DOCSLIB.ORG

U Windows 2008 R2 MS V1R14 STIG Benchmark

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
U Windows 2008 R2 MS V1R14 STIG Benchmark U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT.xml U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT: WIN-2LR8M18J6A1 On WIN-2LR8M18J6A1 - By admin for time period 11/26/2014 3:20:57 PM to 11/26/2014 3:20:57 PM U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT Total score: 46.31 % 113 out of 244 rules passed 0 out of 244 rules did not pass completely 131 out of 244 rules failed The Windows Server 2008 R2 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows Server 2008 R2 Security Guide and security templates published by Microsoft Corporation. Note: This is a sample report generated using NNT Change Tracker Enterprise - unlike other compliance scanning solutions, Change Tracker uses continuous file integrity monitoring to detect any configuration drift and report breach activity in real-time. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected] Unsupported Service Packs Rules Unsupported Service Packs Rules 1 Systems must be at supported service pack (SP) or release levels. Description: <VulnDiscussion>Systems at unsupported service packs or releases will not receive security updates for new vulnerabilities and leaves them subject to exploitation. Systems must be maintained at a service pack level supported by the vendor with new security updates.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives ><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance> </SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools>HK</Third PartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>VIVM-1</IAControls> Pass: Rule passed : hkey_local_machine\software\microsoft\windows nt\currentversion\currentbuildnumber (9600). Display Shutdown Button Display Shutdown Button Rules Display Shutdown Button Rules 11/26/2014 3:32:36 PM 1 U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT.xml 2 The shutdown option will not be available from the logon dialog box. Description: <VulnDiscussion>Displaying the shutdown button may allow individuals to shut down a system anonymously. Only authenticated users should be allowed to shut down the system. Preventing display of this button in the logon dialog box ensures that individuals who shut down the system are authorized and tracked in the systems Security event log.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Do cumentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></Sev erityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools>HK</ThirdPartyT ools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>ECSC-1</IAControls> Pass: Rule passed : hkey_local_machine\software\microsoft\windows\currentversion\policies\system\shutdownwithoutlo gon (0). NTFS Requirement NTFS Requirement Rules NTFS Requirement Rules 3 Local volumes will be formatted using NTFS. Description: <VulnDiscussion>This is a category 1 finding because the ability to set access permissions and audit critical directories and files is only available by using the NTFS file system. The capability to assign access permissions to file objects is a DoD policy requirement. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Docu mentable>true</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></Severit yOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools>< MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls>ECCD-1, ECCD-2</IAControls> Pass: Rule passed : c:\ (NTFS), e:\ (NTFS). Legal Notice Display Legal Notice Display Rules Legal Notice Display Rules 11/26/2014 3:32:37 PM 2 U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT.xml 4 The required legal notice will be configured to display before console logon. Description: <VulnDiscussion>Failure to display the logon banner prior to a logon attempt will negate legal proceedings resulting from unauthorized access to system resources.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegative s><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance> </SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPart yTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls>ECWM-1</IAControls> Fail: The required legal notice will be configured to display before console logon. : local security policy (LegalNoticeText). Remediation : Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options ->'Interactive Logon: Message text for users attempting to log on' as outlined in the check. Caching of logon credentials Caching of logon credentials Rules Caching of logon credentials Rules 5 Caching of logon credentials will be limited. Description: <VulnDiscussion>The default Windows configuration caches the last logon credentials for users who log on interactively to a system. This feature is provided for system availability reasons such as the user’s machine is disconnected from the network or domain controllers are not available. Even though the credential cache is well-protected, storing encrypted copies of users passwords on systems do not always have the same physical protection required for domain controllers. If a system is attacked, the unauthorized individual may isolate the password to a domain user account using a password-cracking program, and gain access to the domain.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives> <Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></ SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools>HK</ThirdPa rtyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>ECSC-1</IAControls> Fail: Caching of logon credentials will be limited. : hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\cachedlogonscount (4). Remediation : Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> 'Interactive Logon: Number of previous logons to cache (in case Domain Controller is not available)' to '2' logons or less. Anonymous shares are not restricted Anonymous shares are not restricted Rules Anonymous shares are not restricted Rules 11/26/2014 3:32:37 PM 3 U_Windows_2008_R2 MS_V1R14 STIG Benchmark NNT.xml 6 Anonymous enumeration of shares will be restricted. Description: <VulnDiscussion>This is a Category 1 finding because it allows anonymous logon users (null session connections) to list all account names and enumerate all shared resources, thus providing a map of potential points to attack the system. By default, Windows allows anonymous users to list account names and enumerate share names.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives> <Documentable>true</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></ SeverityOverrideGuidance><PotentialImpacts>In a mixed Windows environment, this setting may cause systems with down-level operating systems to fail to authenticate, may prevent their users from changing their passwords, and may cause problems with managing printers and spools. In domains supporting Exchange 2003 servers and versions of Outlook earlier than Outlook 2003, the setting 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' should be set to 'Disabled' on the Domain Controller Group Policy to allow Outlook to anonymously query the global catalog service.</PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationC ontrol><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls>ECSC-1, PRNK-1</IAControls> Pass: Rule passed : hkey_local_machine\system\currentcontrolset\control\lsa\restrictanonymous (1). Bad Logon Attempts Bad Logon Attempts Rules Bad Logon Attempts Rules 7 The number of allowed bad-logon attempts will meet minimum requirements. Description: <VulnDiscussion>The account lockout feature, when enabled, prevents brute-force password attacks on the system. The higher this value is, the less effective the account lockout feature will be in protecting the local system. The number of bad logon attempts should be reasonably small to minimize the possibility of a successful password attack, while allowing for honest errors made during a normal user logon.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives>< Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></S everityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools>HK</ThirdPart yTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><IAControls>ECLO-1, ECLO-2</IAControls> Fail: The number of allowed bad-logon attempts will meet minimum
Load more

Recommended publications
  • Using Remote Desktop Services with Ifix 1
    Proficy iFIX 6.5 Using Remote Desktop Services GE Digital Proficy Historian and Operations Hub: Data Analysis in Context 1 Proprietary Notice The information contained in this publication is believed to be accurate and reliable. However, General Electric Company assumes no responsibilities for any errors, omissions or inaccuracies. Information contained in the publication is subject to change without notice. No part of this publication may be reproduced in any form, or stored in a database or retrieval system, or transmitted or distributed in any form by any means, electronic, mechanical photocopying, recording or otherwise, without the prior written permission of General Electric Company. Information contained herein is subject to change without notice. © 2021, General Electric Company. All rights reserved. Trademark Notices GE, the GE Monogram, and Predix are either registered trademarks or trademarks of General Electric Company. Microsoft® is a registered trademark of Microsoft Corporation, in the United States and/or other countries. All other trademarks are the property of their respective owners. We want to hear from you. If you have any comments, questions, or suggestions about our documentation, send them to the following email address: [email protected] Table of Contents Using Remote Desktop Services with iFIX 1 Reference Documents 1 Introduction to Remote Desktop Services 2 Using iClientTS 2 Understanding the iFIX and Remote Desktop Services 3 File System Support 5 Where to Find More Information on Remote Desktop Services 5 Getting
    [Show full text]
  • Run-Commands-Windows-10.Pdf
    Run Commands Windows 10 by Bettertechtips.com Command Action Command Action documents Open Documents Folder devicepairingwizard Device Pairing Wizard videos Open Videos Folder msdt Diagnostics Troubleshooting Wizard downloads Open Downloads Folder tabcal Digitizer Calibration Tool favorites Open Favorites Folder dxdiag DirectX Diagnostic Tool recent Open Recent Folder cleanmgr Disk Cleanup pictures Open Pictures Folder dfrgui Optimie Drive devicepairingwizard Add a new Device diskmgmt.msc Disk Management winver About Windows dialog dpiscaling Display Setting hdwwiz Add Hardware Wizard dccw Display Color Calibration netplwiz User Accounts verifier Driver Verifier Manager azman.msc Authorization Manager utilman Ease of Access Center sdclt Backup and Restore rekeywiz Encryption File System Wizard fsquirt fsquirt eventvwr.msc Event Viewer calc Calculator fxscover Fax Cover Page Editor certmgr.msc Certificates sigverif File Signature Verification systempropertiesperformance Performance Options joy.cpl Game Controllers printui Printer User Interface iexpress IExpress Wizard charmap Character Map iexplore Internet Explorer cttune ClearType text Tuner inetcpl.cpl Internet Properties colorcpl Color Management iscsicpl iSCSI Initiator Configuration Tool cmd Command Prompt lpksetup Language Pack Installer comexp.msc Component Services gpedit.msc Local Group Policy Editor compmgmt.msc Computer Management secpol.msc Local Security Policy: displayswitch Connect to a Projector lusrmgr.msc Local Users and Groups control Control Panel magnify Magnifier
    [Show full text]
  • Guidelines for Designing Embedded Systems with Windows 10 Iot Enterprise
    Guidelines for Designing Embedded Systems with Windows 10 IoT Enterprise Version 2.0 Published July 15, 2016 Guidelines for designing embedded systems 1 CONFIDENTIAL Contents Overview .................................................................................................................................................................................................... 4 Building a task-specific experience ............................................................................................................................................ 4 General Group Policy settings ....................................................................................................................................................... 4 Application control ................................................................................................................................................................................ 5 Application boot options ................................................................................................................................................................. 5 Auto-boot Universal Windows apps ...................................................................................................................................... 5 Auto-boot Classic Windows apps ........................................................................................................................................... 5 Limit application access with AppLocker ...............................................................................................................................
    [Show full text]
  • Using a Remote Desktop Connection with Filemaker Pro 12 © 2007–2012 Filemaker, Inc
    FileMaker® Pro 12 Using a Remote Desktop Connection with FileMaker Pro 12 © 2007–2012 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker and Bento are trademarks of FileMaker, Inc. registered in the U.S. and other countries. The file folder logo and the Bento logo are trademarks of FileMaker, Inc. All other trademarks are the property of their respective owners. FileMaker documentation is copyrighted. You are not authorized to make additional copies or distribute this documentation without written permission from FileMaker. You may use this documentation solely with a valid licensed copy of FileMaker software. All persons, companies, email addresses, and URLs listed in the examples are purely fictitious and any resemblance to existing persons, companies, email addresses, or URLs is purely coincidental. Credits are listed in the Acknowledgements documents provided with this software. Mention of third-party products and URLs is for informational purposes only and constitutes neither an endorsement nor a recommendation. FileMaker, Inc. assumes no responsibility with regard to the performance of these products. For more information, visit our website at http://www.filemaker.com. Edition: 01 Contents Chapter 1 Introduction to Remote Desktop Services and Citrix XenApp 4 About Remote Desktop Services 4 Remote Desktop Services server 4 Remote Desktop Services client (Remote Desktop Connection) 4 Remote Desktop Protocol (RDP) 4 Benefits of using Remote Desktop Services 4 System
    [Show full text]
  • Using Windows Media Player Version 12 (Windows 7) from the Media Player Help System John Lortz ([email protected]) – Discoverskills (
    Using Windows Media Player Version 12 (Windows 7) From the Media Player Help System John Lortz ([email protected]) – DiscoverSkills (www.DiscoverSkills.com) You can use Windows Media Player to find and play digital media files on your computer or network, play CDs and DVDs, and stream media from the Internet. You can also rip music from audio CDs, burn CDs of your favorite music, sync media files to portable device, and find and purchase content on the Internet through online stores. Getting started with Windows Media Player Windows Media Player provides an intuitive, easy-to-use interface to play digital media files, organize your digital media collection, burn CDs of your favorite music, rip music from CDs, sync digital media files to a portable device, and shop for digital media content from online stores. Start Windows Media Player To start Windows Media Player, click the Start button , click All Programs, and then click Windows Media Player. Two ways to enjoy your media: the Player Library and Now Playing mode Windows Media Player allows you to toggle between two modes: the Player Library, which gives you comprehensive control over the Player's many features; and Now Playing mode, which gives you a simplified view of your media that's ideal for playback. From the Player Library, you can go to Now Playing mode by clicking the Switch to Now Playing button in the lower- right corner of the Player. To return to the Player Library, click the Switch to Library button in the upper-right corner of the Player. Player Library In the Player Library, you can access and organize your digital media collection.
    [Show full text]
  • Credssp Required by Server – Solutions
    CredSSP required by server – Solutions https://www.syskit.com/blog/credssp-required-b... PRODUCTS COMPANY PARTNERS CUSTOMERS SUPPORT Home > Blog > SysKit Monitor > CredSSP required by server – Solutions CredSSP required by server – Solutions Published: May 16, 2017 Published in: SysKit Monitor Author: Silvio Rahle Failed to connect, CredSSP required by server is an error line returned when trying to connect remotely to a Windows machine using RDP version 6 or newer with the Rdesktop client. It represents a frequent problem for Windows and Linux administrators alike. Rdesktop client is UNIX based client software for Microsoft’s Remote Desktop Protocol. It is commonly used on ReactOS and Linux installations to connect to Windows machines running Remote Desktop Services, which often leads to the CredSSP required by server error. Why does it happen? All Windows clients have a credential cache used for authentication against services in a network called NTLM or Windows NT LAN Manager. RDP supports SSO (single sign-on) authentication enabling a user to log in with a single ID and password to gain access to a connected system. However, Linux clients do not support this type of authentication and they require that credentials are provided, either via a Rdesktop command line or via a login window when initiating the remote session. Linux has Kerberos, which is an authentication mechanism for requesting access to 1 of 5 9/26/17, 9:38 PM CredSSP required by server – Solutions https://www.syskit.com/blog/credssp-required-b... PRODUCTS COMPANY PARTNERS CUSTOMERS SUPPORT Granting Ticket), which is used to access other services, such as RDP.
    [Show full text]
  • Windows Poster 20-12-2013 V3
    Microsoft® Discover the Open Specifications technical documents you need for your interoperability solutions. To obtain these technical documents, go to the Open Specifications Interactive Tiles: open specifications poster © 2012-2014 Microsoft Corporation. All rights reserved. http://msdn.microsoft.com/openspecifications/jj128107 Component Object Model (COM+) Technical Documentation Technical Documentation Presentation Layer Services Technical Documentation Component Object Model Plus (COM+) Event System Protocol Active Directory Protocols Overview Open Data Protocol (OData) Transport Layer Security (TLS) Profile Windows System Overview Component Object Model Plus (COM+) Protocol Active Directory Lightweight Directory Services Schema WCF-Based Encrypted Server Administration and Notification Protocol Session Layer Services Windows Protocols Overview Component Object Model Plus (COM+) Queued Components Protocol Active Directory Schema Attributes A-L Distributed Component Object Model (DCOM) Remote Protocol Windows Overview Application Component Object Model Plus (COM+) Remote Administration Protocol Directory Active Directory Schema Attributes M General HomeGroup Protocol Supplemental Shared Abstract Data Model Elements Component Object Model Plus (COM+) Tracker Service Protocol Active Directory Schema Attributes N-Z Peer Name Resolution Protocol (PNRP) Version 4.0 Windows Data Types Services General Application Services Services Active Directory Schema Classes Services Peer-to-Peer Graphing Protocol Documents Windows Error Codes ASP.NET
    [Show full text]
  • Copyrighted Material
    Index Numerics Address Resolution Protocol (ARP), 1052–1053 admin password, SOHO network, 16-bit Windows applications, 771–776, 985, 1011–1012 900, 902 Administrative Tools window, 1081–1083, 32-bit (x86) architecture, 124, 562, 769 1175–1176 64-bit (x64) architecture, 124, 562, 770–771 administrative tools, Windows, 610 administrator account, 1169–1170 A Administrators group, 1171 ADSL (Asynchronous Digital Subscriber Absolute Software LoJack feature, 206 Line), 1120 AC (alternating current), 40 Advanced Attributes window, NTFS AC adapters, 311–312, 461, 468–469 partitions, 692 Accelerated Graphics Port (AGP), 58 Advanced Computing Environment (ACE) accelerated video cards (graphics initiative, 724 accelerator cards), 388 Advanced Confi guration and Power access points, wireless, 996, 1121 Interface (ACPI) standard, 465 access time, hard drive, 226 Advanced Graphics Port (AGP) card, access tokens, 1146–1147 391–392 Account Operators group, 1172 Advanced Graphics Port (AGP) port, 105 ACE (Advanced Computing Environment) Advanced Host Controller Interface (AHCI), initiative, 724 212–213 ACPI (Advanced Confi guration and Power Advanced Micro Devices (AMD), 141–144 Interface) standard, 465 Advanced Packaging Tool (APT), 572 Action Center, 1191–1192 Advanced Power Management (APM) Active Directory Database, 1145–1146, 1183 standard, 465 active heat sink, 150 Advanced Programmable Interrupt active matrix display, LCD (thin-fi lm Controller (APIC), 374 transistor (TFT) display), 470 Advanced RISC Computing Specifi cation active partition, 267,
    [Show full text]
  • Licensing Windows Server 2012 R2 Remote Desktop Services
    V olume Licensing brief Licensing Windows Server 2012 R2 Remote Desktop Services This brief applies to all Microsoft Volume Licensing programs. Table of Contents Summary .................................................................................................................................................................................................. 1 What's New in This Brief .................................................................................................................................................................... 1 Details ........................................................................................................................................................................................................ 1 RDS Technologies Requiring RDS CALs ................................................................................................................................ 1 Available RDS CALs ....................................................................................................................................................................... 2 Frequently Asked Questions ............................................................................................................................................................ 2 Summary This licensing brief helps to clarify Microsoft licensing policies for Windows Server Remote Desktop Services (RDS), including the new components that are in Windows Server 2012 R2. What's New in This Brief This brief replaces a previous version
    [Show full text]
  • Security Advisory MTIS20-010 - Page 1 of 19 UNDER ANALYSIS: Firewall Enterprise
    NEW THREAT OVERVIEW | PREVIOUS THREATS UPDATES | THREAT DETAILS EXECUTIVE SUMMARY March 10, 2020 | MTIS20-010 Since the last McAfee® Labs Security Advisory (February 12), the following noteworthy event has taken place: Patches are available for multiple Microsoft security vulnerabilities NEW THREAT OVERVIEW (MSPT-Mar2020) Microsoft IIS Server improperly handles Malformed Request Headers Privilege Escalation (CVE- 2020-0645) MTIS20-010-A IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Windows .LNK file Remote Code Execution (CVE-2020-0684) MTIS20-010-B IMPORTANCE: High COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft DirectX improperly handles Objects in Memory Privilege Escalation (CVE-2020-0690) MTIS20-010-C IMPORTANCE: Medium COVERED PRODUCTS: DAT | Web Gateway UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Visual Studio improperly handles Pipeline Job Tokens Privilege Escalation (CVE-2020- 0758) MTIS20-010-D IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0762) MTIS20-010-E IMPORTANCE: Medium COVERED PRODUCTS: Security Advisory MTIS20-010 - Page 1 of 19 UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0763) MTIS20-010-F IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall
    [Show full text]
  • Use Your PC for Music
    WINDOWS® GUIDE Use Your PC for Music IN THIS GUIDE Rip and Burn CDs Page 2 Play Music Page 10 Connect an MP3 Player Page 14 Use a Music Service Page 17 What You’ll Need n Windows Media® Player—available as a free download n Recordable or rewritable audio or data CDs n A CD Burner n A Windows Media-enabled media device, such as a Windows Mobile® device or Zune® n A computer running Windows Vista® Windows Guides is a library of easy-to-use guides that show you how to get more from your Windows experience. Share these guides with your friends and family. © 2008 Microsoft. All rights reserved. WINDOWS GUIDE Use Your PC for Music Rip and Burn CDs Nowadays, most of us don’t just own a handful of albums. Music is a way of life. We want to be able to buy, organize and play songs on a whim, and take them with us wherever we go. Well, Windows Media Player takes the work out of building and maintaining a music library, so your only worry is what to listen to first. RIP A CD Ripping, or encoding, your impressive CD library into a digital one with Windows Media Player is quick and simple. There are two things to consider before ripping a CD: n By default, ripped songs are stored as Windows Media Audio (WMA) files. WMA is the best format to use for playing on Windows Media Player, but if for some reason you’d like to choose a different format: 1.
    [Show full text]
  • Vmware Horizon 7 7.13 Setting up Published Desktops and Applications in Horizon Console
    Setting Up Published Desktops and Applications in Horizon Console OCT 2020 VMware Horizon 7 7.13 Setting Up Published Desktops and Applications in Horizon Console You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2018-2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents 1 Setting Up Published Desktops and Applications in Horizon Console 6 2 Introduction to Published Desktops and Applications 7 Farms, RDS Hosts, and Published Desktops and Applications 7 Advantages of Published Desktop Pools 8 Advantages of Application Pools 8 3 Setting Up Remote Desktop Services Hosts 10 Remote Desktop Services Hosts 10 Prepare Windows Server Operating Systems for Remote Desktop Services (RDS) Host Use 12 Install Remote Desktop Services on Windows Server 2008 R2 14 Install Remote Desktop Services on Windows Server 2012, 2012 R2, 2016, or 2019 15 Install Desktop Experience on Windows Server 2008 R2 16 Install Desktop Experience on Windows Server 2012, 2012 R2, 2016, or 2019 16 Restrict Users to a Single Session 17 Install Horizon Agent on a Remote Desktop Services Host 18 Horizon Agent Custom Setup Options for an RDS Host 19 Modify Installed Components with the Horizon Agent Installer 22 Silent Installation Properties for Horizon Agent 23 Printing From a Remote Application Launched Inside a Nested Session 28 Enable Time Zone Redirection for Published Desktop and Application
    [Show full text]