To connect to a remote desktop or published application, you must provide the name of a server and supply credentials for your user account.
Obtain the following information from your system administrator:
Instructions about whether to turn on a VPN (virtual private network) connection.
Server name to use for connecting to the server.
If the port is not 443, the port number to use for connecting to the server.
Credentials for logging in, such as an Active Directory user name and password, RSA SecurID user name and passcode, RADIUS authentication user name and passcode, or smart card personal identification number (PIN).
Domain name for logging in.
Instructions about whether you can use Touch ID authentication.
Instructions about whether you can use Face ID authentication.
If your system administrator sent you an email that contains a URL to use for setting up an RSA SecurID software token on your client device, open that email and verify that you also have the activation code or that the activation code appears at the end of the URL.
If your system administrator instructs you to configure the certificate checking mode, see Set the Certificate Checking Mode.
- If a VPN connection is required, turn on the VPN.
- Open the Horizon app.
- Connect to a server.
Connect to a new server
Enter the name of a server as instructed by your system administrator, enter a description (optional), and tap Add Server. If a server has already been added, tap New in the upper-right corner of the window instead.
Connect to an existing server
Tap the server shortcut in the Servers window.
Connections between Horizon Client and servers always use TLS. The default port for TLS connections is 443. If the server is not configured to use the default port, use the format servername:port, for example, view.company.com:1443.
- If a smart card is required or optional, select the smart card certificate to use and enter your PIN.
If the smart card has only one certificate, that certificate is already selected. If there are many certificates, you can scroll through the certificates.
- If you are prompted for RSA SecurID credentials or RADIUS authentication credentials, type your credentials, or, if you plan to use an embedded RSA SecurID token, install an embedded token.
Use an existing token
If you use a hardware authentication token or software authentication token on a smart phone, enter your user name and passcode. The passcode might include both a PIN and the generated number on the token.
Install a software token
Tap External Token.
In the Install Software Token dialog box, paste the CT-KIP URL or CTFString URL that your system administrator sent to you in email. If the URL contains an activation code, you do not need to enter a value in the Password or Activation Code text box.
- If you are prompted a second time for RSA SecurID credentials or RADIUS authentication credentials, enter the next generated number on the token.
Do not enter your PIN, and do not enter the same generated number that you entered before. If necessary, wait until a new number is generated.
- (Optional) If the Enable Touch ID setting is available, turn on the setting to use Touch ID to authenticate.
The Enable Touch ID setting is available only if biometric authentication is enabled on the server and you have not previously authenticated with Touch ID.
- (Optional) If the Enable Face ID setting is available, turn on the setting to use Face ID to authenticate.
The Enable Face ID setting is available only if biometric authentication is enabled on the server and you have not previously authenticated with Face ID.
- If you are prompted for a user name and password, supply your Active Directory credentials.
- Type the user name and password as instructed by your system administrator.
- Select a domain as instructed by your system administrator.
If the Domain drop-down menu is hidden, type the user name as username@domain or domain\username.
- (Optional) Tap to toggle the Remember this Password option to on if your system administrator has enabled this feature and if the server certificate can be fully verified.
- Tap Login.
If Touch ID or Face ID is enabled and you are logging in for the first time, your Active Directory credentials are stored securely in the iOS device's Keychain for future use.
- If you are prompted for Touch ID authentication, place your finger on the Home button.
- If you are prompted for Face ID authentication, glance at the device.
The first time Horizon Client tries to use Face ID to authenticate, iOS prompts you to allow Horizon Client to use Face ID. If you do not want to use Face ID authentication, tap Don't Allow to enter a user name and password instead.
- (Optional) To select the display protocol to use, tap Settings at the bottom of the Horizon Client window and tap Preferred Protocol.
VMware Blast provides better battery life and is the best protocol for high-end 3D and mobile device users.
- Tap a remote desktop or published application to connect to it.
If you are connecting to a published desktop, and if the desktop is already set to use the Microsoft RDP display protocol, you cannot connect immediately. You are prompted to have the system log you off the remote operating system so that a connection can be made with the PCoIP display protocol or the VMware Blast display protocol.
After you connect to a remote desktop or published application for the first time, Horizon Client saves a shortcut for the remote desktop or published application on the Recent window. The next time you connect to the remote desktop or published application, you can tap the shortcut instead of tapping the server shortcut.
If you receive a certificate error when you try to connect to a remote desktop or published application, see Set the Certificate Checking Mode.