Enable Touch ID Authentication in VMware Horizon

In Horizon 6.2 it is possible to authenticate with Apples Touch ID. Touch ID is not enabled by default and has the following minimal requirements:

  • iPhone 5S, 6, and 6 Plus
  • iPad Air 2 and iPad mini 3
  • IOS 8
  • Horizon 6 version 6.2
  • The View Connection Server must present a valid root-signed certificate to the Horizon Client
  • Horizon 3.5 client
  • The Horizon Client certificate checking mode must be set to ‘Never connect to untrusted servers or Warn before connecting to untrusted servers’

Touch ID is not enabled by default and is a global setting, so when enabling, all users are able to login using the Touch ID! There is no other way to control who can use Touch ID.

The following steps describes enabling Touch ID

Enable BioMetrics authentication in the View Connection Server.

  • Start ADSI Edit on the View Connection Server
  • In the Connection Settings dialog box, select or connect to DC=vdi,DC=VMware,DC=int
  • In the Computer pane, type localhost

0

  • Browse to the object CN=Common, OU=Global, OU=Properties
  • Edit the pae-ClientConfig attribute and add the value BioMetricsTimeout=-1 (-1 means BioMetric Authentication is supported without any time limit. To enable a time limit, enter for example 30 for 30 minutes).

1 1a

  • The new setting takes effect immediately

Horizon Client

  • Check the certificate settings on the iPad or iPhone.
  • Enable Touch ID in the Horizon Client and login the first time with your password.

IMG_7029 IMG_7030

After that you’re been able to use the Touch ID to authenticate to the Horizon View environment. Pretty cool stuff!

comments powered by Disqus