You can use the vdmutil command-line interface to configure and manage the security mechanism used when JMS messages are passed between View components.

Syntax and Location of the Utility

The vdmutil command can perform the same operations as the lmvutil command that was included with earlier versions of View. In addition, the vdmutil command has options for determining the message security mode being used and monitoring the progress of changing all View components to Enhanced mode. Use the following form of the vdmutil command from a Windows command prompt.

vdmutil command_option [additional_option argument] ...

The additional options that you can use depend on the command option. This topic focuses on the options for message security mode. For the other options, which relate to Cloud Pod Architecture, see the Administering Cloud Pod Architecture in Horizon 7 document.

By default, the path to the vdmutil command executable file is C:\Program Files\VMware\VMware View\Server\tools\bin. To avoid entering the path on the command line, add the path to your PATH environment variable.

Authentication

You must run the command as a user who has the Administrators role. You can use View Administrator to assign the Administrators role to a user. See Configuring Role-Based Delegated Administration.

The vdmutil command includes options to specify the user name, domain, and password to use for authentication.

Table 1. vdmutil Command Authentication Options

Option

Description

--authAs

Name of a View administrator user. Do not use domain\username or user principal name (UPN) format.

--authDomain

Fully qualified domain name for the View administrator user specified in the --authAs option.

--authPassword

Password for the View administrator user specified in the --authAs option. Entering "*" instead of a password causes the vdmutil command to prompt for the password and does not leave sensitive passwords in the command history on the command line.

You must use the authentication options with all vdmutil command options except for --help and --verbose.

Options Specific to JMS Message Security Mode

The following table lists only the vdmutil command-line options that pertain to viewing, setting, or monitoring the JMS message security mode. For a list of the arguments you can use with a specific option, use the --help command-line option.

The vdmutil command returns 0 when an operation succeeds and a failure-specific non-zero code when an operation fails. The vdmutil command writes error messages to standard error. When an operation produces output, or when verbose logging is enabled by using the --verbose option, the vdmutil command writes output to standard output, in US English.

Table 2. vdmutil Command Options

Option

Description

--activatePendingConnectionServerCertificates

Activates a pending security certificate for a View Connection Server instance in the local pod.

--countPendingMsgSecStatus

Counts the number of machines preventing a transition to or from Enhanced mode.

--createPendingConnectionServerCertificates

Creates a new pending security certificate for a View Connection Server instance in the local pod.

--getMsgSecLevel

Gets the enhanced message security status for the local pod. This status pertains to the process of changing the JMS message security mode from Enabled to Enhanced for all the components in a View environment.

--getMsgSecMode

Gets the message security mode for the local pod.

--help

Lists the vdmutil command options. You can also use --help on a particular command, such as --setMsgSecMode --help.

--listMsgBusSecStatus

Lists the message bus security status for all connection servers in the local pod.

--listPendingMsgSecStatus

List machines preventing a transition to or from Enhanced mode. Limited to 25 entries by default.

--setMsgSecMode

Sets the message security mode for the local pod.

--verbose

Enables verbose logging. You can add this option to any other option to obtain detailed command output. The vdmutil command writes to standard output.