After users use True SSO to login to the desktop, they can unlock the desktop after reauthentication from the Workspace ONE portal using the same logon credentials. The Horizon True SSO unlock mechanism currently depends on Workspace ONE Access.
Prerequisites
Note: TrueSSO unlock is currently ONLY supported with Workspace ONE Access. It is NOT supported with third-party Identity Providers.
- Verify that you have VMware Horizon version 7.8 or later.
- Verify that you have Workspace ONE version 19.03 or later.
- This feature is supported on the following Horizon Clients:
- Horizon Client for Windows version 5.0 or later
- Horizon Client for Mac 2306 or later
- Horizon Client for Linux version 2306 or later
Procedure
What to do next
You can disable this feature by setting a registry key on the machine where Horizon Agent is installed, in the following location:
HKLM\Software\VMware, Inc.\VMware VDM\Agent\CertSSO[DisableCertSSOUnlock=true]
You can also disable this feature on the Horizon Client you are using.
Horizon Client | Steps to disable feature |
---|---|
Horizon Windows Client | Set the registry key
If the registry key is set, the VMware True SSO User option does not appear when the user unlocks the desktop. |
Horizon Linux Client | Set view.enableTrueSSOUnlock=‘FALSE' |
Horizon Mac Client | EnableTrueSSOUnlock = ‘0’ in plist |