Beruflich Dokumente
Kultur Dokumente
Introduction 1
Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of 2X SOFTWARE Ltd. 2X ApplicationServer is a copyright of 2X SOFTWARE Ltd. 1999-2012 2X SOFTWARE Ltd. All rights reserved.
Introduction 2
Contents
Introduction 6
What is 2X ApplicationServer and How Does it Work? .................................... 6 How Does it Work? ........................................................................................... 6 2X ApplicationServer System Requirements .................................................... 7
Installing 2X ApplicationServer
2X ApplicationServer Services........................................................................ 12 Pre- Configuration MS Terminal Server Settings ............................................ 13 Server Settings................................................................................................ 13 Connection Settings ........................................................................................ 14
Configuring 2X ApplicationServer
16
Introduction to the Configuration of ApplicationServer ................................... 16 2X ApplicationServer Console Environment & Components .......................... 17 Components of the Navigation Bar ................................................................. 17 Console Environment ...................................................................................... 18 Console Environment Basic Layout ............................................................. 19 Main Menu - 2X Console Settings .................................................................. 20
2X Startup Wizard
23
Publish a Virtual Desktop ................................................................................ 24 Publish an Application ..................................................................................... 25 Publish a Desktop ........................................................................................... 27 Setup LoadBalancer ....................................................................................... 28
Farm
29
Terminal Servers ............................................................................................. 31 Find a Terminal Server ................................................................................... 32 Add a Terminal Server .................................................................................... 33 Editing a Terminal Server ............................................................................... 34 Delete a Terminal Server ................................................................................ 41 Server Groups ................................................................................................. 41 VDI Hosts ........................................................................................................ 42 Find a VDI Host ............................................................................................... 43 Add a VDI Host ............................................................................................... 44 Edit a Virtual Host ........................................................................................... 51 Delete a Virtual Host ....................................................................................... 51 Check Agent.................................................................................................... 52 VDI Virtual Guests Settings ............................................................................ 53 Pool Management ........................................................................................... 55 2X Templates .................................................................................................. 59 Maintenance Mode ......................................................................................... 62 Persistent Guests ............................................................................................ 67 Remote PCs .................................................................................................... 68 Find Remote PCs ........................................................................................... 69 Add /Delete Remote PCs ............................................................................... 70 Edit a Remote PC ........................................................................................... 71 Gateways ........................................................................................................ 75 Installing the 2X Secure Client Gateway Remotely from the 2X Console...................................................................................................... 76 2X Secure Client Gateway Properties ............................................................ 78 Backup Servers ............................................................................................... 92 Adding 2X Backup Servers ............................................................................. 93 Modifying 2X Backup Servers ......................................................................... 96 Promoting a Backup server to Master Server ................................................. 96 Solution Guide................................................................................................. 97
Introduction 3
Load Balancing
98
Load Balancing ............................................................................................... 98 Counters .......................................................................................................... 99 Advanced Settings ........................................................................................ 100 Tunneling Policies ......................................................................................... 101
Publishing
104
2X Publishing Wizard .................................................................................... 104 Applications ................................................................................................... 105 Folder ............................................................................................................ 121 Publish Document Content ........................................................................... 142 Publish Applications using Drag and Drop ................................................... 150 Publish Applications Configuration ............................................................... 151 Setup LoadBalancer ..................................................................................... 152
2X Universal Printing
153
2X Universal Scanning
156
Connection Settings
159
Client Manager
172
Devices ......................................................................................................... 172 Devices States .............................................................................................. 173 Manually adding a device ............................................................................. 174 Editing device settings .................................................................................. 190 Deleting a device........................................................................................... 190 Allow/Deny devices ....................................................................................... 190 Options .......................................................................................................... 191 Device Report ............................................................................................... 196 Groups .......................................................................................................... 198 2XOS ............................................................................................................. 200 Printers .......................................................................................................... 202 Banner ........................................................................................................... 204 Scheduler ...................................................................................................... 205 2X Client Policies Tab ................................................................................... 207
Information
212
Status Tab ..................................................................................................... 212 Notification Tab ............................................................................................. 213 Logging Tab .................................................................................................. 215 Auditing Tab .................................................................................................. 216 Software Update Tab .................................................................................... 217 Support Tab .................................................................................................. 218
Reporting
220
Selecting a Reporting Engine ....................................................................... 220 Using eG Innovations Reporting Engine ....................................................... 220
Licensing
224
Introduction 4
226 227
2X Terminal Server Agent System requirements ......................................... 227 Installation Procedure ................................................................................... 227
232
2X VDI Agent System requirements ............................................................. 232 Installing the 2X VDI Agent Manually ........................................................... 232
238 243
2X Guest Agent System requirements ......................................................... 243 Installing the 2X Guest Agent Manually ........................................................ 243
248
2X PC Agent System requirements .............................................................. 248 Installing the 2X PC Agent Manually ............................................................ 248
2X Additional Utilities
253
2XA Generator .............................................................................................. 253 Parameters.................................................................................................... 253 2XA Generator Examples ............................................................................. 254
Features
255
Additional Resources .................................................................................... 257
258
Introduction ................................................................................................... 258 Knowledgebase............................................................................................. 258 Request Support via E-mail .......................................................................... 258 Request Support via Phone .......................................................................... 258
About 2X
259
Introduction 5
INTRODUCTION
Introduction 6
Introduction 7
INSTALLING 2X APPLICATIONSERVER
Before you run the installation procedure please make sure that you are logged on with administrator rights and that the system requirements are met. Make sure all other Window programs are closed. The 2XAppServer.msi file can be found on our website, www.2X.com, available as a free download. Run the 2X ApplicationServer setup program on the machine to be used as your access point to your terminal servers and/or virtual hosts. Choose what to install according to your needs and requirements. Two common scenarios are the regular gateway scenario and the direct mode scenario. For more advanced and alternative scenarios and solutions please read 2X Server Based Computing Guide.
Double click on the 2XAppServer.msi file and a welcome dialog box will appear. Click Next.
Accept the license agreement by checking the I accept the terms in the License Agreement checkbox.
Installing 2X ApplicationServer 8
Accept the default location or Browse to where you want to install 2X ApplicationServer and click Next.
Installing 2X ApplicationServer 9
Click on Finish to launch the Configuration Utility. If the utility does not automatically open, go to Start>2X Application Server Console to launch the utility.
Installing 2X ApplicationServer 10
Setup Completed
Installing 2X ApplicationServer 11
2X ApplicationServer Services
To start, stop and configure 2X ApplicationServer Services, run the Microsoft Management Console Services.msc. 2X ApplicationServer services are configured to start automatically when the system starts. The services installed depend on the installation you selected.
2X Secure Client Gateway, 2X Publishing Agent, 2X Redundancy Service and 2X Terminal Server Agent, 2X VDI Agent
2X Publishing Agent - provides load balanced applications and desktop publishing. 2X Redundancy Service - provides redundancy to 2X ApplicationServer 2X SecureClientGateway - tunnels all traffic needed by 2X applications on a single port and provides secure connections. 2X TerminalServer Agent provides terminal server information to 2X Publishing Agent 2X VDI Agent provides VDI host information to the 2X Publishing Agent NOTE: All users who are connected via the 2X Secure Client Gateway will be disconnected if the 2X Secure Client Gateway service is stopped or restarted. Note that the default port (80) may already be in use (for example, by an HTTP server) in this case it will be necessary to use a port number not currently in use by other local services.
Installing 2X ApplicationServer 12
Server Settings
Click on Server Settings and click the Restrict each user to one session option. This enables reconnections to previously disconnected user sessions, conserving server resources. NOTE: This feature is also configurable in the Load Balancing section.
Installing 2X ApplicationServer 13
Connection Settings
Select Connections and double-click the RDP-TCP connection. This will open the RDPTCP Properties dialog box.
Logon Settings
Verify that the Always prompt for password checkbox is unchecked; allowing clients to launch applications using the credentials that have been saved on the 2X Client. This will avoid unnecessary repeated authentication cycles.
Installing 2X ApplicationServer 14
Environment Tab
Environment
On the Environment tab make sure that the option Run initial program specified by user profile and Remote Desktop Connection or Terminal Services client is ENABLED. Click Ok.
Installing 2X ApplicationServer 15
CONFIGURING 2X APPLICATIONSERVER
To open the 2X ApplicationServer Console go to: Start > [All] Programs > 2X > ApplicationServer > 2X ApplicationServer Console
Configuring 2X ApplicationServer 16
Farm Add Virtual Desktop Hosts, Microsoft Terminal Servers and Citrix Servers to the farm.
Load Balancing Choose the load balancing method to be used. Publishing Publish applications, application groups, virtual desktops and desktops. Universal Printing Enable Universal Printing to each Terminal Server. Universal Scanning Enable Universal Scanning to each Terminal Server. Connection Settings Configure which port to use for each service. Client Settings Configure and enable client settings. Information Find information about the modules used, enable logging, and enable notification.
Licensing Obtain or review your licensing information and license number for 2X ApplicationServer products.
Configuring 2X ApplicationServer 17
Console Environment
Console Environment/Publishing
1.
The Navigation Bar enables you to navigate through the main features offered by 2X ApplicationServer Console. You can also change which features are displayed using the View Menu. The Published Applications Explorer panel is a navigational tree which represents the organization of your published applications, application groups and desktops. The Published Applications Properties panel contains up to four additional tabs that will display Information, Publish From, Application and Filtering options for each published application. The Publishing Tools allow you to Add, Delete, and Disable, Sort and Find for selected published applications. You can also move your published applications using the Move Up or Move Down tools. The publishing tools also provide you with the ability to publish your applications to the web. The Toolbar consists of a set of tools grouped together that provides quick and convenient access to commonly performed operations.
2.
3.
4.
5.
Configuring 2X ApplicationServer 18
1. The Navigation Bar enables you to navigate through the main features offered by the 2X Console. You can also select which main feature to be displayed from the View Menu. 2. The Properties Pane is the main area from where you can edit and modify each configuration. 3. The Information Pane gives a quick look and summary about the particular selected page. 4. The Toolbar consists of a set of tools grouped together to provide quick and convenient access to commonly-performed operations.
Configuring 2X ApplicationServer 19
To Backup Settings Click File and Export Settings and make sure to save the .dat file in a secure location. To Restore Settings Click File and Import Settings and open the .dat file. The settings will be retrieved and activated after you click the Apply button. The configuration files include all the settings that have been configured and saved throughout the 2X ApplicationServer console. This includes all terminal servers, load balancing methods, list of applications, connection settings and the license keys. This tool is very useful as a configuration backup procedure, especially if you would like to distribute the same settings across other installations of the 2X ApplicationServer applications.
Configuring 2X ApplicationServer 20
View Menu
The View Menu enables you to navigate through the main features offered by the 2X Console. You can also choose to view or not to view the toolbar from this menu.
Language Menu
Changing the language to your preferred language is as easy as clicking on the Language menu. This feature allows you to change all functions in the console to your preferred language. The default language will use the language that is configured in the Regional and Language Options.
Help Menu
The Help menu contains several features listed below: Access the 2X ApplicationServer by clicking on Manual Online version of the manual Obtain contextual help about a particular field or control by clicking on Help>Context Help. When the mouse pointer changes to a ? pointer, you are able to click on any item and display relevant help for that particular field or control. You may also use F1 or click on the Help button located in the right bottom corner of the console. To order online while you are using the console, click on Help and select Order Online A new page will open in your default browser guiding you on how to order this product. Sending a query to 2X support is as easy as clicking on the Help menu and selecting Send Support Request. A form will load and you will be able to enter the details of the problem and your information. Version information of the product. NOTE: The application will automatically send your settings and the current log file so that 2X support can replicate your problem. You are also able to send an attachment with your query such as a screenshot to support your query.
Configuring 2X ApplicationServer 21
Toolbar Settings
To customize the toolbar, right click in the Toolbar area and select Customize You can customize the button and icon view according to your preferences.
Toolbar Settings
Configuring 2X ApplicationServer 22
2X STARTUP WIZARD
2X ApplicationServer incorporates a Startup Wizard which will guide you through each step needed to setup Virtual Desktops, Published Applications, Published Desktops or Terminal Servers (for load balancing) in a quick and efficient manner. In the toolbar area, simply click on the Wizard icon or you can also choose from the options located in the tool bar of 2X ApplicationServer Console. NOTE: Press Cancel if you want to configure your farm manually. Click here to go directly to setting up your Farm.
Startup Wizard
Start by selecting what you want to publish. You can choose from: Virtual Desktop Add a new Virtual Host and publish a virtual desktop. Published Application Add a new Terminal Server and publish applications. Published Desktop Add a new Terminal Server and publish a desktop. Setup LoadBalancer Add Terminal Servers to the 2X LoadBalancer
2X Startup Wizard 23
Enter a Name and Description for the published virtual desktop. Properties In the Connect to field, choose where you want your Virtual Desktop to connect to: Any Guest The Virtual Desktop connects to any guest from a selected Pool. Click on the drop down arrow to choose which Pool to connect to. Specific Guest - Will connect the virtual desktop to a specific Guest. Click on the drop down arrow to choose Virtual Guest. Guest - Connects the Virtual Desktop to a Guest from a selected Pool. Click on the drop down arrow to choose the Pool. In the where name equals field, select the Username or IP Address. Specific 2X Template This option will allow you to connect the Virtual Desktop to a specific 2X Template.
Persistent Checkbox Check this box so that the User connects to the same Guest. (Available with Any Guest, Guest and Specific 2X Template)
2X Startup Wizard 24
Publish an Application
Select where you want to publish the application from: All Servers in Farm - includes all the servers that are added to the farm. If only one server is present you will be automatically be taken to the Startup Wizar d Publish Applications dialog box. Server Groups This option is not available for publishing applications. Individual Servers - allows you to choose the servers you would like to use to publish an application one by one by checking the checkbox next to the name of the server. New Server - add a new server to the farm and use it to publish an application.
Publish An Application
2X Startup Wizard 25
Add Applications
Click on the Browse button and select the Executable (.exe) file of the application that you would like to publish. You can also drag and drop an executable (.exe) file onto the box at the top of the dialog box. You will see a new entry in the list box which shows all applications that will be published. When all applications to be published have been selected, click on Finish.
Publish Applications
2X Startup Wizard 26
Publish a Desktop
Select where you want to publish the desktop from: All Servers in Farm - Includes all the servers that are added to the farm. If only one server is present you will be automatically be taken to the Startup Wizard Publish Applications dialog box. Server Groups This option is not available for publishing desktops. Individual Servers - Allows you to choose the servers you would like to use to publish a desktop, by checking the checkbox next to the name of the server. New Server - Add a new server to the farm and use it to publish an desktop.
Published Desktop
After you have determined the source of the published desktop, all you need to do is name it and add a description. Click Finish to complete the process.
2X Startup Wizard 27
Setup LoadBalancer
Select Setup LoadBalancer. Each available server in the farm is listed and the information regarding each Agent is also listed. Select the connection type. The choices are MS Terminal Server (RDP), Citrix Server (ICA) or Both (RDP/ICA). Check the box next to each server that you would like to add to the LoadBalancer.
When you have selected all the servers that you want to add, simply cl ick on Finish.
2X Startup Wizard 28
FARM
2X ApplicationServer provides connectivity with Multiple Farms and the ability to publish seamless applications or published desktops from multiple servers simultaneously.
Farm 29
From the toolbar, select the component to add from the following:Terminal Server VDI Host Remote PC Gateway Backup Server
Farm 30
Terminal Servers
On this page you can add Terminal Servers or Citrix Servers to the farm. You have two options to add servers to the farm. You can either automatically search for available Terminal Servers or Citrix Servers within your domain by clicking the Find button Or You can click on the Add button to add the Terminal Servers or Citrix Servers if you know the machine name or IP address.
NOTE: The checkbox next to the server name indicates that the particular server is available to users on this farm. To disable a server temporarily, uncheck this box.
Farm 31
All Terminal Servers and Citrix Servers within your domain will appear on the list of available servers to your farm, also identifying terminal server type (Windows or Citrix) and availability of 2X Terminal Server Agent on the respective server. To add a server to the farm, enable the checkbox in front of the server name. Click the OK button to save your changes.
NOTE: It will be necessary to install 2X Terminal Server Agent on all Terminal Servers and Citrix Servers before they can successfully participate in a load-balanced farm.
Farm 32
2X ApplicationServer will check and make sure that the 2X Terminal Server Agent is installed. Check the status and if the service is not installed, click the Install button. . If you unable to install the Terminal Server Agent please refer to section TS Agent manual Installation to manually install the agent.
Farm 33
Properties Tab
Enable or disable the use of the terminal server in the farm by using the Enable Server in farm checkbox. To change the server name or IP address of a particular terminal server, use the Server field. Each terminal server can be configured to accept RDP traffic, ICA traffic or both from the Type field. Enter the maximum number of sessions you want this server to accept. A Description can be added to each server to clearly identify each terminal server.
Farm 34
Agent settings
Enter the RDP port that will be used to connect a session. The Change Direct Address checkbox allows you to configure and enter a new direct address. This address is used in Direct Connection mode only (internal or external IP address); depending on where your clients will be. If the IP address is external, they must be assigned at your firewall to your servers. Publishing Session Timeout field is used to set the amount of time that each session will stay connected in the background after the user has closed all published applications. This is done to avoid unnecessary reconnections with the server. Selecting the Allow Client URL/Mail Redirection box allows http and mailto links to be opened using local applications instead of using terminal server resources. The Configure allows the Administrator to block any URLs from being redirected to the clients. To block URLs, from being redirected to the client, click Configure to open the following window as shown:
Farm 35
Click Add and insert the URLs to be blacklisted in the list box. Press OK after adding the URLs. To edit a URL from the list box, select the URL you want to edit and click Edit and make the necessary changes. To remove a URL from the list box, select the URL you want to remove and click Remove. Please note that URLs that has the first part matching the entry are not sent to the client. URLs are compared as a string and name resolution is not performed. Selecting the Allow 2XRemoteExec to send command to the client would allow the server session to send commands to the client. This is done by using the command line application called 2XRemoteExec packaged with the 2X ApplicationServer. Command line options include the following: Command Line Parameter -s Parameter Description Used to run the 2XRemoteExec in silent mode. When inserted in the command line, pop up messages from the application will be displayed. Omitting this parameter would not display any pop up messages. Is used to specify the timeout until the application is started Timeout must be a value between 5000ms and 30000ms. Note that the value inserted is in ms. If the timeout expires the command returns with an error. Please note that the application might still be started on the client. Shows a help list of the parameters that 2XRemoteExec uses. The Application that will be started on the client as prompted from the server.
-t
The following table shows examples on how to run the 2XRemoteExec.exe command line application: Examples Shows a message box briefly describing the parameters that can be used. 2XRemoteExec -? 2XRemoteExec C:\Windows\System32\Notepad.exe 2XRemoteExec s t 6000 C:\Windows\System32\Notepad.exe C:\read me.txt Action Shows a message box briefly describing the parameters that can be used. Shows a message box briefly describing the parameters that can be used. Runs notepad on the Client. Opens the document C:\read me.txt using notepad on the Client. No message is shown and 2XRemoteExec would wait for 6 seconds or until the application is started.
Farm 36
Logging allows the server to log actions that occur on the server; and also identifies any issues related to the server. Click on Request Log to download a copy of the log file. You can clear the servers log file by clicking Clear Log File. This feature can also be accessed on the Terminal Servers tab by right-clicking directly on the server and clicking on Debug Mode. To be able to download or clear the log file, the 2X Terminal Server Agent must be running in debug mode.
Farm 37
The RDP Printer tab gives you the option of selecting the format of redirected printers. The format may vary depending of which version and language of the server you are using. Set your RDP Printer Name Format by choosing from the following three options: Printername (from Computername) in Session no. Session no. (computername from) Printername Printername (redirected Session no)
Farm 38
Check Remove session number from printer name to remove the session number from printer name.
Check Remove client name from printer name to enable that feature.
Printer Settings with Redirected Printer, Removed Client Name and Session Number
Farm 39
Scheduler Tab
Scheduler
Using the Scheduler, you can configure your terminal server to not accept connections between set times. To add a Scheduler Entry simply click Add and enter the date and time you want to restrict access to the terminal server. The Duration field accepts time in days, hours, minutes, seconds or any combination. Example: 3 days, 5 hours, 45 minutes, 30 seconds. The Repeat field allows you to repeat the scheduled entry.
The Scheduler tab will be available when editing the terminal servers properties. On disable field allows you to choose what action should be taken for current sessions by 2X ApplicationServer , once a terminal server has been disabled during a scheduled active entry.
Farm 40
NOTE: 2X Terminal Server Agent should be installed on each terminal server added to the farm. 2X Terminal Server Agent collects the information required by the 2X Publishing Agent so that each session is able to load balance according to available resources. For more information on installing the Terminal Server Agent, please refer to section TS Agent Manual Installation to manually install the agent.
Server Groups
Click the Add button in the Server Groups Panel to create a server group or to organize your terminal servers in groups. In the Name field type the name of the server group; then select the servers that should be included in that group. Server Groups are useful when you want to publish an application or a desktop which is located on a number of MS Terminal Servers but not in the entire farm. For example, you can group MS Terminal Servers that host particular applications and then select that group in the Publish From tab when publishing applications. Groups are also useful when configuring specific filters so that connections to non published desktops can be redirected to specific servers.
Group Properties
Farm 41
VDI Hosts
The VDI Hosts page contains the settings that allow you to add VDI Hosts (VMware, Microsoft HyperV, Citrix, Parallels, Microsoft Virtual Server, Oracle VirtualBox, Virtual Iron, etc). There are two ways to add a VDI Host to the farm. You can automatically search for available VDI Hosts within your domain by clicking the Find button or you can click on the Add button to add the VDI Hosts, if you know the machine specifications.
NOTE: The checkbox next to the server name indicates that the particular server is available to users on this farm. To temporarily disable a server, uncheck this checkbox.
Farm 42
All VDI Hosts within your domain will appear on the list of available servers to your farm, also identifying agent status, host type and version. To add a server to the farm, check the box in front of the server name the click OK. Click on the Install Agent button to install the VDI Agent. For more information please refer to Installing the 2X VDI Agent Manually.
Farm 43
Farm 44
2X ApplicationServer will check to make sure the 2X VDI Agent is installed. If the Agent did not reply or the service is not installed, click the Install button. NOTE: To install the VDI host manually, refer to Installing the VDI Agent Manually section of this manual.
Farm 45
To enable this host in the farm, make sure that the Enable Host in farm box is checked. In the VDI Type: field, select the VDI provider of the host and enter the version that you are using into the VDI Version field. To change the host name or IP address of a particular VDI host, use the VDI Host field. Enter port number in the VDI Port: field. Appliance settings can only be used with certain servers. Please refer to the list of approved providers and choose the specific document for more information on how to connect to your virtual host. To start using the new host, please enter the username and password of the host. If you would like to test the username and password before using, click on Check Credentials before clicking OK.
Farm 46
Agent Settings
To connect to the VDI Host directly check the Change Direct Address box. This address is used in Direct Connection mode only (this is an internal or external IP address) depending on where the clients will be. (If external, these IP addresses must be assigned at the firewall to your servers). Enter a Description so that the host can be easily identified. In the Max connections field, enter the maximum number of connections this host will accept. Publishing Session Timeout field is used to set the amount of time that each session will stay connected in the background after the user has closed all published applications. This is done to avoid unnecessary reconnections with the server. Checking the Allow Client URL/Mail Redirection box allows http and mailto links to be opened using local applications instead of using terminal server resources. Logging allows the server to log actions that occur on the server; basically used to identify any issues related to the server. Click on Request Log to download a copy of the log file. You can clear the servers log file by clicking Clear Log File. To be able to download or clear the log file, the 2X Terminal Server Agent must be running in debug mode. NOTE: It will be necessary to install 2X VDI Agent on all VDI Hosts before they can successfully participate in a load-balanced farm.
Farm 47
The RDP Printer tab gives you the option of selecting the format of redirected printers. The format may vary depending of which version and language of the server you are using. Set your RDP Printer Name Format by choosing from the following three options: Printername (from Computername) in Session no. Session no. (computername from) Printername Printername (redirected Session no)
Farm 48
Check Remove session number from printer name to remove the session number from printer name.
Check Remove client name from printer name to enable that feature.
Printer Settings with Redirected Printer, Removed Client Name and Session Number
Farm 49
Scheduler Tab
Scheduler Tab
Using the Scheduler, you can configure your virtual server to not accept connections between set times. To add a Scheduler Entry simply click Add and enter the date and time you want to restrict access to the terminal server.
Farm 50
The Duration field accepts time in days, hours, minutes, seconds or any combination. Example: 3 days,, 5 hours, 45 minutes, 30 seconds. The Repeat field allows you to repeat the scheduled entry. The Scheduler tab will be available when editing the terminal servers properties. The On disable field allows you to choose the action taken on the current sessions by 2X ApplicationServer once a terminal server is disabled while a scheduled entry is active.
Farm 51
Check Agent
Once you have finished adding your Virtual Desktop Hosts, select a virtual host and click the Check Agent button. If the 2X Publishing Agent can communicate with the 2X VDI Agent running on the host, you will receive this message:
NOTE: Make sure that the 2X VDI Agent is installed on each Virtual Desktop Host added to the farm. 2X VDI Agent will collect the information required by the 2X Publishing Agent to load balance each session according to available resources.
Farm 52
The above example shows a particular Guest in a Suspended state. The only option available is to Start the service. In the example below, the selected Guest is in a Powered On state, so the options are to Stop, Suspend or Reset.
Farm 53
To view the advanced settings of the a selected Virtual Guest, click on Properties....
Enable Do not use this guest checkbox so the system ignores the particular Virtual Guest. The Computer Name field allows you to set the network name (domain name / IP address) of the computer that the system will use to connect to the Virtual Guest. The Port field contains the port number that the system will use to connect to the Virtual Guest. Use the Connection Timeout field to set a time limit on attempts a 2X ApplicationServer can connect to the particular Virtual Guest. Protocol is the method used for 2X ApplicationServer to communicate with the Virtual Guest. You can set what actions the guest will take if a user disconnects from a session by choosing an option from the If session disconnects drop down list. You can choose the amount of time that needs to pass before the selected action is taken. A session can be terminated after the user disconnects from the session. You can choose the amount of time that needs to pass before the disconnected session is terminated. The user can reconnect to a previous session if that session is still available.
Farm 54
Pool Management
Pools offer administrators more flexibility when managing an extensive number of Guests, especially when they are implemented in large company infrastructures. 2X ApplicationServer console provides the framework and tools needed to create a complete Pool Management foundation. To add a Pool to your farm click the green + symbol and then enter the Pool name. To delete a Pool, click on the Pool in the Name list and then click on the red - symbol.
Farm 55
Choose from the following types of Guests: All Guests in Farm: All guests that are located in the farm.. All Guests in Host: All guests that are located on a particular host. Guest: A single guest located in the farm. Native Pool: Group of guests that have been previously configured from the hypervisor management tool. Please note that the hypervisor may use different terminology instead of pools (e.g. resource pools) 2X Template: Guests that are automatically created from a 2X Template.
Wildcard Function
The Wildcard field is used to match specific guests from any available guests within a pool. Select the guests from the list and add to your Pool. Use the asterisk ( * ) symbol to match any characters. For example, XP* will find only guests whose name starts with XP and *XP* will find guests with XP in their name.
Farm 56
Pool Guests
The Pool Guests button allows you to view and manage Guests in a particular Pool. Select a Pool and the Guests that are included in that Pool appear in the Virtual Guests List. Click on the Refresh button to view new additions to the Pool list. Click on a Guest in a Pool and then click on Clear Settings
Choose a Guest from the Virtual Guests List and click on Check Agent to verify that the Guest Agent is installed.
Farm 57
The Guest Advanced Settings dialog box appears and you can further configure each Guest in the Pool. Enable Do not use this guest checkbox so the system ignores the particular Virtual Guest. The Computer Name field allows you to set the network name (domain name / IP address) of the computer that the system will use to connect to the Virtual Guest. The Port field contains the port number that the system will use to connect to the Virtual Guest. Use the Connection Timeout field to set a time limit on attempts a 2X ApplicationServer can connect to the particular Virtual Guest. Protocol is the method used for 2X ApplicationServer to communicate with the Virtual Guest. You can set what actions the guest will take if a user disconnects from a session by choosing an option from the If session disconnects drop down list. You can choose the amount of time that needs to pass before the selected action is taken. A session can be terminated after the user disconnects from the session. You can choose the amount of time that needs to pass before the disconnected session is terminated. The user can reconnect to a previous session if that session is still available.
Farm 58
2X Templates
With the aid of 2X Templates you can better utilize host resources. 2X Templates allows you to automatically create and deploy Guest VMs when needed. To create a 2X Template, click on the 2X Templates tab and then click on Add
Creating a 2X Template
The Virtual Guests List dialog box appears. Select a Guest that will be designated as a 2X Template, then click on OK.
Adding a 2X Template
Farm 59
Once you have selected which guest you will be converting to a 2X Template, the Guest Agent Information dialog box appears containing all the information that is associated with that particular Guest.
Creating a 2X Template
If the agent is not verified or installed, you can install it by clicking the install button. The Guest Agent makes it possible to create new clones, use universal printing and scanning.
Farm 60
After the Guest Agent has been installed a new dialog box appears showing the updated Guest Agent information. Click Make Template to create a 2X Template.
Given that clones are created from the templates, it is possible to view information about the clones created from the templates by clicking Info
Farm 61
If the Guest Agent needs to be updated, you can do it from this window.
Maintenance Mode
If there is the need to update the template OS, you need to put the template into Maintenance Mode. In the mode the OS can be booted and modified, Once the desired changes have been applied you can put the template off Maintenance Mode. This is required when you need to: install Operating System service packs, install new software, or uninstall current packages. During maintenance mode, clones cannot be created from the guest, and the entry from the 2X Templates in Farm becomes greyed out.
2X Templates List
NOTE: When maintenance mode is applied on a template, this will only effect newly created VMs. Any VMs already created, are not effected.
Farm 62
2X Template Properties
Select a 2X Template from the list and then click on Properties. The 2X Template Properties dialog box opens.
Properties Tab
Properties Tab
2X Template: Enter a descriptive name for the 2X Template or re-name existing templates. Maximum Guests: The maximum number of guests that can be created. Pre-created Guests: Enter the number of guests that will be pre-created so that users will find a desktop ready without having to wait for the cloning process to finish. Guest Name: Enter the Guest Name. Please note that each guest name is appended with the guest ID. If you dont want to allocate space on the server for Guests that are not in use, enable the Check the Delete unused guests checkbox and set the time limit if you would like the guests that are not being utilized deleted.
Farm 63
Advanced Tab
The Folder field is the location where the newly created guests (created from the 2X Template by ApplicationServer) will be created. This folder feature is available for Hyper-V, Parallels Server4, Citrix Xen and VCenter .
If the hypervisor you are using supports Native Pools, then the newly created Guests will be part of the specified Native Pool: location.
VmWare ESX, VmWare VCenter and VmWare Server 2 support Native Pools.
Farm 64
Sys Prep Tab The SysPrep tab contains settings you need to be able to join your Guest to either a workgroup or a domain.
SysPrep Tab
Computer Name: Enter the computer name that will be using the 2X Template guest. Owner Name: Enter the user or owner name of the user that will be using the 2X Template guest. Organization: Enter your organizations nam e Administrative password: Enter the administrator password. Join workgroup: Select this option if the guest will be part of a workgroup. Enter the workgroup name in the field provided. Join domain: Select this option if the guest will be part of the domain. Enter the appropriate information such as the domain name and the administrative credentials.
Farm 65
License Keys Tab The License Keys tab allows you to add the licensing information of the Guests operating system.
Click on Add and the Add License Key dialog box appears. Enter the License key information and the maximum number of guests that will be using the license.
Farm 66
Persistent Guests
When a published application from a guest is set as persistent, the first time a user launches the application, the publishing agent will create a persistent guest rule. Below is the list of rules that the publishing agent preserves. The publishing agent will always connect the user to the same guest when the persistent rule is used. The Persistent Guests can be viewed and managed on this tab. The information that is provided includes the Guest name, Host IP address, the last time this guest was used, when the persistent guest rule was created and the state of the persistent rule. Click on the headings and you can choose to show or hide any of the column headings.
Click on the Refresh button to view new additions to the Persistent Guests list. To delete a persistent guest entry, select and click on Delete. To delete all the existing persistent guests in the list, click on Delete All. Choose to automatically remove persistence if the guest is not used for the specified amount of time. Choose from 24 hours, 1 day, 1 week or 30 days.
Farm 67
Remote PCs
With Remote PCs, a physical machines desktop can be published (after it is added to the Farm). This will enable 2X Clients connected to 2X ApplicationServer to open RDP connections directly to a physical computer as opposed to a virtual desktop or a terminal server session. Automatically search for available Remote PCs within your domain by clicking the Find button or click on the Add button to add a Remote PCs.
Remote PCs
NOTE: The checkbox next to the PC name indicates that the particular PC is available to users on this farm. To disable a PC temporarily, uncheck the box.
Farm 68
All available PCs within your domain will appear in the list of personal computers in your farm. The Agent status is identified and the MAC address is also listed. To add a PC to the farm, enable the checkbox in front of the PC name. Click the OK button to save changes. Click on Install Agent if the remote PCs agent is not found or needs to be installed
Farm 69
To delete a Remote PC, select it and click on the Delete button. You can also use the Delete key from the keyboard instead of using the Delete button.
Farm 70
Edit a Remote PC
To edit a Remote PC, select a remote pc from the list and click on Properties. Or double click on a remote pc in the list and the properties dialog box opens.
Remote PC Properties
Properties Tab Make sure that Enable Remote PC box is checked so the new Remote PC is enabled in your Farm. In the Remote PC field, you can enter or edit the name of the remote pc. Enter the MAC Address of the PC you would like to add. Use the Get MAC button, if you are adding your local machine, to easily get the MAC Address. Note: The MAC Address is needed if you want to use the Wake on LAN feature. When running a published PC desktop from the 2X Client, you will need the MAC address to boot up a PC that may be switched off. The Protocol field identifies the protocol used by the Remote PC. A Description can be given which can be used to easily identify different Remote PC;s from one another.
Farm 71
Agent Settings Tab The Port field contains the port number that the system will use to connect to the Remote PC. You can configure the direct address by checking the Change Direct Address box and entering a new direct address. This address is used in Direct Connection mode only. This can be an internal or external IP address; depending where the clients will be. If external, the IP address must be assigned at your firewall to your servers.
2X ApplicationServer is able to wake a PC by sending a packet over the network. This will continue until the receipt of the packet is acknowledged or until the connection is timed out. In the Connection Timeout field, choose a connection time-out. The Publishing Session Timeout field allows you to designate a time before the publishing session times out conserving system resources. Checking the Allow Client URL/Mail Redirection box allows http and mailto links to be opened using local applications instead of using terminal server resources.
Farm 72
RDP Printer Tab The RDP Printer tab gives you the option of selecting the format of redirected printers. The format may vary depending of which version and language of the server you are using. Set your RDP Printer Name Format by choosing from the following three options: rintername (from Computername) in Session no. ession no. (computername from) Printername rintername (redirected Session no) P S P
You can also remove the session number and the client name from the printer name by enabling each of the corresponding checkboxes. Examples are shown below.
Farm 73
Printer Settings with Redirected Printer, Removed Client Name and Session Number
Farm 74
Gateways
The 2X Console can manage all the 2X Secure Client Gateways on the Farm and will list them in the Gateways section. The 2X Secure Client Gateway can also be remotely installed on a server. Any 2X Secure Client Gateways connected to a 2X Publishing Agent will be automatically added and listed as Auto Discovered.
Farm 75
Farm 76
Before installing the 2X Secure Client Gateway, you can choose to override the system credentials that will be used for authentication. Click Install to start installing the 2X SecureClientGateway service on the remote server.
NOTE: In order to install the 2X Secure Client Gateway, select Custom in the Installation Type and check the 2X Secure Client Gateway option. Please refer to Installing 2X ApplicationServer for more information on how to install the 2X Secure Client Gateway.
Farm 77
From the Properties tab, you can enable or disable the 2X Secure Client Gateway in the farm. The server name and the IP address of the server can be edited on the properties tab. Enter a brief description to easily identify the 2X Secure Client Gateway. NOTE: The Server and IP(s) fields can not be edited if the 2X Secure Client Gateway is installed locally.
Farm 78
Network Tab
2X Secure Client Gateway Port (default TCP 80) is used to tunnel all 2X traffic. The traffic that is tunneled through this port include the 2X Publishing Agent traffic (load balanced application and desktop publishing), HTTP Server and RDP traffic. The 2X Secure Client Gateway Port can also be used to tunnel secure connections (SSL). RDP Port (default TCP 3389) is used for clients who require basic load balanced desktop sessions. Connections on this port do not support published items. If terminal services are enabled on the machine where the 2X SecureClientGateway is installed, the RDP Port should not be the same as the one for the standard RDP (3389). Citrix Port (default TCP 1494) is used for the incoming Citrix connections which will be forwarded to the configured Citrix servers according to the load balancing configuration. To disable this service, uncheck the box in front of Citrix Port. Enable the Broadcast 2X Secure Client Gateway Address checkbox to broadcast the 2X Secure Client Gateway address, so that 2X Clients will be able to auto find their primary server (2X Secure Client Gateway address).
Enable Thin Client Support to allow thin clients on the network to connect to 2X ApplicationServer. This will enable the Thin Client devices to download a version of 2XOS and install it on the Thin Client or to Network Boot 2XOS. The Client Heart Beat Server Port is used to obtain Thin Client states (see section Devices States). You can change the TFTP timeout if you are experiencing timeouts while downloading the OS files. TFTP port is used to transfer the 2XOS from the server to the client. When you enable the DHCP Proxy the system will allow the 2XOS to discover the TFTP server on the network. If you disable DHCP proxy, you must manually setup your DHCP server with the boot server name and bootfile name. Please note that gateways set in forwarding mode do not support Thin Clients.
Farm 79
Advanced Tab
Gateway Mode From the Advanced settings you can configure the operation mode of the gateway. You can choose between Normal mode and Forwarding mode. In the Normal mode all requests are forwarded to the 2X Publishing agent and to the HTTP Server configured. You can add backup servers with the main server in use. In the Forwarding mode all requests are forwarded to the next 2X Secure Client Gateway in the Chain, this is normally used where cascading Firewalls are found. When the gateway is set in forwarding mode the following considerations have to be followed: NOTE: All ports must be the same on each 2X Secure Client Gateway. Therefore, if a 2X Secure Client Gateway on server A is listening on port 80 and is configured to forward the requests to 2X Secure Client Gateway on server B, server B should be configured to listen on port 80. This also applies for the Citrix port (default 1494) and SSL (default 443). NOTE: In order to install 2X Secure Client Gateway, select Custom in the Installation Type and check the 2X Secure Client Gateway option. Please refer to the chapter entitled Installing 2X ApplicationServer for more information about how to install the 2X Secure Client Gateway.
Farm 80
NOTE: If you have problems starting the service, check the Log File and Event Viewer for more information. Please note that if the configured 2X Secure Client Gateway port is assigned with another service, the 2X Secure Client Gateway Service will not be able to start the service. In this case you must either configure the default port (80) to another port or configure the other service to use another port. NOTE: Users will not be able to connect through the gateway if this service is stopped. All connections running through 2X Secure Client Gateway Service will be dropped if the service is stopped or restarted. IP Address It is also possible to bind the Gateway with a certain IP address. This feature provides the Administrator with the ability to open the 2X Secure Client Gateway for certain IP address instead of opening 2X Secure Client Gateway on all available addresses.
Farm 81
You can optimize the connection for selected IP Addresses to improve the experience of clients which have high latency or slow connections. This has most effect when an RDP connection uses large amounts of data. It is suggested that for internal connection this option is not used. To configure connection optimization, click the button adjacent to the Optimize connection for the following IPs: field, and the following window is shown. You can optimize the connection from one of the following options: All available addresses Connection coming from any IP address will be optimized. Specific addresses Connections coming from the IP addresses selected from the list will be optimized. None from the available No connections from the available IP addresses will be optimized.
Enabling the RDP DOS Attack Filter checkbox protects the Gateway from Denial of Service.
Farm 82
SSL/TLS Tab
SSL/TLS Configuration
You can enable Secure Sockets Layer (SSL). In SSL mode, the 2X Secure Client Gateway provides end-to-end SSL encryption to your terminal servers. If you want your clients to connect to the 2X Secure Client Gateway using SSL, check Enable SSL on Port: checkbox. The port number used for SSL connections can be changed. By default, 2X ApplicationServer allows both SSL v2 and SSL v3. You can choose to only allow the use of SSL v3 by enabling Allow only SSL v3 checkbox. Enable the Allow only strong ciphers checkbox to set the gateway to a medium to high level of encryption.
Farm 83
To use SSL and secure the connection, you must enter a Private Key file and a Certificate file. You can use your own or simply click on Generate new certificate to create them. Enter your information and the FQDN of your 2X ApplicationServer (Common name) and click Save.
NOTE: If clients are not able to connect with port 443 because of firewalls or other policies, they could also use the 2X Secure Client Gateway port (default 80) to connect using SSL. 2X Secure Client Gateway offers the ability to tunnel SSL traffic over port 80.
Generating Certificate Requests 2X Application Server XG offers the possibility to automatically create Certificate Signing Requests (CSR).This helps the Administrators to purchase the correct SSL certificate by providing the correct information. 1. To generate Certificate Signing Requests first you need to enable SSL in the 2X Secure Client Gateway Properties from the SSL/TLS Configuration window shown above. 2. Press the button Generate certificate request and the following window will pop up.
Farm 84
3. Select the Key size for the certificate request. 4. Insert the information required into the text boxes as shown above. 5. After inserting all the necessary information, click Save and note that the Certificate Request is generated as shown below.
6. The generated information for the Certificate Request is shown above. NOTE: You can copy the information to be sent to the Certificate Authority so that the correct certificate is purchased by clicking the Copy button. NOTE: You can cancel the certificate request by clicking the Cancel Request button.
Farm 85
Importing the Public Key The button Import public key becomes enabled after generating the certificate request.
To Import the Public Key provided from the Certificate Authority, Click the Import public key and browse for the certificate file containing the public key. After pressing Open the certificate file is read successfully and the name is shown in the Certificate file: read only text box. Press OK after importing the certificate file.
Farm 86
Security
The security tab allows you to filter connections through your gateway by matching MAC addresses. Administrators are able to block out MAC addresses or allow only the specified entries to run published applications.
Security Tab
There are two options to choose from: Allow all users except the specified MAC addresses, or: Allow only the specified MAC addresses.
To allow all MAC addresses except the address specified, then select Allow all except: radio button and click on Add
Farm 87
A list of Available clients will appear. Select which client you do not want to allow access to published applications. You can select any one of the listed MAC addresses or type in a MAC address, and click OK.
As provided by the example below, the selected machine is not allowed to connect and run published applications.
To allow only the selected MAC addresses select Allow only and then click Add
Farm 88
Security Tab
Select one of the listed MAC addresses or type in a pre known MAC address, and click OK.
Farm 89
Now as you can see in the above dialog box, only one machine is allowed to run published applications.
Farm 90
Wyse If you are using Wyse ThinClient OS and want to publish applications from 2X ApplicationServer, check the Enable Wyse ThinOS Support box. The 2X Secure Client Gateway will then act as a Wyse broker.
Click the Test button to verify your DHCP Server settings. 2X suggests that you enable SSL on this gateway when you enable Wyse ThinOS Support.
Farm 91
Backup Servers
You can add, find and configure the properties of all Backup Servers on the Farm so that if the Master server fails, the next server in the list will take over. The backup servers can also be used as additional 2X Secure Client Gateways to evenly distribute the load on each gateway.
Windows Machine 2X SecureClientGateway (port 80) 2X Publishing Agent SSL Enabled over port 80/443
MS Terminal Server 2X Terminal Server Agent Windows Machine 2X Backup Publishing Agent
Redundant ApplicationServer
Backup Servers
Farm 92
When the state of the selected server is Agent Not Found it means that the 2X Publishin g Agent is not installed on the selected server. Therefore you would need to install this service. If you choose a backup server that does not have the agent installed, the Take Over button changes to the Install Agent button. If a 2X Publishing Agent is already in use it means that the particular server is already configured as a master server in another farm. Taking over this server will override any settings currently configured on the particular machine.
Farm 93
Enter administrative credentials to be able to install the 2X Publishing Agent on the selected server which will be used as a backup server. Click Install or Take Over after youve entered the administrative credentials. You should note that the service has been installed successfully if the installation is completed. Click Done when finished. When 2X Publishing Agent is already in use one can Take Over the server and use it as a backup server.
Farm 94
You can also use the Add button to manually add 2X Backup Server. Enter the name or the IP address of the server to be used as a backup server and click Next.
A status information message will guide you on what to do next. Most often you will have to install the 2X Backup Server by clicking the Install button. Then proceed with the following dialog boxes If an older version of the 2X Backup Server is already installed you would have to update the server by clicking the Update button.
NOTE: The Install button changes according to the status of the selected server. It will change to Update if an older version of the 2X Backup Server is found, while it will change to Take Over if the selected server is already configured with a 2X Publishing Agent configured as the master server.
Farm 95
Farm 96
Secondly, click Promote to Master button to promote the current backup server as a Master Server. Promotion to a Master server requires a reactivation of the products which is done automatically and requires an Internet connection. The 2X Terminal Server Agents will use this server (previously used as a 2X Backup server) as the new Master server.
Solution Guide
The 2X Server Based Computing Guide will help you find the tailor-made solution for your company's IT infrastructure. Click here for a complete list of scenarios and more information on server based computing.
Farm 97
LOAD BALANCING
Load Balancing
To configure the 2X LoadBalancer, click on Load Balancing in the Navigation bar in the 2X Console. On the Load Balancing tab you can choose the load balancing method to be used, which counters to be used for the selected method and you can choose to enable a reconnection to a disconnected session or reconnect to same user sessions.
Resource Based Load Balancing: in this method, 2X LoadBalancer will retrieve the load information for all terminal servers in the farm and, based on the counters chosen, will determine the terminal server that will handle the incoming connection. Three different counters are available: Round Robin Load Balancing: in this method, 2X LoadBalancer will identify the next available terminal server and forward the incoming connection accordingly, regardless of available resources on the server.
Load Balancing 98
Counters
User Sessions: This option will redirect users to the server with the least number of sessions in use. Memory: This option will redirect users to the server with the best free/used RAM ratio. CPU Utilization: This option will redirect users to the server with the best free/used CPU time ratio. If more than one option is selected for load balancing, the 2X LoadBalancer will add the counter ratios together, and redirect the session to the server with the most favorable combined ratio. The recommended setting is to enable all three options, unless there is a particular need for one of the options available. NOTE: It will be necessary to install 2X Terminal Server Agent on all terminal servers and Citrix servers and/or 2X VDI Agent on all Virtual Desktop Hosts before each server can successfully participate in a load-balanced farm. The Reconnect to disconnected sessions option allows the 2X Publishing Agent to redirect an incoming user session to a previously disconnected session owned by the same user. The Reconnect sessions using clients IP address only checkbox will need to be checked if reconnect is by IP address. You may also choose to reconnect active sessions by selecting Limit User to one session per desktop. Therefore if a user re-connects to a Terminal Server with an active session started by the same user, the user will be connected to the active session. NOTE: To limit users to one session per desktop, make sure that the setting Restrict each user to one session is enabled at Terminal Servers>Terminal Services>configurations>Connections.
Load Balancing 99
Advanced Settings
Click on the Configure button. You can change the default timeouts for the Terminal Server Agents. In normal scenarios, you should use the default settings
Declare TS Agent dead This option is the amount of time that the 2X Publishing Agent should wait for each 2X Terminal Server Agent before declaring that particular Agent as dead. TS Agent Refresh Time This option is the amount of time that the 2X Publishing Agent should re-check the connection with each 2X Terminal Server Agent. Enable CPU Load Balancer The CPU Load Balancer setting plays an important role in the 2X Terminal Server Agent. When enabled it controls the processes that are using the most CPU resources. The 2X Terminal Server Agent is given a High base priority. If the terminal server CPU resources begin to exceed 95%, the processes that are using the most CPU resources are given a low priority, yet all other applications continue to operate normally. Click on the Exclude List button and another dialog box will open that allows you to add Processes that will be excluded from load balancing.
Tunneling Policies
On the Tunneling Policies tab you can set specific filters so that native RDP & ICA connections can be redirected to specific terminal server(s). Load balancing rules are useful when assigning a group of terminal servers or a specific terminal server with a 2X Secure Client Gateway IP. Therefore connections initiated from that particular IP will be load balanced to a corresponding group or a particular terminal server. NOTE: Load Balancing Rules are applicable only to non-published desktop sessions.
Default Rule
The <Default> rule is pre-configured as the last rule which will catch all non configured gateway IPs. By default, this rule is configured to load balance the sessions between all servers in the farm. However, you can change the properties of this rule by selecting the default rule and clicking on Properties.
Rules Properties
All Servers in Farm All connections initiated through this interface will be load balanced between all servers in the farm. One should note that the default rule is already pre-configured to load balance native RDP & ICA sessions between all servers in the farm. Server Groups All connections initiated through this interface will be load balanced with the selected group. One can select one or more groups to be associated with this interface as shown in the figure below. These Terminal Server Groups can be configured on the Terminal Server page.
Native RDP&ICA Load Balancing Rule Load Balance between Server Groups
Individual Server All connections initiated through this interface will be load balanced with the selected individual servers. When you select individual servers, connections initiated from the selected interface will be load balanced with the selected terminal server. You may also configure an IP address to be associated with just one single server. None All connections initiated through this IP will be denied. This option is ideal in order to deny connections initiated from the configured gateway IP. For security reasons this setting is useful when you want to allow connections from a certain interface. With this option you can configure connections initiated from the specified gateway IP to not be forwarded (load balanced) to any terminal server.
When you have finished configuring the rule with a particular gateway IP (interface), click OK to save the rule. To re-configure a rule, select the particular rule and click Properties. To delete a rule, select the particular rule and click Delete. NOTE: You can create only one rule for each gateway IP.
PUBLISHING
2X Publishing Wizard
2X has made it even easier to publish applications, folders, documents and desktops, by adding searching, sorting and the ability to duplicate published items.
Select Publishing from the Navigation toolbar and click the Add button from the Publishing tools located at the bottom of the screen. You can also right-click on any of the Published Resources and choose from Add, Find, Duplicate, Disable and Delete to easily manage your published resources.
You can also select any published resource from the list and manage it using the Information, Publish From, Application and Filtering tabs located on the main screen of the Publishing module. Each of these functions are explained in detail in the following pages.
Publishing 104
Applications
One of the most useful features available on 2XApplicationServer is the ability to publish seamless applications individually to your users. This means users will only see the applications you give them access to and not a full terminal services desktop (when using terminal services only). After clicking on Add from the publishing tool bar, a new dialog box, Select Item Type, will show. Choose Application and click on Next.
Publishing 105
Publish From If only one server is listed in the terminal server list, the wizard will skip the Publish From dialog box (shown below) and continue to Application Settings. In the Publish From dialog box you can choose which Server Groups or Individual Servers you want your application to be published to. You can choose to publish the application from All Servers in Farm *, choose a Server Group, or choose Individual Servers. NOTE: If you choose to publish the application to All Servers in Farm or to Server Groups, make sure the application is available in all selected terminal servers.
Choose from which Terminal Server/s you want to publish the application
* All Servers in Farm is the terminology used to indicate the whole list of terminal servers which can be configured from the Terminal Server tab on the Terminal Servers page
Publishing 106
Select the type of server from which you want to publish your application.
Publishing 107
Select what type of application you want to publish. Choose from a single application, an Installed application or a predefined application such as Windows Explorer.
Publishing 108
Application Settings The Application panel provides fields for the Name and Description of the application. The Name and Description fields can be left blank and will be filled in automatically if you browse to the application using the target field. You also have the ability to specify the run mode when the published application is launched. The options are to launch the application in a normal window, in full screen mode or minimized.
Application Settings
Publishing 109
Click Change Icon button to use a different icon. Select a new icon from the executable file or from other locations by clicking on Browse....
Publishing 110
Shortcuts
Create a shortcut on the client desktop for the application by checking the Create shortcut on Desktop box. Create a shortcut in the client Start Menu Folder by checking Create shortcut in Start Folder box. You can specify which folder to create a shortcut in by using \ and the name of the folder. For example, to create the shortcut for MSWORD in a folder called 2X Published Items\Office Apps, you should specify 2X Published Items\Office Apps. You can also use the keyword %Groups% to create a shortcut according to the published groups. Check the Create shortcut in Auto Start Folder to create a shortcut in the start folder.
Publishing 111
File Extensions On the File Extensions tab you can associate file extensions on the client side with the particular published application. Select one or more extensions to be associated with this published application. To add other non-default file extensions, click the Add button and enter the file extensions separated by a semicolon as shown in the figure above. You can also edit and delete file extensions by clicking on the extension and then clicking either Edit or Delete.
Publishing 112
Licensing
Checking the Disable Session Sharing box will allow you to isolate every published application to one (1) session. Every published application will have its own session on the server. If the same application is launched twice then it will be deployed in the same isolated session. To publish an application and enforce a single instance of that application enable Allow users to start only one instance of the application checkbox. If you are trying to publish an application with a limited amount of licenses, enter the amount of available licenses you want to publish. In the If Limit is Exceeded field, choose from the following options: Warn user and do not start this option will warn the user that the number of licenses has been exceeded and will not publish the application. Warn user and start this option will warn the user that the number of licenses has been exceeded and will still publish the application. Notify administrator and start this option will notify the administrator that the number of licenses has been exceeded and will still publish the application. Notify user, administrator and start this option will notify both the user and the administrator that the number of licenses has been exceeded and will still publish the application. Notify user, administrator and do not start this option will notify both the user and the administrator that the number of licenses has been exceeded and will not publish the application.
Publishing 113
Display If you need to change the default behavior of the published application on the Client, you can modify the default color depth or the default resolution used by the client.
Selecting Wait until all 2X Universal Printers are redirected before showing the application , will start the published application after all 2X Universal Printers are redirected to the remote computer. If the printers are not redirected within the time limit set, the application will still be started. NOTE: Applications which use different color depth or different resolutions will run in a different terminal server session.
Publishing 114
Server Settings
The Target field provides the location of the executable or content file which resides on the terminal server. The target can include types such as a file, .exe files, word documents, images, batch files, and other types of content. Start in specifies the folder that contains the original item or another related files. Sometimes, programs need to use files from other locations. You can specify where the folder is located so that published applications are able to locate them. The Parameters field specifies the parameters that you may pass to access a published application. The Server Settings offer you the ability to configure all settings mentioned above for each terminal server. It is common for an application to be installed in different locations on each terminal server. To configure each terminal server individually, use the drop down list in the Server(s) field. When the selected server is not the local machine, you can browse for applications or content on the remote terminal server. This feature requires that the Terminal Server Agent is installed on the selected server. Note: This feature requires that TCP port 30004 is not blocked by any Firewall.
Publishing 115
Filtering
Click on Next and the Filtering dialog box appears. If you want to publish the application to certain users/groups, clients ,IP addresses ranges, or MAC addresses you must configure the Filtering properties.
Select the filtering type by clicking on the drop down arrow in the Select Filtering Type field. Possible types of filtering are: Type User Client IP Address MAC Address Description Filter by user name or group name Filter by the name of the user workstation Filter by a single or a range of IPs Filter by the client MAC Address
Publishing 116
User Check the Allow the following Users: checkbox and add the usernames/groups in the dialog Select Users or Groups. You can browse for users of groups using different modes. To restrict the search to users only, group only or both, please change the Default Object Type entry. WinNT This mode is faster than LDAP mode, but does not allow to process nested groups. LDAP This mode allows nested groups but is slower then the other modes. Secure Identifier Secure Identifier mode is the most efficient mode and supports nested groups.
Client First check the Allow the following Clients: and then select or type the Client (computer) name in the dialog Select Client as shown in the figure below. For Client names you can use the * character as a wildcard. For example if all your computer names start with CLIENT- simply type CLIENT-*.
Client Filtering
Publishing 117
IP Address First check the Allow the following IPs:, then click the Add... button. You can select to filter a single IP or a range of IPs.
IP Address Filtering
Click Finish to finalize the wizard, and the application youve just configured will be generated in the Published Applications Explorer area. The options can be edited by using the tabs in the Published Applications Properties area.
MAC Address First check the Allow the following MACs:, then click the Add button and select which MAC addresses to allow.
Click Finish to finalise the wizard, and the application being published would then be available only to the MAC address being selected.
Publishing 118
Installed Applications
Select which applications you would like to publish from the list of available applications already installed on the server. Click on Finish when you have selected all the applications you want to publish.
Publishing 119
Using the Predefined Applications tools, you can easily publish the Control Panel, certain Control Panel tools, the Printers and Faxes folder and even the entire explorer window.
Publishing 120
Folder
To publish a Folder with the wizard, click on Publishing in the Navigation bar and click on the Add button. From the Select Type dialog choose Folder. Folders are useful for organizing your published applications as you facilitate the Filtering options. You can configure the filtering options for a folder and the published applications for that group will have the same filtering settings by default.
You can also enter the description and modify the icon for each application group as shown in the above figure. Application Groups in the 2X Console will also be displayed as application groups on the client side and on the web. Click Change Icon button to use a different icon. Click on Next, to create certain filtering rules (User, Client, IP address) for the newly created folder. A published application or desktops that are listed under this folder will inherit the filtering rules of this folder.
Publishing 121
Desktop
2X ApplicationServer allows you to publish complete desktops to your user/client.
Publishing 122
Choose from which Virtual Hosts you want to publish the application
Click Next and select which terminal server you want to publish the desktop from. You may choose to publish a desktop from All servers in Farm or from Server Groups. In this case , the published desktop will be selected according to the best resources among the selected terminal servers. You may also choose to publish an individual desktop by selecting Individual Servers and then select the preferred server. * All Hosts in Farm is the terminology used to indicate the whole list of Virtual Desktop Hosts which can be configured from the Virtual Desktop Hosts tab on the VDI Hosts page. NOTE: If only one server is listed in the Terminal Server list, the wizard will skip the Publish From and continue with Desktop.
Publishing 123
Publish Desktop
Enter the Desktop Name and a Description for the published desktop. You may also change the icon for the published desktop. Click on Advanced Settings to create shortcuts on the clients desktop, in the Start folder or in the Auto Start folder of the particular published desktop.
Publishing 124
Publish Desktop
The Connect to console checkbox should be enabled to connect to the console session of the terminal server. This options works on MS Windows 2003 Terminal Server only. Desktop Size Choose, from the drop down list, the resolution you would like to use. Choose Custom to be able to enter your own resolution.
Publishing 125
Filtering Clicking on Next will display the Filtering dialog. If you want to publish the desktop to certain users/groups, clients or IP addresses/ranges you must configure the Filtering properties. Select the filtering type that you want by using the Select Filtering Type drop down list as shown in the figure below.
User First check the Allow the following Users: checkbox and select the Default Object Type. Add the usernames/groups in the dialog Select Users or Groups as shown in the figure below. Check Use LDAP mode when adding Users & Groups to add users and groups in LDAP format instead of WinNT format. Administrators can use LDAP format to filter users found in groups within groups.
Publishing 126
Client First check the Allow the following Clients: and then select or type the Client (computer) name in the dialog Select Client as shown in the figure below. For Client names you can use the * character as a wildcard. For example if all your computer names start with CLIENT- simply type CLIENT-*.
Client Filtering
IP Address First check the Allow the following IPs:, in the Select Filtering Type field and then click the Add... button. You can select to filter a single IP or a range of IPs.
Publishing 127
IP Address Filtering
Click Finish to finalize the wizard, and the desktop youve just configured will be generated in the Published Desktops Explorer area. The options can be edited by using the tabs in the Published Desktops Properties area.
MAC Address First check the Allow the following MACs:, then click the Add button and select which MAC addresses to allow.
Click Finish to finalise the wizard, and the application being published would then be available only to the MAC address being selected.
Publishing 128
Publishing 129
Choose from which Virtual Hosts you want to publish the application
Click Next and select which virtual hosts you want to publish the virtual desktop from. You may choose to publish from All Host in Farm* or from Host Groups. In this case, the published desktop will be selected according to the best resources among the selected terminal servers. You may also choose to publish an individual desktop by selecting Individual Hosts and then select the preferred server.
NOTE: If only one server is listed in the Terminal Server list, the wizard will skip the Publish From and continue with Desktop.
* All Hosts in Farm is the terminology used to indicate the whole list of Virtual Desktop Hosts which can be configured from the Virtual Desktop Hosts tab on the VDI Hosts page.
Publishing 130
Enter a name for the Virtual Desktop and a short Description. You may also change the icon for the published desktop. Click on Advanced Settings to create shortcuts on the clients desktop, in the Start folder or in the Auto Start folder of the particular published desktop.
Publishing 131
Properties There are 4 different properties which can be used by the Virtual Desktop: Connect to Any Guest will load any virtual desktop published to any user that logs in. Connect to Specific Guest will load the virtual desktop to the selected Guest. Connect to Guest will load the virtual desktop to the user where the name equals whos user name is the same as that of the virtual desktop or to users which are using a machine that has an IP address equal to the virtual desktops name. Connect to Specific 2X Template will connect the Virtual Desktop to a created 2X Template. The Any Guest, Specific Guest and Guest connections also allow you to select from which Pool you want your Virtual Desktop to connect to. Persistent Checkbox When a published application from a guest is set as persistent, the first time a user launches the application the publishing agent will create a persistent guest rule. The publishing agent will always connect the user to the same guest when the persistent rule is used.
Desktop Size Choose, from the drop down list, the resolution you would like to use. Choose Custom to enter your own resolution.
Publishing 132
Filtering Clicking on Next will display the Filtering dialog. If you want to publish the desktop to certain users/groups, clients or IP addresses/ranges you must configure the Filtering properties. Select the filtering type that you want by using the Select Filtering Type drop down list as shown in the figure below.
User First check the Allow the following Users: checkbox and add the usernames/groups in the dialog Select Users or Groups as shown in the figure below. Check Use LDAP mode when adding Users & Groups to add users and groups in LDAP format instead of WinNT format. Administrators can use LDAP format to filter users found in groups within groups.
Publishing 133
Client First check the Allow the following Clients: and then select or type the Client (computer) name in the dialog Select Client as shown in the figure below. For Client names you can use the * character as a wildcard. For example if all your computer names start with CLIENT- simply type CLIENT-*.
Client Filtering
Publishing 134
IP Address First check the Allow the following IPs:, in the Select Filtering Type field and then click the Add... button. You can select to filter a single IP or a range of IPs.
IP Address Filtering
Click Finish to finalize the wizard, and the desktop youve just configured will be generated in the Published Desktops Explorer area. The options can be edited by using the tabs in the Published Desktops Properties area.
MAC Address First check the Allow the following MACs:, then click the Add button and select which MAC addresses to allow.
Click Finish to finalise the wizard, and the application being published would then be available only to the MAC address being selected.
Publishing 135
Publishing 136
Remote PC Desktop Enter the Desktop Name and a Description for the published desktop in the fields shown. From this dialog you may also change the icon for the published desktop.
Advanced Settings button allows you to create shortcuts on the clients desktop or in the Start menu of the particular published desktop.
Publishing 137
Remote PC Select from a Remote PC from the available list that you would like to publish. For a Remote PC to be available, it must first be added to the Farm. Desktop Size Choose from the drop down list, the resolution you would like to use. Choose Custom to be able to enter your own resolution.
Desktop Size
Publishing 138
Filtering
Clicking on Next will display the Filtering dialog. If you want to publish the desktop to certain users/groups, clients or IP addresses/ranges you must configure the Filtering properties. Select the filtering type that you want by using the Select Filtering Type drop down list as shown in the figure below.
User First check the Allow the following Users: checkbox and add the usernames/groups in the dialog Select Users or Groups as shown in the figure below.
Browse Mode
Select the browsing mode for users and groups to the policy from the following: WinNT Faster mode of filtering than LDAP but does not allow Administrators to filter users found in nested groups. LDAP Administrators can use LDAP mode to filter users found in nested groups. Secure Identifier Administrators can use Secure Identifier mode to filter users found in nested groups. This mode also supports renaming of groups.
Publishing 139
Client First check the Allow the following Clients: and then select or type the Client (computer) name in the dialog Select Client as shown in the figure below. For Client names you can use the * character as a wildcard. For example if all your computer names start with CLIENT- simply type CLIENT-*.
Client Filtering
Publishing 140
IP Address First check the Allow the following IPs:, in the Select Filtering Type field and then click the Add... button. You can select to filter a single IP or a range of IPs.
IP Address Filtering
Click Finish to finalize the wizard, and the desktop youve just configured will be generated in the Published Desktops Explorer area. The options can be edited by using the tabs in the Published Desktops Properties area.
MAC Address First check the Allow the following MACs:, then click the Add button and select which MAC addresses to allow.
Click Finish to finalise the wizard, and the application being published would then be available only to the MAC address being selected.
Publishing 141
Publishing a Document
Publishing 142
Select the type of server from which you want to publish your documents.
Publishing 143
To publish documents such as Word and Excel spreadsheets, select the document type. Select the content type by checking each document type in the Filters list. You can also you can enter a Custom content type by typing in the selection in the field provided. You can also enter a specific content type and if there is more than one, separated by a semi-colon. i.e. text; *.texts; *.pub*.
Publishing 144
Enter a name and a description related to the document in the fields provided. The Name and Description fields can be left blank and will be filled in automatically if you browse for the document using the Target field. The Run field allows you to specify which run mode will occur when the published application is launched. The options are to launch the document in a normal window, in a full screen mode or to open in a minimized window. Click Change Icon if you want the published document to use a different icon and select a new icon from the executable file or from other locations by clicking Browse... in the Change Icon dialog box.
Document Settings
Publishing 145
Advanced Settings
Click on the Advanced Settings button to view the Advanced Application Settings.
Shortcuts Tab To create a shortcut for the document on the desktop (client side), enable Create shortcut on Desktop checkbox. To create shortcuts for the document in the Start Menu Folder (client side) enable the Create shortcut in Start Folder checkbox. You can create a shortcut under certain folders by using \ and the name of the folder. You can also use the keyword %Groups% to place the shortcut according to the published groups. Check the Create shortcut in Auto Start Folder if you would lik e to create a shortcut in that location.
Publishing 146
File Extensions Tab Add/Edit/Delete or display a list of file extensions that can be associated with this particular application and allows you to enable or disable each file extension association.
Licensing Tab You can isolate every published application to one (1) session. Every application that is published will have its own session on the server. If the same application is launched twice then it will be deployed in the same isolated session. If the Disable session sharing checkbox is enabled then no session sharing will occur.
Licensing Tab
To publish an application and enforce a single instance of that application enable Allow users to start only one instance of the application .
Publishing 147
In the Concurrent licenses: field, set the number of licenses that will be running concurrently. Further configure the licenses by selecting an option in the If limit is exceeded field.
Display Tab The display tab will allow you to set the Color Depth and Resolution of the published application. Click on the drop down arrows to choose best resolution for your applications.
Display Tab
Select Wait until all 2X Universal Printers are redirected before showing the application so that all printers are redirected to the remote computer before the published application is displayed. You can specify the maximum time to wait so that if the printers are not redirected the application is shown after the specified time elapses.
Publishing 148
Server Settings In the Server Settings you have the ability to configure the above mentioned settings for each terminal server. It is common that an application could be installed in different locations on each terminal server. To configure each terminal server, use the drop down list in the Server(s) field. Target is the location of the .exe file or content file which resides on the terminal server. Start in specifies the folder that contains the original item or some related files. Sometimes, programs need to use files from specific locations. You might need to specify the folder where these files are located so that the published application can find them. Parameters specifies the parameters that you may pass to your published application. When the selected server is not the local machine, you can browse for applications or content on the remote terminal server. This feature requires that the Terminal Server Agent is installed on the selected server.
NOTE: This feature requires that TCP port 30004 is not blocked by any Firewall. After you click Next, you can also create certain filtering rules (User, Client, IP address) for the created folder. Published applications or desktops listed under this folder will inherit the filtering rules of this folder.
Publishing 149
Publishing 150
After youve published an Application, Application Group, Desktop, Predefined applications or a Virtual Desktop using the Wizard or the drag and drop option, you may choose to re-configure each selected item by using the Published Application Properties Area. First select the item that you want to re-configure from the Published Applications Explorer tree and then choose the appropriate tab according to your needs. The tabs related with the published items are: Information A detailed summary related with the selected application. Publish From - To select from where you want to publish the selected item. Application To add or modify the application name and the description related with the selected application and an ability to configure the Target, Start in and Parameters for each Terminal Server. Filtering Ability to filter each application or group for certain users or computers according to the username, client name or IP address. For more detailed information about each tab, refer to section 2X Publishing Wizard Application.
Publishing 151
Setup LoadBalancer
After selecting Setup LoadBalancer a new page will load, listing all the servers available on the network and information about their Agent. Select which servers you would like to use for load balancing by checking the check box next to the servers. When you have selected all the servers that apply, simply click on Finish.
Publishing 152
2X UNIVERSAL PRINTING
Universal Printing
When using 2X ApplicationServer, the printing process is greatly simplified by the 2X Universal Printer, which is automatically installed when you install the agents for Terminal Server, VDI Guest and Remote PC. 2X Universal Printing will solve most printer driver problems. If the client is using a printer where the server does not have a suitable printer driver, the normal printing redirection will not work. You do not need to install a specific printer driver on the server when you are using 2X Universal Printing.. The 2X Universal Printer drivers are available in 32 and 64 bit format.
Starting from 2X ApplicationServer version 10.1, you can redirect multiple printers at the same time as opposed to the previous versions where only one printer (2X Universal Printer) was available on each terminal server. The administrator can choose the format of each printer name by editing the Printer rename Pattern text box. You can also choose to continue to work in legacy mode by choosing <2X Universal Printer> as the printer rename pattern, in this case only the first printer redirected by the client is utilized.
Variables You can use any of the following variables in the Printer Rename Pattern text box: %PRINTERNAME% %USERNAME% %SESSIONID% <2X Universal Printer> Client side printer name User name connected to the server Session ID of the active session Legacy mode (only one printer for all users)
Choosing <DEFAULT>, the default printer pattern is used. The default pattern is %PRINTERNAME% for %USERNAME% by 2X. Redirected printers are only accessible by administrators and the user who redirected the printer.
Choosing <2X Universal Printer>, only one printer will be shown on the server and is available for all users.
To enable or disable the functionality of 2X Universal Printing from each Terminal Server, VDI Guest or Remote PC in the farm, select the Terminal Server(s), VDI Guest(s) or Remote PCs and click Enable. Click on Select All to facilitate 2X Universal Printing on every type. To Disable Universal Printing, select the Terminal Server, VDI Host or Remote PC and then click on Disable.
Universal Printing page to enable or disable universal printing on each Terminal Server
Fonts Management
To control the embedding of fonts within a print job, go to the 'EMF Properties' tab and check/uncheck 'Embed Fonts'. By default a number of fonts will already be excluded since these are normally available on standard Windows platforms. If the client selects Enhanced Meta File data format for Universal Printing, you can select which fonts are embedded with the print job. To add a new font click on the Add button and select the font which you would like to add. To delete a font, select the font which you would like to delete from the excluded list and click the Delete button.
2X UNIVERSAL SCANNING
Universal Scanning
2X Universal Scanning uses TWAIN redirection to allow any application using TWAIN technology to use hardware connected to the client device for scanning. With 2X Universal Scanning there is no need to install any scanner drivers on the server. Only one scanner is shown on the server regardless of the number of users and sessions currently in use on the terminal server. The 2X Universal Scanning drivers come in 32 and 64 bit format. Note: Currently only 32-bit applications are supported. When you install the 2X Agent on any Terminal Server, VDI Agent or Remote PC, 2X Universal Scanning is automatically installed. To enable or disable the functionality of 2X Universal Scanning from each Terminal Server, VDI Guest or Remote PC in the farm, select the Terminal Server(s), VDI Guest(s) or Remote PCs and click Enable. Click on Select All to facilitate 2X Universal Printing on every type. To Disable Universal Scanning, select the Terminal Server, VDI Host or Remote PC and then click on Disable.
Scanning Applications
To allow a published application to make use of 2X Universal Printing, you need to add the application from the Scanning applications tab. Please note that some applications make use of different executables. For Universal Scanning to work, all the executables must be added in the Scanning applications tab. To add a scanning application, click the Add button or browse for an application that will use 2X Universal Scanning, such as Photoshop.
Scanning applications
Once an application is added, it can easily be deleted. Select the application then click the Delete button. This will not affect the installation of the application. It will only disable the use of 2X Universal Scanning for the application.
CONNECTION SETTINGS
2X Publishing Agent
On this page you may configure which port to use for the publishing agent service. You can also configure the authentication options.
Authentication Panel To make sure that every single client authenticates against 2X ApplicationServer before retrieving the list of published applications, enable Always require user credentials for application list checkbox. To authenticate against a specific Domain/workgroup, select the Domain radio button and enter the required domain/workgroup information. In case you want to select a new domain for authentication, sim ply click on the (browse) button and select the new domain to be used. You can also use the Default button to choose the default domain/workgroup used for authentication. Select All Trusted Domains if you want to authenticate with any trusted domain/workgroup. The Use client domain if specified box is checked by default. This option will allow the user to specify the domain to authenticate by their client (2X Client General options - Domain). If the client does not specify any domain, and this option is enabled, the authentication is done with the domain specified in the Authentication panel as displayed in the above figure. When this option is disabled, the clients will only authenticate with the domain specified in the domain field of the authentication panel on the server side.
It is recommended that you check the Always require User Credentials for application list, so that all users must authenticate before acquiring the application list. Click on the Clear cached session IDs to clear all cached session IDs. Make sure to click Apply to activate the above settings. Settings Panel In the Settings panel on the 2X Publishing Agent tab, the 2X Publishing Agent Port (default TCP 20002) uses a specific port to pass information about the published applications available to its clients. The default port is TCP 20002. Make sure the 2X Secure Client Gateway has access to this port otherwise it will not be able to retrieve the published applications list and load balance the application requests. The 2X Terminal Server Agent Port (default TCP 20003) is used to communicate with the 2X Terminal Server Agents which should be installed on the terminal servers or Citrix MetaFrame Servers. The 2X Terminal Server Agent provides information to the 2X ApplicationServer over this port.
Settings Panel
NOTE: In case you want to authenticate with a workstation not joined within a domain, you can also authenticate with the local users of the workstation. In order to specify authentication with a workstation, you must enter [workgroup_name] / [machine_name]. Therefore if you would like to authenticate against a machine named SERVER1 that is a member of the workgroup named WORKGROUP, you would have to enter: WORKGROUP/SERVER1 in the domain field. NOTE: In order to avoid user filtering problems, it is suggested to use the NetBIOS name instead the FQDN in the domain field.
Click on Settings and a new window will open, allowing you to configure your provider settings.
Deepnet Settings
When using Deepnet Provider please ensure that the correct type of server is selected. Deepnet Provider supports the following 2 Servers: DualShield Server Deepnet Server
To read on how to configure a DualShield Server, please click the link DualShield Server. To read on how to configure a Deepnet Server, please click the link Deepnet Server.
Safenet Settings
SafeNet Properties On the Connection tab, enter your OTP Service URL and then click on the Check connection button to verify url connection.
Modes: Mandatory for all users: All users use the same log on authentication. Create token for Domain Authenticated users: A new token is created for each authentication domain user Use only for users with a SafeNet account: Only users that have access to a SafeNet account will be allowed access.
TMS Web API URL: URL of the safenet server. This is required to be able to create tokens for Domain authenticated users User Repository: Where the authentication files reside on the server.
Radius Settings
Configuring Radius Properties The following window shows the connection properties:
1. In the Server text box enter the hostname or IP of the Radius Server. 2. In the Port text box enter the port number for the Radius Server. You can insert the default port (1812) number by clicking Default button. 3. In the Timeout text box, specify the packet timeout in seconds. 4. In the Retries text box, specify the number of retries when attempting to establishing a connection. The global timeout is timeout * retries. 5. Click the Check connection button so that you validate the above connection settings inserted. If the connection settings are configured correctly, you will see the following message:
6. In the Secret Key text box, insert the secret key which must match the secret key specified on the Radius server. 7. Specify the Password Encoding, either PAP (Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol), according to the setting specified on the Radius Server. Click Ok after configuring the connection settings.
Configuring Radius Attributes Radius Attribute Value Pairs might be needed in order to authenticate with your Radius server. To configure an Attribute Value please select the Attribute tab:
1. Select the vendor for the attribute from the Vendor dropdown list. 2. Select the vendor attribute from the Attribute dropdown list. 3. Enter the value for the selected attribute. The value can be a numeric value, a string, an IP or a time value.
Adding Vendor Attributes In order to manually add a Vendor Attribute, you need to modify the file RadiusAttr.def. Please find the file in the installation folder of Application Server. The default location of the Application Server is: C:\Program Files (x86)\2X\ApplicationServer The following describes how to add a new vendor called Vendor Example with 4 attributes values. 1. Open the RadiusAttr.def file with notepad.
2. Increment the count in the Vendor section . In this case the count was incremented from 18 to 19.
3. Add the vendor ID and vendor name as highlighted above. Please note that the id and name tag start with the previous count value.
4. Create a section under the vendor-Attributes using the id as the name of the section, in this case 777. 5. Add the count of attributes provided and enter the description for each attribute. Please note that the attribute type must be one of the following: Type String Numeric IP Time Value 0 1 2 3
6. Verify that the attributes added load properly in the configuration window.
Exclusion Panel
User / Group exclude list allows you to add users or groups within your active directory that will be excluded from using Deepnet Authentication. Client IP exclude list allows you to add IP addresses or a range of IP addresses that will be excluded from using Deepnet Authentication. Client MAC exclude list allows you to add MAC addresses that will be excluded from using Deepnet Authentication. Connection to the following Gateway IPs allows you to set a Gateway where users connected to the Gateway will be excluded from using Deepnet Authentication.
NOTE: For more information about Deepnet refer to the PDF document, Setting Up Deepnet for 2X ApplicationServer by clicking here.
The Allow published items listing only from selection gives the administrator the ability to allow published items only from the specified 2X Client running the build set or higher. For example, if the user from 2X Windows Client gets application listing from a 2X Client with a build lower than the one specified in the text box above, the following error is seen:
CLIENT MANAGER
This section provides a way to manage Clients and to help administrators to easily deploy ASXG components to Clients running on 2XOS.
Devices
In the devices section you add new devices to easily manage them. Managed and standalone clients will be listed under the List of Devices as illustrated below. You can Power On, Power Off, Reboot, Log Off, Shadow and configure Managed devices. Standalone devices are listed for information purposes only. All devices connecting to the farm are added automatically. You can add and configure a device running 2XOS even if not present on the network
NOTE: Devices deployed running 2XOS will be listed as Managed, all other operating systems are listed as Standalone. Managed devices show their state in real time.
Devices States
The following table shows the possible states a device can have. Each state can be distinguished with a specific color which can be configured (see section Options Section). States Off Booting Installing Connected Logged On Restarting Needs Approval Clients Denied Access Clients Standalone Clients Not Supported Clients Not Licensed Clients Errors Description States related to Thin Clients being switched off. States related to booting Thin Clients. States related to installing Thin Clients. States related to Thin Clients being connected to the system. States related to Thin Clients being Logged On to the system. States related to restarting Thin Clients. States related to Clients which need approval to boot with the system. States related to Clients which are denied to access the system. States related to Clients which are standalone. States related to Clients which are not supported. States related to Clients which are not licensed. States related to Clients experiencing errors.
Devices which are in Standalone state do not require a license. Managed devices which do not have a license will be marked as Not Licensed.
In the MAC address edit field, enter the MAC address of the Network Interface used by the Thin Client. The MAC address is used to auto enroll the device to a group previously configured. Please check section Groups. Click Next to continue.
The Main window allows you to edit the following information: 1. Hostname: The hostname used by the device. New devices are given a predefined name. If the Resolve Hostname button is pressed, the hostname for the last known IP is resolved. This may help in case where IP conflicts arise. 2. Member of Group: The group in which the current devices is enrolled. The device settings can be inherited from the group. For more information please go to the section Groups. 3. Permission: Determines if a device is allowed to authenticate the user with the farm. In case of a network boot and deny permission, the device is not allowed to boot. 4. Description: A friendly description that might help to describe better the Thin Client. Click Finish after entering all the settings to add the device. To m odify any Thin Client properties, select the Thin Client from the Devices list and click the Properties button. The following window will be shown:
Main Section
From Permission section set Thin Client permissions to Allow, in order to be able to access additional tabs to view other Thin Client properties.
Hardware Section
In this section you can configure the Hardware settings for the Thin Client. 1. Thin Client OS: Specify the 2XOS the device is using. If you select the default OS, the device OS is automatically modified if the default OS is changed. 2. ACPI: You can choose ACPI settings from Auto On, Always On, Compatibility (Do not manage interrupts), Compatibility (Manage interrupts) and Off. 3. Boot Method: You can specify the boot method for the thin client between hard disk install and Network boot.
4. Additional Boot Display Settings: You can specify additional boot display settings for Thin Clients which require such settings in order to boot with 2X ASXG. For predefined boot settings please click the dropdown button. 5. Printers: You can configure a printer by clicking Configure button and the following window will be shown. Printers should have been already been set on the system, please read Printers section.
Pre-Configured Printers
Select the Printer from the list of Pre-Configured printers and click OK. You can delete the printer by selecting the printer from the list and clicking the Delete button. 6. Force Display Settings: You can choose to force display settings to Thin Clients which by clicking the Force Display Settings button. The following dialog box will be shown.
From this window you can force the following display settings to the Thin Client: Video Card Driver. Resolution. Color Depth. Refresh Rate. Extend Desktop to Secondary monitor (Dual Screen Mode). Use Secondary monitor as primary display (Available only if dual screen mode is selected). Please note that Display settings should only be forced when auto detection does not work. 7. Sound: Select if you want sound to be enabled or disabled on the device. 8. Enable Terminal Support: To enable terminal support on the Thin Client select the checkbox. Click Next to continue.
To enable Auto Login, select the checkbox Enable Auto Login and specify a Username and Password to be used to log in the system automatically. NOTE: If the device is a member of a group, you can inherit these setting from the group if you check Use Group Settings. This option is available for all the settings categories. Click Next to continue.
Regional Section
In this section, you can specify the Regional settings. You can set the Region, Country and Language. Click Next to continue.
In this section you can specify the settings for the Mouse and Keyboard. After selecting the settings required, click Next to continue.
To enable the Screen Saver click the drop down box and select the Enable Screen Saver checkbox. Then specify the wait time before the screen saver kicks in. You can also choose to lock the desktop after the time specified for the screen saver elapses by selecting Lock Desktop. Click Next to continue.
Desktop Section
From this section, you select the desired desktop settings as shown below: 1. Desktop Manager: You can choose between an Advanced and a Simple desktop manager. Please refer to the 2XOS manual for further information. 2. Background Color: You can select the desktop background color for the device. Please note that this is only available for Simple desktop managers. 3. Background Text: You can specify text which will be displayed on the desktop background of the Thin Client. 4. Font Support: If your desktop may contain Persian characters please select the Font language needed. Please note that this is only available for Simple desktop managers. 5. Panel Type: The panel type determines how the OS taskbar is shown. If you specify Simple, the standard taskbar is shown, if you select Advanced a compact taskbar is shown which auto hides when not used. 6. Window Manager: You can choose between the Default window manager and an Enhanced Window manager where you can have desktop effects such as window shading if Effects checkbox is selected . Click Next to continue.
Browser Section
To enable a Browser on the Thin Client, select Enable Browser. To enable the Browser in full screen mode, select Enable Full Screen Mode. Please note that in Kiosk mode (see next section), this is automatically selected. In the name section you can type a specific name for the browser being enabled. In the homepage section you can specify a default homepage for the browser. If you require the use of a proxy server, you can configure a proxy server by clicking the Proxy Settings button and the following window will be shown:
You can configure an HTTP, HTTPS or an FTP proxy server. If your proxy server requires HTTP v1.1, you can enable the setting by selecting the Enable HTTP 1.1. You can select to use a proxy for local server by selecting Use Proxy for Local Server.
To use automatic proxy server configuration you can select the Use automatic proxy configuration and then inserting the location of the auto configured proxy in the underneath text box. After configuring the proxy settings required press OK. You can create bookmarks to the browser. Click the Bookmarks button and the following window will be shown:
Adding Bookmarks
To add a bookmark to the browser, click Add . The following window is then shown.
Adding Bookmarks
In the name text box, insert a friendly name which you can easily recognise. In the URL text box, insert the URL for the bookmark. Press OK to add the bookmark. The bookmark is then added to the list.
In this section you can add Remote Desktops for RDP, VMWare View and VNC connections. Please note that for Remote Desktop connections when the Device is in Kiosk mode, the screen resolution is automatically set to full screen.
Connection
In the Connection Name specify a friendly name for the remote connection. This is shown as the desktop shortcut. In the Primary Address, enter a valid name or IP for the host you need to connect to. Optionally, you can specify a Secondary Address so that if the primary connection fails, the secondary address is used instead.
You can specify the Port number. The default RDP port is set to 3389.
Options
In the Options section you can specify the screen resolution for the Remote Desktop. Apart from the standard resolutions available, you can specify a Custom resolution, by entering the width and height into the respective checkboxes.
Connection
In the Connection Name specify a friendly name for the remote connection. This is shown as the desktop shortcut. In the Primary Address, enter a valid name or IP for the host you need to connect to. You can specify the Port number. The default VMWare View port is set to 443. Please note that by default SSL is enabled. Select the Protocol for the VMWare View remote connection between RDP and PCOIP,
Options
You can select the Desktop Mode from the following modes: Prompt When you connect to the VMWare View desktop, you choose which desktop to connect to. Specific When you connect to the VMWare View desktop, the specified desktop is selected and you can confirm to connect to this desktop. Specific Unattended When you connect to the VMWare View desktop, you are automatically connected to the specified desktop. Please note that this mode does not allow the Client to log off from the desktop. Any unattended When you connect to the VMWare View desktop, you are automatically connected to any of the available desktops. Please note that this mode does not allow the Client to log off from the desktop. In the Options section you can specify the screen resolution for the Remote Desktop. Apart from the standard resolutions available, you can specify a Custom resolution, by entering the width and height into the respective checkboxes.
Connection
In the Connection Name specify a friendly name for the remote connection. This is shown as the desktop shortcut. In the Primary Address, enter a valid name or IP for the host you need to connect to. You can specify the Port number. The default VNC port is set to 5900. Specify the bandwidth from the available bandwidth speeds available from the dropdown box. Check the Shared checkbox to be able to share the same VNC connection with other clients connecting to the same Remote VNC desktop. Then if another Client connects to the VNC connection, the current connected Client will not be disconnected from his session. Check the View Only checkbox so that users are prohibited to send mouse or keyboard events to the remote VNC connection. Check the Promp for Credentials checkbox so that users are prompted for credentials before connecting to the VNC remote desktop.
Options
In the JPEG Quality section, you can specify the level of image quality encoded in JPEG format, for the VNC remote desktop. In the Options section you can specify the screen resolution for the Remote Desktop. Apart from the standard resolutions available, you can specify a Custom resolution, by entering the width and height into the respective checkboxes.
Kiosk Section
In this category you can enable the device to work in Kiosk mode. Kiosk mode allow one application to be started automatically when the user logs on. You can select between the following applications types: Browser RDP VMWare View VNC It is important to enable the application used as a type as described in previous categories.
Shadowing Section
To be able to shadow a manageable device, you can enable VNC service on the Thin Client being added by selecting on the Enable VNC Service button. To interact with the desktop being shadowed, select the checkbox Interact with Desktop. If you would like the client to request a password before allowing a shadowing session, insert a password in the Password text box. Administrators should then provide the password entered here before desktop shadowing is allowed. Please note that if you are shadowing the device from the console, you will not be prompted for the password. Request Authorization may be selected in order to ask for the Clients permission before shadowing a desktop. When selected, the Client may reject the request. Click Next to continue.
The RDP defaults section determines the settings for the connection made to the farm. 1. Connection The following connection modes are available: a. Gateway Mode: Clients are connected with the 2X Secure Client Gateway and the session connection is tunneled through the first available connection. This mode is ideal for servers which are only reachable via the gateway and do not require a high level of security. b. Gateway SSL Mode: Connection is made as in the regular gateway mode, but the connection is encrypted. c. Direct Mode: Clients first connect to the 2X Secure Client Gateway for the best available Server and then connect directly with that particular Server. This is best used when the client and the server are on the same network. d. Direct SSL Mode: This connection is created as in the Direct Mode option, but the connection to the 2X Secure Client Gateway is encrypted. 2. Color Depth Select the color depth that the Thin Client will use when connecting to remotely. 3. Redirect You can choose to redirect local devices to the remote computer. Select the devices you would like to redirect by checking the adjacent checkbox. 4. Bandwidth Select the desired connection speed to the Remote Desktop Connection. 5. Use primary monitor only Enable this to start Remote Connection in your primary monitor only and not have it span through all the monitors connected to your Thin Client. 6. Span desktop across all monitors Enable this option to span the published desktops across all connected monitors. 7. Compression Enable compression to have a more efficient connection. 8. Allow user to modify defaults Select the checkbox to allow the user to override these settings on the Thin Client.
Deleting a device
You can delete devices by selecting them and clicking the delete button.
Allow/Deny devices
To change the permission of a Thin Client from the devices list, select the Thin Clients and click Allow or Deny depending on whether you want to allow the device to authenticate with the farm.
Device Toolbar
The Device Toolbar allows you to perform several actions on the Devices and Devices list as described in the table below.
Devices Toolbar
1 2 3 4 5 6 7 8
Button Power On
Description Allows you to Power On selected Thin Clients. Also available in the Groups section. Power Off Allows you to Power Off selected Thin Clients. Also available in the Groups section. Reboot Allows you to Reboot selected Thin Clients. Also available in the Groups section. Log Off Allows you to Log Off selected Thin Clients. Also available in the Groups section. Shadow Allows you to Shadow selected Thin Clients. Not available in the Groups section. Search Allows you to Search for Devices. Not available in the Groups section. Advanced Search Allows you to configure an advanced search for Devices. Full Screen Allows you to view Devices list in Full Screen mode. Not available in the Groups section.
Advanced Search
With the advanced search administrators now have a more effective way to search and filter a long list of devices.
Devices List
The Advanced Search window can be opened by clicking the arrow as shown by button number 7 in the Device Toolbar Section. The Advanced Search offers nine criteria with which you can search the Devices list. The criteria is as follows: Criteria
Name MAC Address IP Client Version OS Version States Groups User Description
Type
String
Description
Entry allows you to search for a Device by name. This criteria supports single or multiple names. String Entry allows you to search for a Device by MAC address number. This criteria supports single or multiple MAC Addresses. Range Entry allows you to search for a Device by IP. This criteria supports a single or a range of IPs. Range Entry allows you to search for a Device depending on the Client Version. This criteria supports a single or a range of Client Versions. Selection Entry allows you to search for a Device depending on the OS Version. Selection Entry allows you to search for a Device depending on the Devices States. Selection Entry allows you to search for a Device by Group.. String Entry allows you to search for a Device by username. This criteria supports single or multiple users. String Entry allows you to search for a Device by description. This criteria supports single or multiple descriptions.
In the following example, the search must match all the following criteria: Devices with Name that match THINCLIENT-SUPPORT1 or THINCLIENTSUPPORT2 Device IP is within the range 172.19.0.100 to 172.19.0.150. Device States is set to specific with Powered Off. Device Groups is set for those Devices are enrolled to Support group. Device Description is set Devices are described to be Support Devices.
Then, OK is pressed and the devices which met with the criteria above are listed in the Devices list as shown below.
Please note how the search area is filled with the contents entered in the advanced search above.
In the following example, the search must match all the following criteria: Devices with MAC Address that match 00-0C-29 or 20-CF-30 or 10-40-F3 Device Client Version is within the range 10.1(Build 1000) to 10.1(Build 1500). Device States is set to specific with Standalone. Device Group is set to None (Not enrolled in group). Device Custom OS is set to iPad to list iPad Devices.
Then, OK is pressed and the devices which met with the criteria above are listed in the Devices list as shown below.
Please note how the search area is filled with the contents entered in the advanced search above.
In the following example, the search must match all the following criteria: Device OS Versions is set to specific for Windows, Linux and Android. Device Client Versions is within the range 10.1(Build 1000) to 10.1(Build 1500). Device States is set to Unmanaged. Device Group is set to None (Not enrolled in group).
Then, OK is pressed and the devices which met with the criteria abov e are listed in the Devices list as shown below.
Options
From the Devices Tab, click Options to open the options window as illustrated below:
Devices Options
Color Management
In this section you can change the color of every state the device can have. You can reset each color or all to their default value.
Device Report
From the list of devices shown in the Device section, you can obtain a device report from which it provides you with detailed information describing the hardware of the device. To obtain a device report, select and right click on the managed device you want from the list of devices available, and click Get Device Report. A typical report is shown below:
On the left hand pane, a tree is shown, with sorted information representing further categories as shown in the following table: Component Xorg.0.log Messages XF86Config Debug Dmesg.log Description XServer log details. 2XOS system messages log. XServer is a configuration file to set necessary configuration parameters for the X Server. 2XOS System and Session Information. Kernel system messages log.
You can save the report by clicking Save Report. Then choose the location where you want to save your report and click Save.
Device Information
To obtain information on a specific device, such as the Installation Type, OS Version, Last Log On Time etc, right click the device from the Devices tab, and select Get Device Information. A window with device information will be shown as follows:
Groups
This section allows you to manage Thin Client to groups. Applying settings to a group, will automatically update the settings inherited by the devices of all the enrolled devices within the group.
The Group name and MAC filter cannot be edited for the default group settings. The other settings categories can be edited. Please note that these settings are the same as those in section xxx.
Adding Groups
To add a group click Add and the following window will be shown:
In the Group name text box you enter the name of the group being added. In the MAC filter text box insert a MAC address pattern. Devices automatically added to the system which match the MAC address pattern will be enrolled in the group. Specify the Permission according to the following available entries: Permission Allow Deny Needs Approval Description Allows the devices which are enrolled in this group to authenticate with the farm. Denies enrolled devices to authenticate with the farm. Devices with this action will mark enrolled devices as Needs Approval from the administrator before are allowed to authenticate with the farm.
In the Description text box, insert a friendly description of the group. Other settings for the Auto Login, Regional, Input devices, Screen Saver, Desktop, Hardware, Shadowing and RDP Default Settings can be configured. These settings can be inherited by devices which are enrolled inside the group. Press OK when you finish configuring the group settings.
2XOS
In this section, you can add 2X Operating Systems which you can assign it to thin client devices.
To add a 2XOS, click Add button and the following window will be shown:
Adding 2XOS
The Available 2XOS list box, shows the available 2XOS residing either locally or in the Web. To add 2XOS locally, click Browse. From the File Open window, go to the location and select the 2XOS.zip file. Click Open and the 2XOS will be added to the list of available 2XOS.
To add 2XOS to the Client Manager, select the 2XOS you want to add from the checkboxes and click Add. The files will be downloaded to the Client Manager as shown in the status section below:
After downloading is done, click Done. To rename a 2XOS, select the 2XOS from the list, and clic k Rename. Type the new name for the 2XOS. You can change the default 2XOS to any from the list available. You can do so by selecting the 2XOS you want as default and then click Set Default. Any group or a particular devices can be assigned to the default OS, thus when changing the Default OS, all the related devices will have their OS changed. You can check for updates for any 2XOS added to the Client Manager by clicking the Check for Updates button.
Printers
This section can be used to manage printers for the Thin Clients or Thin Client Groups used with this farm. Printers may be added in the list so that these will be assigned to the Thin Clients or Thin Client Groups.
To add a printer to the List of Thin Client Printer, click Add and you will see the following window.
In the Printer Properties window enter the printer name in the Name textbox.
From the dropdown lists specify the Manufacturer, Driver and Port (LPT or USB port). To edit printer properties, select the printer you want to edit, and click Properties. To delete a printer, select the printer you want to delete, and click delete. NOTE: The printers added in this section will then be assigned to the Thin Clients or Thin Client Group when configuring the hardware specifications for the Thin Clients as described in the Devices and Group sections.
Banner
From the banner section, you can select the banner displayed on the Clients log on screen.
Banner Tab The Login banner shown on the Clients log on screen
You can select either the default 2XOS banner or else you can select a custom banner. To select a custom banner click the Custom Banner radio button. From the Open File window, select banner you would like to add and press open to add the custom banner to the Application Server. NOTE: The images to be added as Custom Banner should be png, jpg or bmp file format and should not exceed 520x100 pixels in size. The banner can be changed by clicking the Change Custom Banner to be able to select a different custom banner.
Scheduler
In this section you can schedule actions (booting, shutdown, rebooting, logging off) for Thin Clients or Thin Client Groups which are performed at a certain pre-defined time. If booting multiple devices at the same time, it is recommended to batch up to 50 devices at the same time and allow at least 5 minutes per batch (exact number and time may vary depending to network status) e.g. Boot Group A which contains 50 devices at 8:00am and Group B which contains 35 devices at 8:10 am.
To add a scheduled entry, click Add and the following window will be shown:
6. Thin Client Group Switch Off: Switches Off all the Thin Clients enrolled in the group
selected a target.
7. Thin Client Group Reboot: Reboots all the Thin Clients enrolled in the group
selected a target.
8. Thin Client Group Log Off: Logs Off all the Thin Clients enrolled in the group
selected a target.
From the Target entry select which Thin Client or Thin Client Group you want to assign the schedule entry to. In the Start specify the start date from which the scheduled entry will start taking effect In the Time entry specify the time you would like the scheduled action to be performed. For the Repeat section, specify the frequency the scheduled entry will repeat the action specified. Below is a list of different Repeat settings available in the dropdown list: Repeat Entry Never Every day Every week Every 2 weeks Every month Every year In the Description textbox insert text to describe the scheduled entry being entered. Press OK and the scheduled entry will be added to the Schedule List. You can disable a scheduled entry by unselecting the checkbox on the left hand side of the scheduled entry. You can edit or delete the schedule by clicking the appropriate button. To test a schedule you can click the Execute Now button.
Start by giving the new policy a name in the Policy Name field. Select the browsing mode used when adding users and groups: WinNT This mode is faster than LDAP mode, but does not allow to process nested groups. LDAP This mode allows nested groups but is slower than the other modes. Secure Identifier Secure Identifier mode is the most efficient mode and supports nested groups. Click on Add to add users or groups to the 2X Client Policy. Once all the users have be en added, you can configure the Connection Properties and Options that will be pushed to the users 2X Client.
To apply client policy criteria depending on gateway IPs select one of the following options: Client is connected to any gateway Select this option so that the 2X Client Policy is applied to the client when connecting to any gateway. Client is connected to one of the following gateways - Select this option so that the 2X Client Policy is applied to the client only when the connection comes from any of the gateways specified in the Gateway IPs. Client is not connected to one of the following gateways Select this option so that the 2X Policy Criteria will be applied only if the client connection does not come from any one of the gateways specified in the Gateway IPs list. To apply client policy criteria depending on MAC Address select one of the following options: Any client MAC Address - Select this option so that the 2X Client Policy is applied to the client when connecting from a machine using any MAC Address. Client MAC Address is one of the following - Select this option so that the 2X Client Policy is applied to the client only when it connects from a machine using any of the MAC Address configured. Client MAC Address is not one of the following Select this option so that the 2X Policy Criteria will be applied to the client only if it connects from a machine using any MAC Addresses other than the those configured.
Please refer to the 2XClient For Windows manual for more information about how to configure the Connection Properties for 2X Client.
Options Section
Please refer to the 2XClient For Windows manual for more information about the options available on the 2X Client.
INFORMATION
Status Tab
Select Information from the navigation bar. You can monitor the status of each service, while also monitoring sessions connected to the Virtual Desktop Host, Terminal Servers or Citrix Servers that are enabled in the farm. The status is refreshed every minute. Click on the 'Refresh' button to manually refresh the content.
Information 212
Notification Tab
To be notified when some counters exceed a certain amount, you will need to enable the notification options. In the Notification tab youll be notified if some server parameters exceed what you define as appropriate.
Notification
You can choose any of the counters monitored by the 2X Terminal Server Agent and set the appropriate number accordingly. For example, if you want to be notified when a terminal server is handling more than 45 sessions simultaneously or if the terminal server has more than 10 disconnected sessions, simply check the appropriate checkbox and set the right amount. Set or browse to a computer on the network that you would like 2X ApplicationServer to send a warning message to in the Notify Options>Send warning message to this computer: field. Choose a particular computer on your network and/or send a message to any email address of your choice. To send a message to a computer on the network, select Send warning message to this computer: and click on to select any of the available machines on your network.
Information 213
To send an email to a predefined email address you must first setup the mailbox details. Check the Send Email to, box and type the receivers email address (for example, support@2x.com) and click on Mailbox Setupbutton.
Mailbox Setup
Type in the sender address you would like to see (for example, support@2x.com) Enter the SMTP server address to be used. If your SMTP server requires authentication when sending emails through it, make sure you select SMTP Server requires authentication and type in the correct username/password to be used. You can also configure different ports for the SMTP server by append : port. (i.e. mail.company.com:465) To connect with an SMTP server that requires a secure connection enable Use TLS/SSL checkbox. After you setup the Mailbox details, simply click OK and then Send Test Email. The email address you typed in the main Notification Tab should receive the test email. To configure the notification interval for each warning message sent to a computer on the network or by mail, type the amount of minutes in the Notification Interval field.
Information 214
Logging Tab
Set the Logging field to Enabled, Disabled or Enabled with extended information. In the Log File field, set the location of the log file to be used. This field is read only so the user cannot set it; available for information purposes only. The log file saves information about the incoming connections, the originating IP address and the terminal server that was chosen. To view the contents of the log file, click the View Log button. To purge the log file, click the Clear Log File button. It is recommended to back up the log file. This is done by checking the box next to Backup log file and then selecting the corresponding time frame. Please note that the backup log file will be located in the same directory of the log file.
Information 215
Auditing Tab
On this tab you can enable or disable auditing and set the location of the auditing file. The auditing log is an important and valuable tool as it can give you information about the sessions opened and the total time of each session. It is recommended to backup the audit file. This is done by enabling the Backup audit file checkbox. Backups can be scheduled on a daily, weekly or monthly basis.
Please note that the backup audit file will be located in the same directory of the audit file.
Information 216
Information 217
Support Tab
For further technical support queries or further information about 2X products view contact details on this tab.
Click on the Send Support Request button to contact 2X Support directly from the 2X ApplicationServer console.
Information 218
You can save your support request information as a Zip file, this way you do nt have to send the email straight away; you can send the Zip file later on from any other machine.
Contact 2X Support
Information 219
Reporting
The reporting tab will allow the user to select and configure a Reporting Engine.
2X ApplicationServer Reporting
Reporting 220
5. Click on Reporting Engine tab to continue with the configuration 6. For additional security select SSL Use SSL connection and select Allow trusted certificates only. 7. Click Manage eG Agents for Components to start installing eG Agents. The window below will be shown:
Manage eG Agents
Note 1 - Only servers with 2X Terminal Server agents installed can be managed for eG Agents. Otherwise the servers are not listed. Note 2 If 2X Terminal Server Agents are not verified for communication, the server becomes disabled and eG Agents cannot be updated.
Reporting 221
8. Select the Terminal Servers and click Update agent(s). The following window pops up.
Installing eG Agent
Reporting 222
Reporting 223
LICENSING
The licensing tab will allow you to view licensing details and enter a license key. If you have purchased a new license key, click the Activate button. Fill in the required details in the License Activation dialog box and click the Activate button to activate your license key.
2X ApplicationServer licensing
2X ApplicationServer has a 30 day trial period. After 30-days you will need to activate the product with a valid key. You can either buy a key from our ordering page or activate the product using a free key. Click on Activate to start activating your product. In order to activate the license key, fill in the required contact details and type the license in the License key field and click Activate as shown in the figure below. To activate with a free key, click on the To get a free key please click here (Free key will allow you to use up to 3 connections). link to get a free key, and click the Activate button.
Licensing 224
When the license key is activated, you should get a dialog which states that the license key activated successfully.
License Activation
After any activation is complete, make sure to click the 'Apply' button. Please note that the free key will allow you to use one server with up to 3 connections. Universal Printing and Redundancy are not available with the free version of 2X ApplicationServer. NOTE: 2X ApplicationServer (Ver. 8) requires a (Ver.8) license. Clients that have old licenses may contact support to receive a (Ver.8) licenses.
Licensing 225
AVAILABLE 2X CLIENTS
For more information about the installation and configuration of 2X Client, please refer to each of the manuals and their corresponding locations listed below.
URL
http://www.2x.com/docs/en/manuals/pdf/2XClientForWindows.pdf
2X Client for Linux http://www.2x.com/docs/en/manuals/pdf/2XClientForLinux.pdf 2X Client for iOS (iPhone & iPad)
http://www.2x.com/docs/en/manuals/pdf/2XClientForiOS.pdf
http://www.2x.com/docs/en/manuals/pdf/2XClientForAndroid.pdf
Installation Procedure
Before starting the installation procedure, please make sure that you are logged on with administrator rights, and that the system requirements are met. 1. Log on to the terminal server or Citrix Server 2. Run the 2X Terminal Server Agent setup program by double clicking on the 2XAppServer.msi file. A welcome dialog will appear. 3. Close other Windows programs and click Next.
4. Select the location where you want to install the 2X Terminal Server Agent and click Next.
6. Select 2X Terminal Server Agent as shown in the figure below and click Next.
7. Click Install.
8. Setup will copy the required files and will create the service on the machine.
After the installation is complete (remotely or manually), you should see the 2X Terminal Server Agent service listed under Services on the server where the agent has been installed.
NOTE: The terminal servers do not require any configuration. The agent will collect the information required by the 2X Publishing Agent. The 2X Terminal Server Agent also forwards the necessary information to the 2X Publishing Agent using the information collected. To ensure connectivity between the 2X Publishing Agent and the terminal servers, after installing the 2X Terminal Server Agent, go to the Console and on the Terminal Servers tab make sure you add all your terminal servers. Once you have finished this step, select a terminal server and click the Check Agent button. If the 2X Publishing Agent can communicate with the 2X Terminal Server Agent running on the terminal server, you will receive this message:
5. Select the location where you want to install the 2X VDI Agent and click Next.
7. Select the 2X VDI Agent only, as shown in the figure below and click Next.
9. Setup will copy the required files and will create the service on the machine. After finishing you will see the status screen.
After the installation is complete (remotely or manually), you should see the 2X VDI Agent service listed under Services on the server where the agent has been installed.
NOTE: The Virtual Desktop Hosts do not require configuration. The agent will collect the information required by the 2X Publishing Agent. The 2X VDI Agent will also forward the necessary information to the 2X Publishing Agent using the information collected. To ensure connectivity between the 2X Publishing Agent and the virtual host, after installing the 2X VDI Agent, go to Virtual Desktop Hosts tab make sure you add all the Virtual Desktop Hosts. Once you have finished this step, select a virtual host and click the Check Agent button. If the 2X Publishing Agent can communicate with the 2X VDI Agent running on the Virtual Desktop Host, you will receive this message:
Before starting the installation procedure, please make sure that you are logged on with administrator rights, and that the system requirements are met. 1. Log on to the machine where the 2X Secure Client Gateway will be installed. 2. Run the 2X ApplicationServer setup program by double clicking on the 2XAppServer.msi file. A welcome dialog will appear. Close all other Windows programs and click Next.
4. Select the location where you want to install the 2X Secure Client Gateway and click Next.
6. Select the 2X Secure Client Gateway only, as shown in the figure below and click Next.
8. Setup will copy the required files and will create the service on the machine. After finishing you will see the Launch Configuration Utility screen.
After the installation is complete (remotely or manually), you should see the 2X Secure Client Gateway service listed under Services on the server where the service has been installed.
NOTE: ApplicationServer ver.8 gateways are automatically detected and can be pushed from the 2X Console. Publishing Agents can also be pushed from the 2X Console, but this is a procedure for creating a backup (slave) Publishing Agent.
5.
Select the location where you want to install the 2X Guest Agent and click Next.
7. Select the 2X Guest Agent only, as shown in the figure below and click Next.
Setup will copy the required files and will create the service on the machine. After finishing you will see the status screen.
After the installation is complete (remotely or manually), you should see the 2X Guest Agent service listed under Services on th e guest where the service has been installed.
Before starting the installation procedure, please make sure that you are logged on with administrator rights, and that the system requirements are met.
5. Select the location where you want to install the 2X PC Agent and click Next.
7. Select the 2X PC Agent only, as shown in the figure below and click Next.
9. Setup will copy the required files and will create the service on the machine. After finishing you will see the status screen.
After the installation is complete (remotely or manually), you should see the 2X PC Agent service listed under Services on the remote PC where the service has been installed.
2X ADDITIONAL UTILITIES
2XA Generator
2XA Generator is a command line utility to create 2xa files. 2xa files contains the required information to launch a published item. To use 2XA Generator, run 2XAGen.exe [c:\Program Files\2X\APPLICATIONSERVER\2XAGen.exe] in a command prompt and pass the appropriate parameters.
Parameters
-h -v -s -p -a -u -pw -pc -d -ss -pr -o Displays the help message Displays the version number Primary 2X Secure Client Gateway Server 2X Secure Client Gateway Port Application Name User Name User's password User's password, saved as clear text Domain Secondary 2X Secure Client Gateway Server Application Parameters Output file
server port application user password password domain server parameters file
-a "Word"
OUTPUT OF EXAMPLE 1: <App xmlns:dt="urn:schemas-microsoft-com:datatypes"> <Connection> <Port dt:dt="ui4">80</Port> <PrimaryServer>TSServer1</PrimaryServer> </Connection> <Startup> <PublishedApp>Word</PublishedApp> </Startup> </App> EXAMPLE 2: 2XAGen -s "TSServer1" -p 80 -a "Word" -u "Testuser1" pc "mypassword" -d "mydomain" -ss "TSServer2" pr"C:\document.doc" -o word.2xa OUTPUT OF EXAMPLE 2: [content of word.2xa] <App xmlns:dt="urn:schemas-microsoft-com:datatypes"> <Connection> <Port dt:dt="ui4">80</Port> <PrimaryServer>TSServer1</PrimaryServer> <SecondaryServer>TSServer2</SecondaryServer> </Connection> <Logon> <Passworddt:dt="bin.base64">nqLSKZch8PVBrG5l+Iq0qQ==</Pas sword> <Domain>mydomain</Domain> <User>Testuser1</User> </Logon> <Startup> <OverrideParams>C:\document.doc</OverrideParams> <PublishedApp>Word</PublishedApp> </Startup> </App>
FEATURES
Listed below are just some of the features that are provided and supported using ApplicationServer (APPLICATIONSERVERAS). For a more detailed list, including screen shots, visit our website at http://www.2x.com/applicationserver/asfeatures.html. 2X Client Managing 2X Client settings for all users on the network is a seamless and efficient process using 2X ApplicationServer. You can manage the 2X Client settings for all the users on the network that connect to any server currently in the Farm, directly from the management console. Universal Scanning With 2X Universal Scanning there is no need to install any scanner drivers on the server. Any application using TWAIN technology will be redirected to use hardware connected to the client device for scanning. New Publishing Wizard 2X ApplicationServer now incorporates a Publishing Wizard which will guide you through each step needed to setup Virtual Desktops, Published Applications and Published Desktops in the shortest amount of time possible. Application and Desktop Publishing 2X ApplicationServer allows you to publish particular applications installed on a terminal server to the desktop of any remote user. For example, you can tunnel an accounts package onto a users local desktop without giving the user access to a full desktop or publish a full desktop as an application on the terminal server. Deepnet Unified Authentication Platform Deepnet Unified Authentication is a single integrated platform used for provisioning, managing and verifying all types of authentication, form-factors and user credentials. 2X ApplicationServer provides this two-factor authentication using SafeID, FlashID, MobileID, QuickID, GridID, SecureID (RSA), DigiPass (Vasco). Native RDP Connections Using the 2X ApplicationServer Client you can now connect to a machine running Microsoft Terminal Server using a Remote Desktop Protocol (RDP) connection. Administrators can easily configure desktop connections and publish applications using one tool. Embedded Desktops With your 2X ApplicationServer Client you can now use Embedded Desktops. This allows you to load a number of different Virtual Desktops inside one application. Switching between multiple desktops is as simple as clicking on a different tab. Multiple VDI Solutions 2X ApplicationServer now supports virtual desktops published from VMware, Sun VirtualBox, Microsoft Virtual Server, Microsoft Hyper-V, Virtual Iron, Parallels and Microsoft Terminal Server. Virtual desktops are load balanced over the available machines while automatically releasing unused resources.
T 255
Seamless Integration with Local Desktop & Taskbar To the user the remote application appears exactly like a local application. Applications that are hosted remotely will automatically show up in the local task bar and/or on the desktop. If your users minimize a remote application, the application will minimize to the LOCAL taskbar. You can also copy and paste between local and remote applications as well. Greater Compatibility 2X ApplicationServer Console is compatible with Windows 2000 Server, Windows 2003 Server and Windows 2008 Server. This means you do not need to upgrade your entire infrastructure to the latest Windows Server platform if all you need is application publishing with Seamless Windows capabilities. Cross Platform Support 2X ApplicationServer is an RDP based Application Publishing solution that supports both Linux and Mac OS X clients, all with seamless Windows capabilities. Now it is easy to bring Windows applications to all your Linux and Mac desktops. 2X Secure Client Gateway Service 2X Secure Client Gateway tunnels all traffic needed by 2X applications on a single port. You need to open only one port on your firewall and the clients will be able to launch the published applications through the 2X Secure Client Gateway Service. Increased Terminal Services Performance During the login sequence, the user (using default settings) connection request is forwarded to the terminal server reporting the best performance index. This ensures that the users will never be connected to a terminal server that is using all its resources (CPU, memory, etc), optimizing user experience across the terminal server farm. Enhanced Security When used in SSL Gateway mode, the 2X LoadBalancer provides end-to-end SSL encryption to your terminal servers. This not only greatly enhances security but also gives you a firewall/proxy friendly solution with true SSL/HTTPS capabilities. Reconnection Capabilities When a session gets disconnected from one of the terminal servers and the user attempts to reconnect, the 2X LoadBalancer queries all terminal servers for a disconnected session from that particular user or IP address, then reconnects the user to the appropriate terminal server (some conditions apply). Universal Printing 2X ApplicationServer now incorporates a Universal Printer driver eliminating the need to manage and install printer drivers on your terminal server. The user can print either to their default printer (local) or have the document displayed in a PDF reader such as Acrobat Reader. Multiple Farms The 2X Client can now connect to multiple Farms simultaneously, allowing the use of Farms located worldwide and even within different organizations. Single Sign-On Single Sign-On is a module that automates the log-in process when connecting with the 2X Secure Client Gateway and terminal servers. Single Sign-On eliminates users having to manage and periodically change individual passwords to access applications and data. 2X Access Portal 2X AccessPortal allows users to launch published applications and desktops from multiple farms which are accessed through a web portal according to their filter settings. Multiple Monitor Support Display published applications and desktops on multiple monitors (up to 10) without the need to upgrade to Windows 2008.
T 256
Additional Resources
For more information about the installation and configuration of 2X Client, please refer to our 2XClient For Windows, 2XClient For Linux and 2XClient for Mac manuals located at www.2X.com.
T 257
Introduction
The troubleshooting chapter explains how you should go about resolving issues you may have. The main sources of information available to users are: The manual most issues can be solved by reading and referring to the manual. The 2X support site accessible from the 2X website. It includes a knowledge base with the most frequently asked questions. Contacting the 2X support department by email at support@2x.com Contacting our support department by telephone.
Knowledgebase
2X maintains a knowledgebase, which includes answers to most commonly asked problems. If you have a problem, please consult the knowledgebase first. The knowledgebase is continuously updated and contains the-most-up-to-date listings of support questions and patches. The knowledgebase can be found at http://www.2x.com/support/
T 258
ABOUT 2X
ABOUT 2X | 2X Software Ltd - 2X - is a company developing software for the booming server-based computing market. Thin client computing controls skyrocketing PC management costs, centralizes application and desktop management, improves security and performance and allows users to work remotely. The companys product line includes: 2X ApplicationServer for Windows Terminal Services, 2X ApplicationServer, 2X LoadBalancer for Terminal Services/Citrix and 2X ThinClientServer. 2X is a privately held company with offices in the USA, Germany, France, UK, Australia and Malta. Its management team is backed by years of experience in developing and selling network infrastructure software. 2X is a Microsoft, VMware, IBM and RedHat partner. For more information visit: http://www.2x.com. All product and company names herein may be trademarks of their respective owners.
2011 2X Software Ltd. All rights reserved. The information contained in this document represents the current view of 2X on the issues discussed as of the date of publication. Because 2X must respond to changing market conditions, it should not be interpreted to be a commitment on the part of 2X, and 2X cannot guarantee the accuracy of any information presented after the date of publication. 2X MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. 2X, 2X ThinClientServer and 2X TerminalServer and their product logos are either registered trademarks or trademarks of 2X Software Ltd. in the United States and/or other countries. All product or company names mentioned herein may be the trademarks of their respective owners.
259 About 2X
2X ApplicationServer