A Horizon administrator can use the Unauthenticated Access feature to create Unauthenticated Access users and entitle those users to published applications. Unauthenticated Access users can log in to the server anonymously to connect to their published applications.

Before you have end users access a published application with the Unauthenticated User feature, test that you can connect to the published application from a client device. You might need to specify a server and supply credentials for your user account.

By default, users select the Log in anonymously using Unauthenticated Access setting from the Options menu and select a user account to log in anonymously. A Horizon administrator can configure group policy settings to preselect the Log in anonymously using Unauthenticated Access setting and log in users with a specific Unauthenticated Access user account.


  • Perform the administrative tasks described in Preparing Connection Server for Horizon Client.

  • Set up Unauthenticated Access users on the Connection Server instance. For information, see "Providing Unauthenticated Access for Published Applications" in the View Administration document.

  • If you are outside the corporate network, verify that your client device is set up to use a VPN connection and turn on that connection.

  • Verify that you have the fully qualified domain name (FQDN) of the server that provides access to the published application. Underscores (_) are not supported in server names. If the port is not 443, you also need the port number.

  • If an administrator has allowed it, configure the certificate checking mode for the SSL certificate presented by the server in Horizon Client. To determine which mode to use, see Setting the Certificate Checking Mode in Horizon Client.

  • (Optional) Configure the Account to use for Unauthenticated Access and Log in anonymously using Unauthenticated Access group policy settings to change the default Unauthenticated Access behavior. For information, see Scripting Definition Settings for Client GPOs.


  1. If a VPN connection is required, turn on the VPN.
  2. Double-click the VMware Horizon Client desktop shortcut or click Start > Programs > VMware Horizon Client.
  3. If instructed to do so by your system administrator, click the Options button in the menu bar and select Log in anonymously using Unauthenticated Access.

    Depending on how your client system is configured, this setting might already be selected.

  4. Connect to the server on which you have unauthenticated access to published applications.



    Connect to a new server

    Double-click the + Add Server button or click the + New Server button in the menu bar, enter the name of the server, and click Connect.

    Connect to an existing server

    Double-click the server icon on the Horizon Client home window.

    Connections between Horizon Client and the server always use SSL. The default port for SSL connections is 443. If the server is not configured to use the default port, use the format shown in this example: view.company.com:1443.

    You might see a message that you must confirm before the Login dialog box appears.

  5. When the Login dialog box appears, select a user account from the User account drop-down menu, if necessary.

    If only one user account is available, the drop-down menu is disabled and the user account is already selected.

  6. (Optional) If the Always use this account check box is available, select it to bypass the Login dialog box the next time you connect to the server.

    To deselect this setting before you connect to the server the next time, right-click the server icon on the Horizon Client home window and select Forget the saved Unauthenticated Access account.

  7. Click Login to log in to the server.

    The application selection window appears.

  8. To start an application, double-click the application icon.