Horizon Agent Configuration Settings

You can use GPO template on the agent OS to turn off True SSO at the pool level or to change defaults for certificate settings such as key size and count and settings for reconnect attempts.

Note: The following table shows the settings to use for configuring the agent on individual virtual machines, but you can alternatively use the Horizon Agent Configuration template files. The ADMX template file is named ( vdm_agent.admx). Use the template files to make these policy settings apply to all the virtual machines in a desktop or application pool. If a policy is set the policy takes precedence over the registry settings.

The ADMX files are available in VMware-Horizon-Extras-Bundle-YYMM-x.x.x-yyyyyyyy.zip, which you can download from the VMware Downloads site. Go to https://my.vmware.com/web/vmware/downloads. Look for Desktop & End-User Computing and under this category, select Download Product under VMware Horizon. Then select the appropriate Horizon version and click Go To Downloads. From here you can find the Horizon GPO Bundle that includes the VMware-Horizon-Extras-Bundle-YYMM-x.x.x-yyyyyyyy.zip file.

Table 1. Keys for Configuring True SSO on Horizon Agent
Key	Min & Max	Description
Disable True SSO	N/A	Set this key to `true` to disable the feature on the agent. Use this setting in the group policy to disable True SSO at the pool level. The default is `false`.
Certificate wait timeout	10 -120	Specifies timeout period of certificates to arrive on the agent, in seconds. The default is `40`.
Minimum key size	1024 - 8192	Minimum allowed size for a key. The default is `1024`, meaning that by default, if the key size is below 1024, the key cannot be used.
All key sizes	N/A	Comma-separated list of key sizes that can be used. Up to 5 sizes can be specified; for example: `1024,2048,3072,4096`. The default is `2048`.
Number of keys to pre-create	1-100	Number of keys to pre-create on RDS servers that provide remote desktops and hosted Windows applications. The default is `5`.
Minimum validity period required for a certificate	N/A	Minimum validity period, in minutes, required for a certificate when it is being reused to reconnect a user. The default is `5`.