We want to reuse some rather old windows workstations until replace them by zero or thin client terminals. We selected a lightweight Linux OS to replace windows OS to avoid the need of Microsoft licenses. On the other end, we have deployed VDI desktops on Horizon View 6 platform. The desktop pool consists of floating dedicated desktops with persistent disks.
Let’s walk through the various steps to build the lightweight workstation, unfortunately various settings must be configured!
1. Install a lightweight linux OS
Goto http://lubuntu.net/ and download the latest version of lubuntu linux. In my case the 15.04 version.
- Burn the iso image on a CD
- Install Lubuntu
- Enable user to automatically log in the workstation
- Configure network settings or use your DHCP server
- Connect to internet
- Goto to System Tools – Software Updater to install the latest updates.
- Reboot.
2. Download the vmware-view client
Goto https://www.vmware.com/go/viewclients and download the latest Vmware Horizon Client for Linux. In my case, this is the VMware-Horizon-Client-3.2.0-2331566.x86.bundle.
3. Install vmware-view client
Open a Unix terminal and goto Downloads folder
cd ~/Downloads
Give execute permissions to vmware view file
chmod +x VMware-Horizon-Client-3.2.0-2331566.x86.bundle
Execute the file with root permissions
sudo ./VMware-Horizon-Client-3.2.0-2331566.x86.bundle
At the end of the installation wizard press the scan button to check for compatibility issues. It returns errors for libudev.so.0, libcrypto.so.1.0.1 and libssl.so.1.0.1 libraries.
Now, If you execute vmware-view on the terminal, you will get the following error:
We have to create the following symbolic links as root to resolve the errors
sudo ln -s /lib/i386-linux-gnu/libssl.so.1.0.0 /lib/i386-linux-gnu/libssl.so.1.0.1
sudo ln -s /lib/i386-linux-gnu/libcrypto.so.1.0.0 /lib/i386-linux-gnu/libcrypto.so.1.0.1
sudo ln -s /lib/i386-linux-gnu/libudev.so.1 /lib/i386-linux-gnu/libudev.so.0
If you run the vmware-view client, you will notice that
- It supports only PCoIP protocol
- A warning will inform you that the installed openssl version is old. Actually this version is vulnerable to Heartbleed bug.
- USB redirection does not work
- Finally an SSL root certificate should be installed
4. Support RDP protocol
Install freerdp application by running
sudo apt-get install freerdp
Try vmware-view again by selecting the RDP protocol (Connection – Settings) to connect to Horizon View 6 platform.
5. Install the latest version of openssl
Unfortunately Lubuntu software update does not upgrade to the latest version of openssl. If you run sudo apt-get install openssl
nothing happens.
Goto ftp://ftp.us.debian.org/debian/pool/main/o/openssl and download the latest versions of libssl and openssl. In my case, these are libssl1.0.0_1.0.2a-1_i386.deb and openssl_1.0.2a-1_i386.deb.
First remove the old openssl package.
sudo apt-get remove openssl
I removed everything.
Goto Downloads and install the aforementioned packages as root.
cd ~/Downloads
sudo dpkg --install libssl1.0.0_1.0.2a-1_i386.deb
sudo dpkg --install openssl_1.0.2a-1_i386.deb
Now if you check the version by running openssl version
, it should return OpenSSL 1.0.2a 19 Mar 2015.
During the package removal, the symbolic links have been deleted, so, recreate the symbolic links to the new paths.
sudo ln -s /usr/lib/i368-linux-gnu/libssl.so.1.0.0 /lib/i386-linux-gnu/libssl.so.1.0.1
sudo ln -s /usr/lib/i368-linux-gnu/libcrypto.so.1.0.0 /lib/i386-linux-gnu/libcrypto.so.1.0.1
Now vmware-view does not display the openssl warning message.
6. Install the Domain Root Certificate
First copy company’s root certificate to Downloads folder, e.g company.crt and install ca-certificate package as root.
sudo apt-get install ca-certificates
Copy the root certificate to /usr/local/share/ca-certificates folder
sudo cp ~/Downloads/company.crt /usr/local/share/ca-certificates/
Install and trust the certificate
sudo update-ca-certificates
The URL link goes green!
7. Enable USB Redirection
Vmware view client 3.2 for linux supports USB redirection.
Goto /etc folder and edit the rc.local file as root.
cd /etc
sudo vi rc.local
Insert the following lines before exit 0 command:
/usr/lib/vmware/view/usb/vmware-usbarbitrator
/usr/lib/vmware/view/usb/vmware-view-usbd
Finally, reboot the workstation and connect to the Horizon View. Notice that USB redirection works using PCoIP connection protocol and RDP as well.
8. Post installation jobs
Disable screenlock
Goto Preferences -> Power Manager
At Security tab select “Never” at Automatically lock the session
Autostart vmware view client
Goto Preferences -> Default applications for LXSession -> Goto Autostart
Type in “Manual autostarted applications”
vmware-view --nomenubar --fullscreen
or
vmware-view --kioskLogin --nonInteractive --once --fullscreen --nomenubar --serverURL="server.mycomany.com" --userName="username" --password="password"
depending on your taste and press the “Add” button
Checkout https://www.vmware.com/pdf/horizon-view/horizon-view-client-linux-document.pdf document for more options.
At any time <Ctrl><Esc> brings you the Start Menu.
Good luck!