Oracle Linux 7 or later application servers.

  • oracle-sgd-ext-print-converter-version.el7.noarch.rpm. For PDF printing.

  • oracle-sgd-ext-print-cups-version.el7.noarch.rpm. For printing from a UNIX or Linux application server.

where version is the SGD software version number.

See Installing the oracle-sgd-ext-* Extension Packages in the Oracle Secure Global Desktop Installation Guide for details of how to install the packages.

Downloadable Packages

By default, packages for SGD components such as the SGD Client and SGD Enhancement Module are not available from the SGD web server. Administrators must install these packages manually on the SGD host as follows:

  • Download packages for SGD Clients can be made available on the SGD web server by installing the following package:

    oracle-sgd-clients-version.el7.noarch.rpm

    where version is the SGD Client software version number.

  • To make SGD Enhancement Module packages available for download from the SGD web server, install the following package:

    oracle-sgd-tems-version.el7.noarch.rpm

    where version is the SGD Enhancement Module software version number.

4 Logging In to SGD

This section describes how to log in to SGD using the default SGD Administrator account.

You log in to SGD using a supported browser. Ensure that JavaScript software and cookies are enabled in your browser.

The steps used to log in to SGD depend on if you want to install the SGD Client. The SGD Client is a software component that can be installed on client devices. The following options are available:

See Section 4.3, “Ways to Log In to SGD” for an overview of the ways you can log in to SGD.

4.1 Logging In Using the SGD Client

The following procedure describes how to install the SGD Client manually and log in to SGD using a browser.

  1. Install the SGD Client manually on the client device.

    You only need to do this the first time that you log in to SGD.

    Using a browser, go to the SGD web server Welcome page. For example, https://server.example.com, where server.example.com is the name of the SGD server.

    Click Install the Oracle Secure Global Desktop Client and follow the on-screen instructions to download and install the SGD Client.

  2. Log in to SGD.

    Using a browser, go to https://server.example.com/sgd.

    The SGD login dialog box is displayed, as shown in Figure 1, “The SGD Login Dialog Box”.

    When you install SGD, SGD creates a default SGD Administrator with the user name Administrator. This user authenticates using the password of the root user on the host.

    Enter Administrator for the Username and the superuser (root) password for the Password.

    Figure 1 The SGD Login Dialog Box

    Click Login to log in to SGD.

  3. A dialog box prompts you to start the Oracle Secure Global Desktop Client. See Figure 2, “Prompt to Start the SGD Client, Shown Using Firefox”.

    Figure 2 Prompt to Start the SGD Client, Shown Using Firefox
    Dialog box with prompt to start the SGD Client automatically, shown for Firefox on a Windows client

  4. Click the on-screen prompt to start the SGD Client.

    The prompt varies, depending on the browser and client platform.

  5. (Optional) The Untrusted Initial Connection message may be displayed.

    This is a security message that is shown the first time you connect to an SGD server. It enables you to check the hostname and server certificate details before agreeing to the connection.

    Click Yes to connect to the SGD server.

  6. The SGD Client starts automatically, and the workspace for the Administrator user is displayed. See Figure 3, “The Administrator User's Workspace”.

    Figure 3 The Administrator User's Workspace

    The Administrator workspace is a special web page that lists the applications and desktops that you can run through SGD, including the SGD administration tools.

    The workspace lists some sample applications that the SGD installation program found on the host, enabling you to start using SGD immediately.

4.2 Logging In Using the HTML5 Client

The following procedure describes how to log in to SGD using the HTML5 Client.

Note

If your SGD server uses an untrusted certificate, such as a self-signed certificate, you must configure your browser to trust the certificate. See Section 4.2.1, “Browser Workarounds for Using Untrusted Certificates with the HTML5 Client on Desktop Platforms”.

  1. Using a browser, go to https://server.example.com/sgd where server.example.com is the name of the SGD server.

    The SGD login dialog box is displayed, as shown in Figure 1, “The SGD Login Dialog Box”.

  2. Click Client Options on the login dialog box.

    A list of available Client Options is displayed. See Figure 4, “List of Available Client Options”.

    Figure 4 List of Available Client Options
    List of available client options. Shown when clicking Client Options link on the SGD login dialog box.

  3. Click the link to log in using the HTML5 Client.

    The login dialog box is redisplayed.

  4. Enter your SGD user name and password in the login dialog box.

    Enter Administrator for the Username and the superuser (root) password for the Password.

  5. Click Login to log in to SGD.

    While SGD is starting up a splash screen is displayed, showing the progress of the login process.

  6. The workspace for the Administrator user is displayed.

    The Administrator workspace is a special web page that lists the applications and desktops that you can run through SGD, including the SGD administration tools.

    The workspace lists some sample applications that the SGD installation program found on the host, enabling you to start using SGD immediately.

4.2.1 Browser Workarounds for Using Untrusted Certificates with the HTML5 Client on Desktop Platforms

Issues may be seen when you log in to SGD using the HTML5 Client and the SGD server uses an untrusted certificate, such as a self-signed certificate. For example, you may not be able to log in to the SGD server or applications may not start as expected.

If possible, use a certificate that is signed by a Certificate Authority that is trusted by the browser.

Alternatively, configure the browser to trust the certificate.

The following are examples of workarounds for some supported browsers:

  • Firefox: Import the SGD server certificate into the browser truststore.

    You may need to add a permanent security exception for the SGD server URL.

  • Edge: Import the SGD server certificate into the Trusted Root Certification Authorities store.

  • Safari: Set the trust policy for the SGD server certificate to "Always Trust".

  • Chrome: Import the SGD server certificate into the browser truststore.

4.3 Ways to Log In to SGD

The following table summarizes the most common methods of logging in to SGD.

The log in methods differ in whether they require the SGD Client to be installed on the client device.

Log In Method

Description

Automatic Start Up of SGD Client

  • The default method of logging in to SGD

  • SGD Client must be installed manually

  • SGD Client is started automatically

HTML5 Client

  • Uses an HTML5 web page

  • SGD Client install is not required

Manual Start Up of SGD Client

  • SGD Client must be installed manually

  • SGD Client must be started manually

  • Command line operation is supported

5 The Administration Console

The Administration Console is a web application that enables you to configure and manage an SGD server using a browser. The browser must have JavaScript software enabled.

The following procedure describes how to run the Administration Console from the SGD Administrator's workspace.

  1. Start the Administration Console.

    Click the Administration Console link on the workspace.

  2. The Administration Console opens in Navigation View, as shown in Figure 5, “The Administration Console”.

    Figure 5 The Administration Console

6 Creating an Application Server Object

You can use the SGD host as an application server. An application server object for the SGD host is created automatically when you install SGD.

If you are using a different application server to host applications, use the following procedure to create an application server object.

  1. In the Administration Console, click the Application Servers tab.

  2. In the content area, click New.

    The Create a New Object window is displayed.

  3. In the Name field, enter the fully qualified domain name for the application server.

    For example, boston.example.com.

  4. Ensure the Application Server option is selected and click Create.

    The Create a New Object window closes and the content area is updated with the new object.

7 Adding an Application to the SGD Workspace

The following procedure describes how to use the Administration Console to create an application that can be displayed through SGD, and how to add a link for the application to the SGD workspace.

In the following example, you create a new X terminal application.

  1. Create an application object.

    1. In the Administration Console, click the Applications tab.

    2. In the content area, click New.

      The Create a New Object dialog box is displayed. See Figure 6, “Creating a New X Application Object”.

      Figure 6 Creating a New X Application Object
      Dialog box for creating a new X application object

    3. In the Name field, enter the name of the application.

      For example, MyTerminal.

      The name you enter is used for the application link on the workspace.

    4. Ensure the X Application option is selected and click Create.

      The Create a New Object window closes and the content area is updated with the new object.

  2. Configure the application object.

    1. Click the View New Object link and configure settings for the application.

      In the Application Command field on the Launch tab, enter the application command.

      Use the full path of the command that runs the MyTerminal application. For example, /usr/bin/gnome-terminal.

    2. Click Save to save the configuration changes.

  3. Assign an application server to the application object.

    In this example, we use the SGD host as the application server.

    To use a different application server, see Section 6, “Creating an Application Server Object”.

    1. Click the Hosting Application Servers tab.

    2. In the Editable Assignments table, click Add.

      The Add Application Server Assignment window is displayed.

    3. Select the check box next to the application server object and click Add.

      For this example, select Tarantella server localhost, where localhost is the SGD host.

      The Effective Application Servers table is updated with the selected application server object.

  4. Add your application to the workspace.

    You add your application as a member of the Applications group. The Applications group contains the default set of applications for the workspace.

    1. In Navigation View, click the Applications tab and click the Applications group.

      The General tab is displayed.

    2. Click the Members tab.

    3. In the Editable Members table, click Add.

      The Add Application Member window is displayed.

    4. Select the check box for the MyTerminal application and click Add.

      The Effective Members table is updated with the selected application.

    5. The MyTerminal application is shown on your workspace.

  5. Start the application.

    Click the MyTerminal application link on the workspace.

  6. Close down the application.

    Use the window decoration for the application, or the workspace Close icon (X).

8 Logging Out of SGD

You must log out of SGD before closing your browser. This enables SGD to shut down applications and stop the SGD Client.

To log out of SGD, click the Logout button on your workspace and click OK when prompted for confirmation.

9 Next Steps

This section describes what you need to tell SGD users and how to view online documentation.

9.1 What You Need to Tell Users

The following information is essential to help people use SGD:

  • How to log in to SGD.

    Users need to know the login URL. Use https://server.example.com/sgd, where server.example.com is the name of an SGD server.

    Users need to know what user name and password to enter to log in to SGD.

    Users may need to know how to install the SGD Client manually on their computer. See Installing the SGD Client Manually in the Oracle Secure Global Desktop User Guide.

    SGD supports several mechanisms for authenticating users. The user names and passwords depend on the enabled authentication mechanisms. By default, users can log in with their UNIX or Linux system user name and password.

  • How to run applications.

    Users need to know how to start and stop applications.

    The applications users can access through SGD may run on many different application servers. When a user clicks a link to start an application, SGD may prompt them for a user name and password for the application server. Users need to know what user names and passwords to use.

  • Where to get help.

    All users have a link to the SGD documentation on their workspace. Click Help.

9.2 Viewing the Documentation

On the SGD workspace, click Help to view the online documentation for configuring and using SGD. The online documentation is also available when using the Administration Console.

Documentation can be accessed from the following locations:

See the following documents for more information on how to install, use, configure, and administer SGD:

  • Administration and Configuration. The Oracle Secure Global Desktop Administration Guide describes how to administer and configure SGD. This manual includes procedures on how to integrate SGD with your existing authentication infrastructure, and how to use the tarantella command to manage and configure SGD.

  • Installation. The Oracle Secure Global Desktop Installation Guide contains detailed information on installing and upgrading the SGD software.

  • Using SGD. The Oracle Secure Global Desktop User Guide provides information for new users of SGD.

  • SGD Gateway. The Oracle Secure Global Desktop Gateway Administration Guide describes how to install, configure and manage the SGD Gateway. This is an optional component that provides proxy server and load balancing functionality for an array of SGD servers.

  • SGD Enhancement Module. The Oracle Secure Global Desktop Enhancement Module Administration Guide describes how to install and control the SGD Enhancement Module. This is an optional component that can be installed on application servers and provides extra functions such as audio services.

  • Release Notes. The Oracle Secure Global Desktop Platform Support and Release Notes includes information on new features, supported platforms, and known issues.

  • Deployment Scenarios. The Oracle Secure Global Desktop Deployment Guide covers some typical SGD deployment scenarios.

  • Securing SGD. The Oracle Secure Global Desktop Security Guide describes how to enhance security for your SGD deployment.