VMware has just released a minor update for View: 5.1.2
What’s New/Resolved Issues:
Install and Upgrade
- Installing View Agent 5.0 on a Windows XP SP3 virtual machine caused a Stop Error (BSoD) on the virtual machine.
View Desktop Management
- In a desktop pool with the Refresh on logoff policy, View did not provide an option to refresh linked-clone desktops that were not cleanly logged off. By default, when a desktop is reset or shut down by the user, or the desktop session is ended for other reasons, View marks the desktop as “Already used” and blocks any View Client from accessing it. This default behavior prevents other users from accessing the previous user’s data and allows a View administrator to investigate potential problems with the desktop. In previous releases, no other options were available.
In View 5.1.2 and later releases, you can add a View LDAP attribute, pae-DirtyVMPolicy under OU=Server Groups, DC=vdi, DC=vmware, DC=int, and set the following values for the attribute. The pae-DirtyVMPolicy values provide the following options for the Refresh on logoff policy:
- pae-DirtyVMPolicy=0. Mark virtual machines that were not cleanly logged off as ‘Already used’ and block user access to them. This is the default behavior in View 4.6 and later releases.
- pae-DirtyVMPolicy=1. Allow virtual machines that were not cleanly logged off to become available without being refreshed. View Client users can access these desktops.
- pae-DirtyVMPolicy=2. Automatically refresh virtual machines that were not cleanly logged off. View Client users can access these desktops after the refresh operation is completed.
- When the Suspend power policy was set for a desktop pool, View sent multiple Suspend operations to the same virtual machines, causing vCenter Server to log multiple error messages.
In View 5.1.2, to ensure that only a single Suspend operation is sent, you must configure a multivalued attribute in View LDAP. Take these steps:
- Start the ADSI Edit utility on any View Connection Server instance in a replicated group.
- In the Connection Settings dialog box, select or connect to DC=vdi,DC=vmware,DC=int.
- In the Computer pane, select or type localhost:389 or the fully qualified domain name (FQDN) of the View Connection Server computer followed by port 389.
- On the object CN=Common, OU=Global, OU=Properties, select or create the pae-NameValuePair attribute.
- Add the following value to the pae-NameValuePair attribute: cs-suspendpolltimeout=90000 and cs-suspendpolltime=1000
These values are in milliseconds.
- Network printers were not being redirected into desktop virtual machines after upgrading to View 5.1.
- After enabling certificate revocation checking on View Connection Server, connecting with a View Client gives the following error: "Smart Card authentication failed. Please contact your Administrator (Revocation Checks failed)."
- In previous releases, the VMware View Administration document did not accurately state the authentication behavior for smart card users who select the Log in as current user check box when they connect to View Connection Server. In upcoming releases, the VMware View Administration document will contain the following corrected text:
When smart card authentication is set to Required on a View Connection Server instance, authentication fails for users who select the Log in as current user check box when they connect to the View Connection Server instance. These users must reauthenticate with their smart card and PIN when they log in to View Connection Server.
View Persona Management
- View desktop logon took a long time when View Persona Management was enabled. This issue occurred when Microsoft Forefront Endpoint Protection (FEB) or a similar product for protecting the virtual machine environment was installed on the View desktop.
- If a user changed the domain user password when logging in to a View desktop, View Persona Management created a new user pofile, overwriting the existing profile data.
- View Persona Management failed to replicate a user profile file with a long path or filename to the remote profile repository.
- The following issue is resolved in View 5.1.2: VMware View contains a critical directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive information stored on the server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-5978 to this issue.