Sun Secure Global Desktop Software Relaease Notes
Sun Secure Global Desktop Software Relaease Notes
Sun Secure Global Desktop Software Relaease Notes
3
Release Notes
These release notes contain important information about Sun Secure Global Desktop Software
version 4.3, including system requirements, new features and enhancements, and known
limitations and problems. Read this document before you install and use this release.
Part Number: 819-6253
Revision History
Version Description
January Microsoft Windows Vista is now supported as a client platform. Additional known
2007 issues.
December
Additional known issue with SecurID authentication.
2006
November Added details of smart card support, additional known bugs and corrections to the
2006 documentation.
November
Additional known bugs and list of bug fixes.
2006
October
Additional known bugs and updated support for Certificate Authorities.
2006
September
First released version of release notes.
2006
June 2006 Beta release.
Contents
System Requirements
New Features in This Release
Changes in This Release
Fixes in This Release
End-Of-Support Statements
Known Bugs and Issues
Documentation Issues
System Requirements
This section describes the system requirements for Sun Secure Global Desktop Software 4.3. It
has the following sections:
Hardware Requirements
Installation Platforms
Operating System Modifications
Web Server Requirements
Network Requirements
Supported Protocols
Security Support
Proxy Server Support
Supported Authentication Mechanisms
Supported Applications
Requirements for the Sun Secure Global Desktop Enhancement Module
Printing Support
Smart Card Support
Platform Support for the Secure Global Desktop Client
Platform Support for the Classic Webtop
Hardware Requirements
Use the following hardware requirements as a guide and not as an exact sizing tool. For detailed
help with hardware requirements, contact a Sun Secure Global Desktop Software sales office.
The requirements for a server hosting Secure Global Desktop can be calculated based on the
total of the following:
What is needed to install and run Secure Global Desktop.
What is needed for each user who logs in to Secure Global Desktop on the server and runs
applications.
The following are the requirements for installing and running Secure Global Desktop:
256MB free disk space, plus another 300MB at install time
256MB RAM
1GHz processor
Network Interface Card (NIC)
Note This is in addition to what is required for the operating system itself and assumes the server
will be used only for Secure Global Desktop.
The following are the requirements to support users who log in to Secure Global Desktop and
run applications. The actual CPU and memory requirements can vary significantly depending on
the applications used:
20MB for each user.
On SPARC® platforms, 15MHz for each user.
On x86 platforms, 20MHz for each user.
Installation Platforms
The following are the supported installation platforms for Sun Secure Global Desktop Software
4.3:
Operating System Supported Versions
Solaris™ Operating System (Solaris OS) on SPARC platforms 8, 9, 10
Solaris OS on x86 platforms 10
Red Hat Enterprise Linux (Intel x86 32-bit) 3, 4
Fedora Linux (Intel x86 32-bit) Core 5
SUSE Linux Enterprise Server (Intel x86 32-bit) 9, 10
You may have to make some operating system modifications.
Network Requirements
You must configure your network for use with Secure Global Desktop:
Hosts must have DNS entries that can be resolved by all clients.
DNS lookups and reverse lookups for a host must always succeed.
All client devices must use DNS.
Client devices must be able to make TCP/IP connections to Secure Global Desktop on the
following ports:
80/tcp for HTTP connections between client devices and the Secure Global Desktop
Web Server. The port number may vary depending on the port selected on
installation.
443/tcp for accessing an HTTPS web server.
3144/tcp for standard (unencrypted) connections between client devices and Secure
Global Desktop.
5307/tcp for SSL-based connections between client devices and Secure Global
Desktop.
To be able to run applications, Secure Global Desktop must be able to make TCP/IP
connections to application servers. The ports you need to open depend on the types of
application you are using, for example:
22/tcp for X and character applications using SSH.
23/tcp for Windows, X and character applications using telnet.
3389/tcp for Windows applications configured to use Windows Terminal Services.
6010/tcp and above for X applications
The Secure Global Desktop Administration Guide has detailed information about the ports used
by Secure Global Desktop and how to use Secure Global Desktop with firewalls.
Supported Protocols
Secure Global Desktop supports the following protocols:
Microsoft Remote Desktop Protocol (RDP) version 5.2
Hypertext Transfer Protocol (HTTP)
HTTP over Secure Sockets Layer (HTTPS)
Secure Shell (SSH) version 2 or later
Citrix Independent Computing Architecture (ICA)
Telnet VT, American National Standards Institute (ANSI)
TN3270E
TN5250
Security Support
Secure Global Desktop supports secure connections from clients using the following protocols:
Secure Socket Layer (SSL) version 3.0
Transport Layer Security (TLS) version 1.0
The following encryption cipher suites are supported:
RSA_WITH_AES_256_CBC_SHA
RSA_WITH_AES_128_CBC_SHA
RSA_WITH_3DES_EDE_CBC_SHA
RSA_WITH_RC4_128_SHA
RSA_WITH_RC4_128_MD5
RSA_WITH_DES_CBC_SHA
Note the Java technology client does not support any AES cipher suites.
Secure Global Desktop supports Base 64-encoded PEM-format X.509 certificates that have been
signed with any of the following Certificate Authority (CA) certificates (root certificates):
Baltimore CyberTrust Code Signing Root
Baltimore CyberTrust Root
Entrust.net CA
Entrust.net Client CA 1
Entrust.net Client CA 2
Entrust.net Server CA 1
Entrust.net Server CA 2
Equifax Secure CA
Equifax Secure eBusiness CA 1
Equifax Secure eBusiness CA 2
Equifax Secure Global eBusiness CA
GeoTrust Global CA
The Go Daddy Group, Inc. Class 2 CA
GTE CyberTrust Root
GTE CyberTrust Global Root
GTE CyberTrust Root 5
Starfield Technologies, Inc. Class 2 CA
Thawte Personal Basic CA
Thawte Personal Freemail CA
Thawte Personal Premium CA
Thawte Premium CA
Thawte Server CA
http://www.valicert.com
VeriSign Class 1 Public Primary CA - G1
VeriSign Class 1 Public Primary CA - G2
VeriSign Class 1 Public Primary CA - G3
VeriSign Class 2 Public Primary CA - G1
VeriSign Class 2 Public Primary CA - G2
VeriSign Class 2 Public Primary CA - G3
VeriSign Class 3 Public Primary CA - G1
VeriSign Class 3 Public Primary CA - G2
VeriSign Class 3 Public Primary CA - G3
VeriSign Class 4 Public Primary CA - G2
VeriSign Class 4 Public Primary CA - G3
VeriSign/RSA Secure Server
Additional certificate types can be supported by installing the CA's certificate (the root
certificate) for that CA.
Supported Applications
You can use Secure Global Desktop to access the following types of applications:
Microsoft Windows
Character applications running on Solaris OS, Linux, HP-UX and AIX
X applications running on Solaris OS, Linux, HP-UX and AIX
IBM mainframe and AS/400
Web applications (using HTML and Java technology)
Printing Support
Secure Global Desktop supports printing to PostScript, PCL and text only printers attached to the
user's client device.
The Secure Global Desktop tta_print_converter script performs any conversion needed to
format print jobs correctly for the client printer. To convert from Postscript to PCL, Ghostscript
must be installed on the Secure Global Desktop server.
To support Secure Global Desktop PDF printing, Ghostscript version 6.52 or later must installed
on the Secure Global Desktop server. The Ghostscript distribution must include the ps2pdf
program.
Secure Global Desktop supports printing with the Common Unix Printing System (CUPS).
CUPS version 1.1.19 or later must be installed on the Secure Global Desktop server. Additional
configuration is required.
When printing from a windows application that uses the Microsoft RDP protocol, Secure Global
Desktop supports the printers supported by Windows 2000/2003. See the Windows Printer
Driver Support page for details of supported printers.
New X Server
This release includes a new X server, based on X11R6.8.2. The new X server delivered
significant speed and bandwidth use improvements in benchmark tests when compared to
version 4.2.
The updated server supports the following X extensions:
BIG-REQUESTS
BLINK
DAMAGE
DEC-XTRAP
DOUBLE-BUFFER
Extended-Visual-Information
GLX
MIT-SCREEN-SAVER
MIT-SHM
MIT-SUNDRY-NONSTANDARD
NATIVE-WND
RDP
RECORD
RENDER
SCO-MISC
SECURITY
SGI-GLX
SHAPE
SYNC
TOG-CUP
X-Resource
XC-APPGROUP
XC-MISC
XFIXES
XFree86-Bigfont
XTEST
XTTDEV
The new X server also includes support for some additional X fonts. The Speedo font is no
longer available.
New Enable X Security Extension Attribute
X application objects have a new attribute, Enable X Security Extension (--
securityextension), which allows you to enable the X Security Extension for an application.
If you need to run an X application from a host that may not be secure, you should enable the X
Security Extension and run the application in untrusted mode. This restricts the operations that
the X application can perform in the X server and protects the display. X security only works
with versions of SSH that support the -Y option. For OpenSSH, this is version 3.8 or later.
Administration Guide Reading
What X fonts are installed?
Enable X Security Extension (--securityextension)
Installing and using SSH with Secure Global Desktop
Support for Connections to the Console Session with Windows Server 2003
Terminal Services
The Secure Global Desktop Terminal Services Client (ttatsc) now supports an additional
-console option which allows you to connect to the console session with Windows Server 2003
Terminal Services.
You can specify this option with the Protocol Arguments (--protoargs) attribute on the
Windows application object.
Translated Documentation
The following translations of Secure Global Desktop Documentation are available:
Release Administration User
Language Installation Guide
Notes Guide Guide
French Yes Yes No Yes
Japanese Yes Yes Yes Yes
Korean Yes Yes No Yes
Simplified Chinese Yes Yes No Yes
Traditional Chinese Yes Yes No Yes
Not all pages in the Administration Guide have been translated into Japanese.
PDF Printing
As a result of the changes introduced in this release to support PDF printing on UNIX, Linux and
Mac OS X client devices, the Display Adobe Reader Print dialog (--pdfprompt) attribute has
been removed from the Printing properties panel in Array Manager and from the Printing panel
for organization, organizational unit and person objects in Object Manager.
This change means that when users print with the Universal PDF printer on Windows clients, the
print job is automatically sent to the client's default printer. To be able to choose which client
printer the print job is sent to, users must now select the Print to Local PDF File printer.
Licensing
Version 4.2 contained the following changes to licensing:
Activation license keys are no longer required to enable an array.
Named user licensing is no longer available.
Maintenance and Right to upgrade license keys are no longer available.
If you upgrade from an earlier version your existing product license keys will be automatically
converted and your existing Maintenance and Right to upgrade license keys will be deleted.
Administration Tools
Refer
Description
ence
6433
/usr/bin owner is changed to ttasys on startup.
525
Application Launch
Ref
ere Description
nce
635
The Native Client cannot launch a web browser on Solaris
700
OS.
3
635
Native Client shifts up the full-screen webtop on Java
702
Desktop System.
2
639
227 X authorization issue causes launch failure.
9
640
With optimizelaunch enabled in the unix.exp login script,
194
the expired password handler does not work.
9
640
The filtering script (runsubscript.exp) is not being called
580
during the launch process.
8
641
Error message is displayed when a new browser window
695
application is ended with the 'X' button.
1
641
The authentication dialog returns corrupted data if the
957
password has more than eight characters.
4
642
718 Launch failure when the host is not known to ssh.
9
643
466 Password expiry handling on application launch is broken.
0
644
There should only be one ttacpe process created for each
755
webtop session.
1
645
Launch failure when ssh used over su for an application
537
running on the Secure Global Desktop host.
8
646
# characters in system login banner cause automated launch
480
process to fail.
9
647
017 Add support for SecurID ACE agent for PAM.
3
647
Custom Certificate Authority certificates not recognized and
530
cause a prompt when launching in-place applications
3
647
Root window stays around when logging out of kiosk
618
Gnome session.
0
Audio
Refere
Description
nce
641638 RDP-based audio output stops playing when using a
4 SunRay.
Emulation
Ref
ere Description
nce
638
Edited colormap.txt intermittently ignored when security
153
is enabled.
1
638
Windows Native Client and Citrix ICA X Client: possible
609
key event incompatibility.
1
641
Character terminal session closes unexpectedly when
549
function keys are pressed.
8
641
Scalable windows applications do not toggle when scroll
769
lock pressed on Java Desktop System on Solaris 10 OS.
8
642
635 ttaxpe dies with SIGSEGV
5
642
778 Copy (ctrl+insert) causes X applications to hang.
9
643
Using the Native Client on Solaris OS, kiosk mode does not
327
display correctly.
3
643
Child window sometimes comes up below the parent
543
window using seamless windows.
7
643
548 Windows applications performance in 4.3.
9
643
Segmentation fault in the ttaxpe when running the HP
552
monitoring tool.
7
644
Windows Logo keys do not work in a Terminal Services
546
session.
7
644
646 Problems with the French locale and keymap.
9
646
736 Letter repeated twice in Remote Desktop Protocol session.
8
647
Timezone redirection fails to set correct time during
139
daylight savings. Time always out by one hour.
5
647 ESC-NumLock does not work as expected from Solaris OS
295
client/SunRay.
9
Licensing
Refere
Description
nce
646641 Secure LDAP does not work without security licenses
5 installed.
Other
Ref Description
ere
nce
637
Authentication fails with ActivCard - Cyberflex 64k Smart
560
Card (also bug ref 607218).
0
638
474 Able to read .cgi files via web browser.
6
639
A large number of users logging in in quick succession
012
hangs the Secure Global Desktop server.
6
639 New browser window gets launched when new browser
362 windows applications are launched with the CTRL key
3 pressed.
640
Secure Global Desktop Server exits with error code 129,
785
signal 0.
5
640
New blank browser window opens on exiting the application
815
opened in new browser window mode.
9
640
Secure Global Desktop Enhancement Module for Intel
911
Solaris appears to fail.
7
641
Using telnet to connect to localhost port 1023 causes the
016
Protocol Engine Manager to use 100% CPU.
1
641 Client window manager applications display Minimize and
896 Maximize buttons that are not present in original
5 application.
643
Secure Global Desktop Apache includes development
024
private paths and configurations.
3
643
Unable to copy paste to and from a WCP IWM session from
039
the classic webtop.
6
643
Setting keepalive to 0 causes keepalives to be sent
615
continuously.
5
644
214 Quitting Gnome session causes ttaxpe to use 100% CPU.
2
644
Secure Global Desktop Web Server starts but remains
627
attached to the console.
1
Printing
Ref
ere Description
nce
637
Printer properties (such as paper size) do not appear to be
622
stored between RDP sessions.
1
640
Driver name duplicated if printing is configured at OU and
629
user level.
2
642 Windows Native Client detects
128 DEFAULT_PRINTER_UNKNOWN when there is no
3 printer configured on the client device.
642
Login delay induced by inaccessible network printer
785
attached to client device.
2
Security
Refe
renc Description
e
6419 LDAP searches of Active Directory contacts AD servers in
520 other regions for information.
6446 The prompt for password change does not appear after a
338 password has expired.
6446 Cannot create an array after enabling SSL connections
437 between array members.
6457 Validate user input to the login box to prevent cross-site
984 scripting attacks.
6468
ttassl daemon core dumps due to sigsegv, signal 11.
699
6469
Apply OpenSSL security patch secadv_20060905.txt
123
6476
Apply OpenSSL security patch secadv_20060928.txt
728
6478
Cascading Stylesheets vulnerability.
735
Server
Refe
renc Description
e
637
tarantella status command report is incorrect when
974
SSL connections between array members is enabled.
3
639
Array problems when one of the array members is not
236
contactable.
5
639
Cannot successfully promote a secondary server to a
374
primary if the primary server is down.
5
644
Array behavior when joining and detaching members of an
520
array that is licensed.
0
User Authentication
Ref
ere Description
nce
638
If the krb5.conf file has errors, user login hangs and the
341
server continuously writes exceptions to jserver.log.
7
640
Ambiguous login is not allowed if invalid credentials were
012
provided the first time.
3
641
Active Directory authentication fails silently if one tree of a
570
forest is not configured in the krb5.conf file.
9
643
Windows Native Client does not display an error message if
968
an Active Directory password change fails.
8
645
426 Expect script updated for German Solaris OS applications.
1
646
Oberthur AuthentIC card not recognized when using Secure
026
Global Desktop (fixed for Windows Clients only).
3
646
Active Directory PKI infrastructure does not failover to the
556
next global catalog server.
9
647
187 SecurID login authority issues.
7
Web Services
Ref
ere Description
nce
639
Anonymous users can create and edit webtop groups. This
126
info will be stored on disk and not cleaned up.
2
642
Secure Global Desktop Web Server exposes too much
718
information.
5
End-Of-Support Statements
Customers with a valid support agreement can upgrade to the latest version of Sun Secure Global
Desktop Software free of charge.
The following table lists the end-of-support dates for previous Secure Global Desktop and
Tarantella software products:
Software Product Version Supported Until
Secure Global Desktop Enterprise Edition 4.1 March 31, 2007
Secure Global Desktop Enterprise Edition 4.0 March 31, 2007
Secure Global Desktop Software Appliance 4.0 March 31, 2007
Secure Global Desktop Enterprise Edition 3.42 March 31, 2007
Tarantella Enterprise 3 (including TASP) 3.40 March 31, 2007
602423 - Emulators Cannot Distinguish Between the Return Key and the
Keypad ENTER Key
Problem
Secure Global Desktop X and character emulators cannot distinguish between the Return key
and the keypad ENTER key on the user's client keyboard.
Cause
A known issue.
Solution
By default, the Secure Global Desktop Client and the Native Client map the keypad ENTER key
to Return in both X and character emulator sessions. With additional configuration this behavior
can be changed.
To change the behavior of the keypad ENTER key in a character application session, you need
to set up a keymap for your character application object (--keymap) and add a mapping for
KPENTER, for example:
KPENTER="hello"
To change the behavior of the keypad ENTER key in a Windows/X application session, you
need to modify your X keymap (for example, xuniversal.txt) and add a mapping for the
KP_Enter key, for example:
92 KP_Enter KP_Enter NoSymbol NoSymbol 0x801c
Warning! The X keymap is a global/user resource, so all applications for that user may be
affected by this change. If any of these applications do not handle KP_Enter, then you may need
to consult your X/Windows application vendor for assistance.
Note The Java™ technology clients are unable to distinguish between RETURN and the keypad
ENTER key.
6448990 - Backslash and Yen Keys Produce the Same Character in Windows
Applications
Problem
When using Japanese PC 106 or Sun Type 7 Japanese keyboards with Windows applications
running through Secure Global Desktop, the Yen and Backslash keys produce the same result.
Cause
A known issue with key handling.
Solution
Modify the Xsun keytable or the Xorg keytable on the client device.
For example, change the /usr/openwin/etc/keytables/Japan7.kt file as follows:
...
#137 RN XK_backslash XK_bar XK_prolongedsound
137 RN XK_yen XK_bar XK_prolongedsound
...
#39 RN XK_0 XK_asciitilde XK_kana_WA XK_kana_WO
39 RN XK_0 XK_0 XK_kana_WA XK_kana_WO
...
For example, change the /usr/X11/lib/X11/xkb/symbols/sun/jp file as follows:
...
# key <AE13> { [ backslash, bar ], [ prolongedsound ] };
key <AE13> { [ yen, bar ], [ prolongedsound ] };
...
# key <AE10> { [ 0, asciitilde ], [ kana_WA, kana_WO ] };
key <AE10> { [ 0, 0], [ kana_WA, kana_WO ] };
...
After making these changes, you must restart dtlogin:
/etc/init.d/dtlogin stop
/etc/init.d/dtlogin start
6456278 - Integrated Mode Does Not Work for the Root User on Solaris 10
x86 Platforms
Problem
On Solaris 10 x86 platforms, enabling Integrated mode when you are logged in as root does not
add applications to the desktop Start Menu. You may also see the following warning:
gnome-vfs-modules-WARNING **: Error writing vfolder configuration file
"//.gnome2/vfolders/applications.vfolder-info": File not found.
Cause
A known issue with the Gnome Virtual File System (VFS).
Solution
There is currently no solution.
pkill main-menu
pkill application-browser
6458548 - Renamed Start Menu Entries for the Sun Secure Global Desktop
Client Are Not Honored
Problem
When configured to operate in Integrated mode, the Sun Secure Global Desktop Client creates
entries in the desktop Start Menu. It is possible to rename these entries, but the changes are not
honored by the Client.
Cause
Renaming Start Menu entries is not supported.
Solution
Do not rename the Secure Global Desktop Start Menu entries.
6461864 - Integrated Client Does Not Work as Expected With the Gnome
Desktop on SUSE Linux Enterprise Server 9
Problem
After enabling the Automatic Client Login or the Add Applications to Start Menu options in
your profile, the Secure Global Desktop Client does not start automatically when you log in to
the Gnome Desktop and/or the Start Menu is not updated with webtop content when you log in
to Secure Global Desktop.
Cause
A known bug with Gnome Desktop on SUSE Linux Enterprise Server 9. The directories
containing the .menu files are not monitored and so changes to the Start Menu are not detected.
Solution
The workaround is run the following command to restart the gnome-panel and pick up new menu
information:
pkill gnome-panel
Note you must run this command to update the menu each time the menu changes.
6463946 and 6463949 - Many Keys Do Not Work For Japanese Users in
Applications That Display in a Web Browser Window
Problem
Japanese users working with applications that are configured to display on the webtop or in a
new browser window find that many keys do not work. Problems have been noticed with the
Windows key, the Applications key, and the Katakana, Zenkaku_Hankaku, Hiragana and
Muhenkan keys.
Cause
Applications configured to display on the webtop or in a new browser window, use the classic
Java technology client. This client has not been internationalized or localized.
Solution
Change the application's Display Using attribute so that the application displays in either a kiosk,
an independent or a seamless window.
6466958 - You Cannot Use Shift + Click or Control + Click With the
Integrated Client
Problem
Secure Global Desktop allows users to change the way an application is displayed by holding
down the Control key when clicking the link to start an application. Holding down the Shift key
allows users to start an application as a different user. Neither of these options work when
clicking links in the desktop Start Menu (Integrated Client).
Cause
This functionality is not yet available to the Integrated Client.
Solution
To use this functionality, you must start the application from a webtop. To display a webtop,
click the Webtop link in the Start Menu.
6468173 - Using Secure Global Desktop on SunRays Causes the Wait Cursor
to Always Display
Problem
When accessing Secure Global Desktop from a SunRay, the cursor shape changes to the wait
cursor and does not change back again.
Cause
A known issue.
Solution
The workaround is to set an environment variable TTA_GNOME_VERSION that contains the version
of Gnome you are using. For example add the following lines to your .profile
TTA_GNOME_VERSION=2.6.0
export TTA_GNOME_VERSION
6470197 - Compiling Your Own Apache Modules for Use With the Secure
Global Desktop Web Server Fails
Problem
When you compile your own Apache modules for use with the Secure Global Desktop Web
Server, the compilation fails because of a missing egcc compiler.
Cause
The configuration file for the Apache eXtenSion tool (apxs) that is used to build extension
modules for the Secure Global Desktop Web Server uses the egcc compiler and this may not be
available on your system.
Solution
Either modify the apxs configuration file
(/opt/tarantella/webserver/apache/version/bin/apxs) to use a compiler that is available
on your system or create a symlink for egcc that links to the compiler on your system.
6476194 - Shortcuts for the Integrated Client do not Display on the KDE
Desktop Menu on SUSE Linux Enterprise Server 10
Problem
Shortcuts for the Integrated Client do not display on the KDE Desktop Menu on SUSE Linux
Enterprise Server 10.
Cause
SUSE-specific configuration of the KDE menu system means that if a menu contains only one
application entry, then that single application is used in the main menu instead of the menu. If
menu entry is a sub-menu, the sub-menu does not display at all. This causes the Integrated Client
Login menu not to display.
Solution
The workaround is to add the following line to the [menus] section of
$HOME/.kde/share/config/kickerrc:
ReduceMenuDepth=false
Then run the following command for the KDE panel to immediately pick up the changes:
dcop kicker kicker restart
All subsequent KDE sessions will automatically use this setting.
6476661- Integrated Client Does Not Work as Expected With the Gnome
Desktop on Red Hat Enterprise Linux 4
Problem
After enabling the Automatic Client Login or the Add Applications to Start Menu options in
your profile, the Secure Global Desktop Client does not start automatically when you log in to
the Gnome Desktop and/or the Start Menu is not updated with webtop content when you log in
to Secure Global Desktop.
Cause
A known bug with Gnome Desktop on Red Hat Enterprise Linux 4
(https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=151887). The directories containing the
.menu files are not monitored and so changes to the Start Menu are not detected.
Solution
The workaround is run the following command to restart the gnome-panel and pick up new menu
information:
pkill gnome-panel
Note you must run this command to update the menu each time the menu changes.
6477187 - Client Drive Mapping Fails if the Client for Microsoft Networks Is
Not Enabled on a Microsoft Windows Application Server
Problem
Client drive mapping fails if the Client for Microsoft Networks is not enabled on a Microsoft
Windows application server.
Cause
The Client for Microsoft Networks must be enabled to allow remote access to files and folders.
Solution
Enable the Client for Microsoft Networks, as follows:
1. In Control Panel, double-click Network Connections.
2. Right-mouse click on the network card and select Properties.
3. On the General tab, check the box next to Client for Microsoft Networks.
4. Click OK.
6477549 - Integrated Client Does Not Work as Expected With the Gnome
Desktop on Red Hat Enterprise Linux 3
Problem
After enabling the Add Applications to Start Menu option in your profile, the Start Menu is not
updated with webtop content when you log in to Secure Global Desktop.
Starting the Secure Global Desktop Client from the command line may also result in the
following error:
-----------------------------------------------
process:5281): GLib-CRITICAL **: file gtree.c: line 261
(g_tree_destroy): assertion `tree != NULL' failed
----------------------------------------------
Cause
Red Hat Enterprise Linux 3 has menu editing disabled by default and so the Gnome Start Menu
is not updated.
The error message is not critical.
Solution
Enable menu editing for the Gnome Desktop, as follows:
1. Log in as root.
2. Change directory to the /etc/gnome-vfs-2.0/modules directory.
3. Move the default-modules.conf file as follows:
mv default-modules.conf default-modules.conf.without-menu-editing
4. Copy the default-modules.conf.with-menu-editing file as follows:
cp default-modules.conf.with-menu-editing default-modules.conf
Users must log out of the Gnome Desktop and log back in again for the change to take effect.
6482912 - Secure Global Desktop Client Will Not Install Automatically Using
Internet Explorer 7 With Microsoft Windows Vista
Problem
Using Internet Explorer 7 on Microsoft Windows Vista platforms, the Secure Global Desktop
Client cannot be automatically downloaded and installed. The Client can be installed manually
and it can be installed automatically using another browser, such as Firefox.
Cause
Internet Explorer has a Protected Mode that prevents the Client downloading and installing
automatically.
Solution
Add the Secure Global Desktop server to the list of Trusted Sites list in Internet Explorer's
Security Settings.
6486551 - Fewest Application Sessions Load Balancing Does Not Detect When
a Server Is Unavailable
Problem
The Fewest application sessions method of load balancing applications does not detect when an
application server is unavailable to launch applications. The result is that Secure Global Desktop
tries to launch an application on a server that is not available and it does not fail over to the next
available host.
Cause
A known issue.
Solution
This problem will be fixed in a future release of Secure Global Desktop.
The workaround is to edit the host object in Object manager and uncheck the Available to launch
applications box (--available false). This removes the host from the list of servers that can
run applications.
List of Applications in the Desktop Start Menu Are Not Sorted Alphabetically
Problem
When using Integrated mode on Microsoft Windows client devices, users may notice that the
Start Menu entries are not sorted alphabetically.
Cause
This is caused by a Windows feature that adds new items to end of a menu rather than preserving
the alphabetical sorting.
Solution
See Microsoft KB article 177482 for details.
Start Menu Entries Do Not Display on Sun Java Desktop
Problem
On Sun Java Desktop Systems, users may find that Start Menus entries are not created for Secure
Global Desktop when they enable Integrated mode. The Start menu entries are added when they
log out of their desktop and log in again.
Cause
A known issue with the Gnome panel.
Solution
The solution is to install the following patches:
119906-05 for Solaris OS on SPARC platforms
119907-05 for Solaris OS on x86 platforms
The workaround is to log out of the desktop and log in again.
Documentation Issues
The following are the known documentation issues with this release:
Correction to the Integrated Client Documentation
Instructions for Relocating the Webtop to Another Host Do Not Work for the Integrated
Client
Correction to Supported Versions of SecurID
Correction to Instructions for Securing Connections to Microsoft Active Directory
tarantella license query command
Multiple External DNS Names and Server Certificates
Copy and Paste Documentation
Instructions for Relocating the Webtop to Another Host Do Not Work for the
Integrated Client
The page Relocating the browser-based webtop to your own JSP container contains instructions
for moving the webtop to another host.
These instructions are valid if you want to work in Webtop mode. To use the Integrated Client,
however, you must also copy the Axis web application to the remote host. Copy everything in
the /opt/tarantella/webserver/tomcat/5.0.28_axis1.2/webapps/axis directory to the
remote host.
Note The axis directory contains several symbolic links, ensure these links are followed when
you copy the directory.
Correction to Supported Versions of SecurID
The Secure Global Desktop Administration Guide incorrectly states that the SecurID login
authority works with versions 4 and 5 of the RSA ACE/Server.
This login authority works with versions 4, 5 and 6.