This article describes how to configure VMware Horizon View to connect to a remote desktop with two factor authentication.
Hardware OTP tokens
OTP applications: Google Authenticator or Yandex. Key
Mobile application (soon)
To configure the second authentication factor, you need to install and configure MultiFactor Radius Adapter.
- The user connects to the desktop, enters his login and password in Horizon View;
- VMware Horizon connects to MultiFactor Radius Adapter via RADIUS protocol;
- The component checks the user login and password in Active Directory or Network Policy Server and requests the second authentication factor;
- The user confirms the access request in the phone or enters a one-time code in Horizon View.
Configuring VMware Horizon
- Go to the VMware Horizon administrative console.
- open View Configuration -> Servers -> Connection Servers, select the server and click Edit. On the Authentication tab, under Advanced Authentication, select RADIUS from the 2-fa authentication list.
- Enable "Enforce 2-factor and Windows user name matching" and "Use the same user name and password for RADIUS and Windows authentication".
- Select "Create New Authenticator" from the Authenticator list:
- Label: MultiFactor
- Description: arbitrary description
- Hostname/Address: component address MultiFactor Radius Adapter
- Authentication port: 1812
- Accounting port: 0
- Authentication type: PAP
- Shared secret: Shared secret from component settings
- Server Timeout: 40
- Save and close.