Skip to content

Installing the Connector on RHEL/Rocky Linux

Info: Anyware Manager installation wizard

You can install the Anyware Connector from the Admin Console of the Anyware Manager as a Service. For more information, see "Install an Anyware Connector" in the Anyware Manager SaaS Administrators' Guide.
This option is not available for the Anyware Manager Installable.

You can configure the firewall, setup the system, download and install the Anyware connector on RHEL/Rocky Linux. If you are currently using Connector on Ubuntu, it is important to read and understand the differences Connector on RHEL/Rocky Linux introduced, To find out the side by side comparison, see Difference between Anyware Connector on Ubuntu and RHEL/Rocky Linux.

The following sections outlines how to download and install the Connector on Rocky Linux and RHEL. There are five main steps involved in this process:

  1. Adding the Connector repository
  2. Configuring the SELinux components
  3. Installing the RPM
  4. Generating the Connector Token
  5. Connecting to a Remote Workstation with a PCoIP Client

Prerequisite Steps

For instructions and documentation on the Connector prerequisite steps when installing on RHEL/Rocky Linux, see Connector System Requirements. It is important to read and address all the prerequisites outlined.

Before you begin

If you are currently using the Anyware Connector on Ubuntu, it is important to read and understand what the differences are between the Connector on Ubuntu and Connector on RHEL/Rocky Linux so you can prepare the installation correctly to minimize errors during installation.

For more information, see Difference between Anyware Connector on Ubuntu and RHEL/Rocky Linux.

1. Adding the Connector Repository

The virtual machine you are adding the repo to must have access to the internet. If it doesn't, you cannot download and install the required files.

Checking Existing Repositories for Anyware Connector

If the Anyware Connector was installed previously on your virtual machine, there could be existing repos related to it on your system. Run the command below to check all existing repos related to Anyware Connector (Skip this step if Anyware Connector was never installed on your virtual machine).

dnf repolist teradici-anyware-manager*

Check the current Anyware Connector repo to make sure it is the desired repo that you want to use for installation. If there are unwanted repositories on your VM, see "Repository Management" in the Anyware Manager Installable Administrators' Guide to remove them.

Adding a Repository

  1. To access the scripts and to configure and add the RHEL and Rocky Linux repository, select the Downloads and scripts option from the Anyware Manager support site.

    Download and Scripts

    If you see a login button as such:

    Login to Download

    Click it to log into the site and then proceed.

  2. Accept the End User License Agreement, then click Set Up Repository.

    Set up Repository

  3. The window expands and displays the setup scripts. Copy the curl script to clipboard.

  4. On the machine where you want to install Anyware Connector, run the curl script:

    • RHEL/Rocky 8: 

      curl -1sLf 'https://dl.anyware.hp.com/<token>/anyware-manager/setup.rpm.sh' | sudo -E bash

    • RHEL/Rocky 9: 

      curl -1sLf https://dl.anyware.hp.com/<token>/anyware-manager/cfg/setup/bash.rpm.sh | sudo -E distro=el codename=8 bash

2. Configuring SELinux Policies

The following SELinux policies enable persistent storage and container logging on the Connector. If SELinux policies are not found and the virtual machine is shutdown, the data stored in the Connector is lost.

Once configured, and the installation has verified SELinux, all Connector related data persists when the target machine hosting the Connector is re-booted. To check if selinux is already installed on your system, run the following command:

sudo dnf list installed | grep anyware-manager-selinux

The output from this command notifies if selinux is already running on your system. If it is not, then you need to run the following commands to install the SELinux policies:

  1. Run the following command to install the SELinux policies and set the basic framework for persistent database and Vault:

    sudo dnf install -y selinux-policy-base container-selinux

  2. Run the following command to install a specific version of SELinux that has been tested for K3s:

     sudo dnf install -y https://github.com/k3s-io/k3s-selinux/releases/download/v1.6.stable.1/k3s-selinux-1.6-1.$(grep platform /etc/os-release | sed 's|.*:\(.*\)\"|\1|g').noarch.rpm

  3. Run the following command to install SELinux from the Anyware Manager repo:

    sudo dnf install -y anyware-manager-selinux

3. Installing the Connector RPM

Once you have installed and configured the SELinux policies you must install the Connector RPM and configuration files.

Run the following command to install the Connector RPM, the sample configuration files are generated once the install is done:

sudo dnf install -y anyware-connector

4. Generating a Connector Token

You must generate a Connector token using the Admin Console. The steps outlined below must be performed on the target virtual machine.

You need to create or have created a deployment prior to obtaining a token. For information on how to log into the Admin Console, see "Admin Console Connection" in the Anyware Manager Installable Administrators' Guide. The following section outlines how to obtain a Connector token using the Admin Console:

  1. Click Connectors from the console sidebar.

  2. Click the Generate a token button next to the + ADD CONNECTOR button. Generate Token

  3. In the pop-up form, enter the Connector name. Connector Name

  4. Click the COPY TOKEN button to proceed with the Connector installation. You will see a new row for the specified Connector name added to the Connectors table, marked with a PENDING INSTALL status. Once the installation begins, you can track the progress in the Admin Console.

5. Configuring the Connector-Example Commands

The following section provides example configuration commands for configuring the Connector with Anyware Manager and Anyware Manager as a Service. These example commands use flags, but the same parameters can be configured using the configuration files also.

Configuring the Connector for Anyware Manager

Once you have installed the Connector RPM, and have generated a Connector token from the Anyware Manager installed in your enterprise network, run the following commands to configure the Connector to work with the Anyware Manager in your enterprise network.

The first line for these commands maps the Connector token to a variable in the shell, the ' ' for the string values are not required if there are no special chars in the string.

Minimum Configuration Sample Command for Quick Start

The following command with dummy values configures a Connector with minimum flags to work with the Anyware Manager in your enterprise network. Communications with external integrations such as Anyware clients and Active Directory server are not secure without certificate validation are not secure without certificate validation, this should only be used for testing purpose.

export token=<token from Anyware Manager Admin Console>
/usr/local/bin/anyware-connector configure \
--manager-url 'https://ipv4.Anyware.Manager.Installable' \
--token $token \
--domain 'testlab.internal' \
--accept-policies \
--enable-ad-sync=false \
--ldaps-insecure \

You can use the minimum command for testing or base installation excluding additional configurations. When editing a workstation, you should manually add workstations from the Admin Console and add a user assignment by the user's UPN as the domain users or computers are synced.

!!! Note: The ability to manually add a user assignment by the user's UPN is supported only in Anyware Manager as a Service combined with Anyware Connector RHEL/Rocky Linux 23.06 or later or Ubuntu Connector version 164 or later."

Typical Configuration Sample Command

export token=<token from Anyware Manager admin console>
sudo /usr/local/bin/anyware-connector configure \
--manager-url 'https://ipv4.Anyware.Manager.Installable' \
--token $token \
--domain 'testlab.internal' \
--sa-user 'sampleuser' \
--sa-password 'Passwordstring' \
--ldaps-ca-cert '/home/rocky/DC-Cert.pem' \
--computers-dn 'CN=Computers,DC=testlab,DC=internal' \
--users-dn 'CN=Users,DC=testlab,DC=internal' \
--external-pcoip-ip 'public.ipv4.sg.ip' \
--self-signed \
--accept-policies \
--manager-insecure \
--debug

  • --manager-url Sets the Anyware Manager URL that the Connector will connect to. If this flag is not provided, the connector will connect to Anyware Manager as a Service (https://cas.teradici.com). Required for instances of Anyware Manager Installable.

  • Installable only: The --manager-ca-cert flag provides the PEM-formatted public certificate for the root CA used to sign the Anyware Manager certificate. This flag is required when Anyware Manager Installable is using a custom certificate that is not signed by a public CA. This flag has no effect when connecting to Anyware Manager as a Service.

  • Installable only: The --manager-insecure flag is required if the target Anyware Manager is using self-signed certificates. This flag is not required if Anyware Manager is using trusted TLS certificates signed by a public CA. This flag has no effect when connecting to Anyware Manager as a Service.

  • --external-pcoip-ip: Explicitly sets the public IP for PCoIP Client to PCoIP Agent connection, and is highly recommended as a best practice. If not provided, the installer will attempt to automatically resolve the external IP by reaching out to https://cas.teradici.com. This flag is required if automatic resolution fails, or if the Connector does not have a connection to the public internet.

  • The first time you install a connector in a deployment, use --computers-dn and/or --users-dn flags to sync AD objects to Anyware Manager. Subsequent connectors installed in the same deployment will automatically inherit the configuration from Anyware Manager.

    If these flags are not provided, the AD sync synchronises all objects from the AD to the Anyware Manager.

  • If --self-signed flag is not used, you should use --tls-key and --tls-cert flags to provide the full path and filename of the TLS key and PEM formatted TLS certificate to use.

  • If --ldaps-ca-cert flag is not used, you should use either --ldaps-insecure to skip certificate validation, or --enable-ldap-plaintext for test purposes.

Ensure that you use the options and flags that best suit your system architecture and requirements. If required values are not provided on the command line, you are prompted for them. For additional flags and options, see Installation Flags and Options.

Sample Configuration with OAuth 2.0 and No Active Directory

export token=<token from Anyware Manager Admin Console>
sudo /usr/local/bin/anyware-connector configure \
--token $token \
--accept-policies \
--enable-ad-sync=false \
--enable-ad-authentication=false \
--enable-oauth=true \
--id-provider-url https://www.exampleidp.com \
--oauth-client-id 'oauthclientid'

This configuration allows the Anyware Connector to use Federated Authentication without Active Directory. Workstations can be added in the Admin Console using their IP address or FQDN. Users can be assigned in the User Management tab in each workstation's page using the UPN (user@domain.com).

When connecting using the Anyware client, users will need to provide a username and password once authenticated to the broker. Single Sign-On (SSO) is available as an option for supported agents.

Additional Configurations for the Anyware Connector

Updating the Connector

When updating configurations for Anyware Connector using "Configure" command, it restarts to apply the updated configurations and all the active sessions going through the connector are disconnected. This require users to log in again and reconnect.

Multi-Factor Authentication

When you enable MFA for the Connector for RHEL/Rocky Linux, all PCoIP Clients authenticated through the Connector are prompted to enter MFA credentials. Previously, only the external PCoIP Clients were prompted for MFA information.

Multi-Factor Authentication for the Connector

When installing the Connector you can enable multi-factor authentication (MFA) by running the ‑‑enable‑mfa flag. MFA is disabled by default. If you want MFA to only apply to external connections, you should have separate Connectors. One Connector should be for external connections, where MFA is enabled, and one for internal or direct connections, where MFA is disabled. For steps on how to install the Connector with MFA bypassed for internal connections, see Installing the Connector for Internal Connections. For steps on how to install the external Connector, see Installing the Connector for External Connections.

Ensure that you use the options and flags that best suit your system architecture and requirements. If required values are not provided on the command line, you are prompted for them. For additional flags and options, see Installation Flags and Options.

Installing the Connector for Internal Connections

The following steps outline how to install the Connector for internal connections to bypass MFA:

  1. Prepare a virtual machine in your private network that meets the system requirements with the following sub-steps:
    • Skip the step for preparing the system for external access.
    • Skip the step for setting up MFA.
  2. Install the Connector with the following sub-steps:
    • If you don't have external users, then you could disable security gateway by passing --enable-security-gateway=false, otherwise it's set to true enabled by default.
    • Do not set the Public IP using the --external-pcoip-ip flag. The Connector returns the virtual machines IP address.
    • No MFA flag is required as MFA is disabled by default.
  3. Once you have installed the Connector connect to a remote workstation with an Anyware Software Client with the following sub-step:
    • In the Host Address or Code field enter the private IP of the internal Connector you just installed and log-in.

Installing the Connector for External Connections

The following steps outline how to install the Connector for external connections:

  1. Prepare a virtual machine in your private network that meets the system requirements with the following sub-steps:
    • Skip the step for preparing the system for internal access.
  2. Install the Connector with the following sub-steps:
    • Set the Public IP using the --external-pcoip-ip flag.
  3. Once you have installed the Connector, connect to a remote workstation with a PCoIP Software Client with the following sub-step:
    • In the Host Address or Code field enter the IP address or DNS name of the external Connector you just installed and log-in.

Updating CIDR for Connector Cluster

The default CIDR for Connector Cluster are as follows:

  • 10.42.0.0/16 cluster CIDR
  • 10.43.0.0/16 Service CIDR
  • 10.43.0.10 Cluster DNS

If the default CIDRs conflict with your internal network, use the following flags to update the cluster with different CIDR.

To update, run the following command:

sudo anyware-connector configure --cluster-cidr <IP Address> --service-cidr <IP Address> --cluster-dns <IP Address>

Example Command with dummy values:

sudo anyware-connector configure --cluster-cidr 192.168.10.0/24 --service-cidr 172.16.0.0/16 --cluster-dns 172.16.0.10

Installation Flags and Options

For detailed information on the installation flags and the configuration file parameters that you can pass during installation, see the table outlined below:

Groups of flags

The flags are here categorized by their configuration groups:

States for Boolean Flags

The state of all the Boolean Flags is interpreted as follows:

  • --boolean-flag means "true".
  • --boolean-flag=true means "true".
  • --boolean-flag=false means "false".
  • --boolean-flag anytext uses default as "true".

Anyware Manager Flags

Flag Config Key Flag Type Description
--manager-url manager.url String The Anyware Manager URL that the Connector will connect to.
If the flag is not provided, the connector will connect to Anyware Manager as a Service (default: https://cas.teradici.com). Required for instances of Anyware Manager Installable.
--manager-ca-cert manager.CaCertPath String A PEM-formatted file containing the public cert of any custom certificate authority used to verify connections to the Manager backend.
--manager-insecure manager.Insecure Boolean Skip the certificate validation when connecting to the HP Anyware Manager. Use this option only if the Manager is deployed with self-signed certificates. This option is ignored, if a CA certificate is provided.

Connector Flags

Flag Config Key Flag Type Description
-t, --token connector.token String Required. The token generated from Anyware Manager for Connector to create a service account to connect to Anyware Manager.
--accept-policies connector.AcceptPolicies Boolean Automatically accept the EULA and Privacy Policy.
--push-config-to-manager connector.PushConfigToManager Boolean Send (non-sensitive) configuration data to Anyware Manager, to be used by future Connector installations.
--pull-config-from-manager connector.PullConfigFromManager Boolean Include this flag to retrieve Connector configuration data from Anyware Manager.

Connector MultiFactorAuthentication Flags

Flag Config Key Flag Type Description
--enable-mfa connector.MultiFactorAuthentication.enable Boolean This flag can be used if you wish to enable multi-factor authentication. Multi-factor authentication will be enabled for all connections, both internal and external.
Internal users will be required to enter the multi-factor authentication code for the Connector when connecting to the PCoIP Client.
It is recommended to install separate Connectors for internal vs external connections.
--radius-port connector.MultiFactorAuthentication.Port String This is the RADIUS server port. If not specified, the default port (1812) is used.
If --radius-server is specified, this flag becomes optional
--radius-server connector.MultiFactorAuthentication.Server String The FQDN or IP address of the RADIUS server to use for MFA.
--radius-secret connector.MultiFactorAuthentication.SharedSecret String The shared secret used for configuring RADIUS authentication.
If --radius-server is specified, then this flag is required.

Connector TLS Flags

Flag Config Key Flag Type Description
--self-signed connector.tls.self-signed Boolean This mode is not secure, and should only be used for testing. PCoIP clients will receive a "untrusted" warning when connecting to the Connector. If specified, --tls-key and --tls-cert options are ignored. The previous --insure flag is still supported.
Default value is "true".
--tls-cert connector.tls.certpath String The full path and filename of the TLS certificate (in PEM format) to use. If --self-signed is used, this flag has no effect.
--tls-key connector.tls.keypath String The full path and filename of the TLS key to use. If --self-signed is used, this flag has no effect.

Connector Session Flags

Flag Config Key Flag Type Description
--external-pcoip-ip connector.session.ip String Manually sets the public IP for PCoIP Client to PCoIP Agent connection. If not provided, the installer will attempt to automatically resolve the external IP by reaching out to https://cas.teradici.com.
This flag is required if automatic resolution fails, or if the Connector does not have a connection to the public internet.
--external-pcoip-port connector.session.port String Manually sets the PCoIP session port. The default value is 4172. This flag is configurable.
--local-license-server-url connector.session.licenseServerUrl String Sets the URL for PCoIP License Server to be used for PCoIP Sessions.
If this is not provided, ensure that the Cloud License Server is registered on the PCoIP Agent.
Example: --local-license-server-url http://10.10.10.10:7070/request.
For more information on the PCoIP License Server, see PCoIP License Server.
--show-agent-state connector.session.showagentstate string Specifies whether the agent state is displayed as part of the remote workstation name in the PCoIP Client.
The default value for this flag is true. This setting has no effect if --retrieve-agent-state is false.
--retreive-agent-state connector.session.retreiveagentstate Boolean Enables the broker to retrieve the agent state for unmanaged and managed remote workstations.
The default value for this flag is false. The available states are In Session, Ready, Starting, Stopping, Stopped and Unknown.
--preferred-name connector.session.preferredname String This is an optional flag to determine if the hostname or machine name should be displayed to identify the remote workstations, the default is set to display machine name.
--enable-security-gateway connector.session.enablesecuritygateway Boolean By default, the security gateway for external traffic is set to true. For internal traffic, disable this feature using the --enable-security-gateway=false flag.

Connector Session TrustedCustomerLicensing Flags

Flag Config Key Flag Type Description
--trusted-customer-license-cert connector.session.TrustedCustomerLicensing.certpath String The full path, including filename, of the Trusted Customer licensing certificate file.
--trusted-customer-license-key connector.session.TrustedCustomerLicensing.keypath String The full path, including filename, of the Trusted Customer licensing file.
--clear-trusted-customer-license connector.session.TrustedCustomerLicensing.clear Boolean Clear the Trusted Customer Licensing flag and key from the Connector configuration.

Connector ClusterNetwork Flags

Flag Config Key Flag Type Description
--service-cidr connector.ClusterNetwork.serviceCidr String The IPv4 network CIDRs to use for service container IPs.
--cluster-cidr connector.ClusterNetwork.clusterCidr String The IPv4 network CIDRs to use for container pod IPs.
--cluster-dns connector.ClusterNetwork.clusterDns String The IPv4 address for DNS for cluster pods. Must be within the range indicated by service-cidr.

Connector Domain Flags

Flag Config Key Flag Type Description
--domain connector.Domain.Name String The AD domain that the remote workstations will join.
--enable-ad-authentication connector.Domain.EnableAuthentication Boolean Enables AD authentication. Default: true
--domain-controller connector.Domain.DomainControllers String array Optional. This flag specifies one or more domain controllers to use with the Connector. To specify multiple domain controllers use the following format: --domain-controller dc1.domain.com, --domain-controller dc2.domain.com, --domain-controller dc3.domain.com. Only FQDNs are accepted.
--pool-group connector.domain.poolGroups String array Specifies one or more Active Directory groups, by entering the distinguished name (DN), to be assigned to pools for remote workstation management (eg, --pool-group 'CN=GroupPool1,CN=Users,DC=sample,DC=com' --pool-group 'CN=GroupPool2,CN=Users,DC=sample,DC=com').
--enable-plaintext-ldap connector.domain.enableLdapMode Boolean Connections to Active Directory will be made using plaintext LDAP instead of encrypted LDAPS. This is meant only for testing, do NOT use it in production.
--ldaps-ca-cert connector.domain.caCertPath String Path to a PEM formatted file containing any custom Certificate Authority's public certificate to be used for verifying LDAPS connections to Active Directory.
--ldaps-insecure connector.domain.insecure Boolean Skip certificate validation when connecting to the Active Directory using LDAPS. This option should only be used when connecting to the Active Directory deployed with self signed certificates. This will be ignore, if a CA certificate is provided.

Connector Domain ServiceAccount Flags

Flag Config Key Flag Type Description
--sa-user String The username for the AD account with permission to join machines to the domain
--sa-password String The password for the AD account with permission to join machines to the domain

Connector Domain ADSync Flags

Flag Config Key Flag Type Description
--enable-ad-sync connector.domain.adsync.enable Boolean Enable Active Directory synchronization. (default true)
--users-dn connector.domain.adsync.UserDns String array The base DN to search for users within AD. Specify multiple DNs with multiple options. Newly provided base DN(s) will automatically replace previous base DN(s). The base DN to search for computers within the AD for AD sync.
You can specify multiple DNs with multiple options. See the table above on the differences between the Connectors for more information.
Newly provided base DN(s) automatically replaces previous base DN(s).
--users-filter connector.domain.adsync.UserFilters String array The filter to search for users within Active Directory. Specify multiple filters with multiple options. The default user filter is (&(objectCategory=person)(objectClass=user)).
--computers-dn connector.domain.adsync.ComputerDns String array The base DN to search for computers within AD for AD sync. Can specify multiple DNs with multiple options. See the differences between the Connectors at the top of this page for details. Newly provided base DN(s) will automatically replace previous base DN(s).
--computers-filter connector.domain.adsync.CompuyterFilters String array The filter to search for computers within Active Directory. Specify multiple filters with multiple options. The default computer filter is (&(primaryGroupID=515)(objectCategory=computer)).
--sync-interval connector.domain.adsync.Interval uint8 The interval (in minutes) for how often to sync AD users and computers with the Anyware Service.

Connector OAuth Flags

Flag Config Key Flag Type Description
--enable-oauth connector.oauth.enabled Boolean Enables/Disables Oauth authentication.
--id-provider-url connector.oauth.IDProviderUrl String Sets the identity provider URL. Example: --id-provider-url https://provider-1234567890.okta.com. This flag is required if --enable-oauth is true.
--oauth-client-id connector.oauth.IdpAppClientId String Sets the Client ID from the Identity Provider. This flag is required if --enable-oauth is true.
--oauth-flow-code connector.oauth.OauthFlowCode String Set the desired OAuth flow / grant type. Currently, only OAUTH_FLOW_CODE_WITH_PKCE is supported, and is used by default.
--fa-url connector.oauth.FaUrl String The Federated Auth Broker URL. for example https://cac-vm-fqdn:port
--oauth-server-ca connector.oauth.OauthServerTrustCaPath String The full path, including file name, of the OAuth Server CA certificate.

Connector SSO Flags

Flag Config Key Flag Type Description
--enable-sso connector.oauth.EnableSSO Boolean Enables/Disables Federated Authentication Single Sign-On
--sso-enrollment-url connector.oauth.SSOEnrollmentUrl String Sets the URL to the Active Directory Certification Authority Web Enrollment Service.
--sso-enrollment-certificate-template-name connector.oauth.SSOEnrollmentCertificateTemplate String Name of the certificate template that Active Directory Certificate Services (AD CS) uses to sign CSR.
--sso-enrollment-domain connector.oauth.SSOEnrollDomain String Domain of the user to access Active Directory Certification Authority Web Enrollment Service.
--sso-enrollment-username connector.oauth.SSOEnrollAccount String Username for accessing Active Directory Certification Authority Web Enrollment Service.
--sso-enrollment-password connector.oauth.SSOEnrollPassword String Password for the username to access Active Directory Certification Authority Web Enrollment Service.

Connector OAuth OpenSSL Flags

Flag Config Key Flag Type Description
--sso-signing-csr-ca connector.oauth.OpensslCsrSign.CaCertPath String The full path and filename of the CA certificate used to sign CSR from PCoIP Agent for SSO Logon.
--sso-signing-csr-key connector.oauth.OpensslCsrSign.CaKeyPath String The full path and filename of the private key used to sign CSR from PCoIP Agent for SSO Logon.
--sso-signing-csr-crl connector.oauth.OpensslCsrSign.CaCRLPath String Path to a certificate revocation list.

Webhook Flags

Flag Config Key Flag Type Description
--enable-webhook connector.session.webhook.enable Boolean Enables/Disables Webhook service.

Splunk Flags

Flag Config Key Flag Type Description
--splunk-host String The URL that points to the server where Splunk is installed.
--splunk-port String The port on which Splunk listens.
--splunk-token The HTTP Event Collector (HEC) token, which can be configured by following instructions in the Set up and use HTTP Event Collector in Splunk Web topic.

Configuration Service Flags

Flag Config Key Flag Type Description
--rotate-configuration-service-keys connector.configurationservice.rotate Boolean Rotate the encryption keys for the configuration service (default: true)
--enable-configuration-service connector.configurationservice.enable Boolean Enable configuration from Admin Console

Other Flags

Flag Config Key Flag Type Description
--config-file String array Specifies path to Anyware Connector YAML-formatted configuration file (default: /etc/anyware-connector/connector-configuration.yaml,/etc/anyware-connector/connector-secrets.yaml)
-h, --help help for configure

Note: About Connector Configuration Service

Instructions on using the Connector Configuration Service is available in "Editing an Anyware Connector" in the Anyware Manager SaaS Administrators' Guide.

5. Connecting to a Remote Workstation with a PCoIP Client

After successfully installing a Connector, you can initiate a session to connect to a remote workstation with a PCoIP Software Client. We enable customers to use multi-factor authentication for these PCoIP Client sessions. The following steps outline how to connect to a remote workstation using the PCoIP Software Client:

  1. Double-click the PCoIP Client desktop icon or program file PCoIPClient to launch the application.
  2. In the Host Address or Code field, enter one of the following:
    • For direct connections, provide the address of the host machine.
    • For managed connections, provide the address of the connection manager.
  3. Click NEXT.
  4. Select your domain and enter the credentials for the remote workstation. If you have enabled MFA then you are prompted for the 2nd factor passcode. The method of how this passcode is communicated depends on the provider you used. It is usually either a One Time Password or push notification.
  5. Click LOGIN.
  6. If your login is successful you should be able to select the remote workstation and connect to it. Please note that if you have a single remote workstation, that remote workstation is automatically selected and the connection is initiated immediately. In this case you are not presented with a remote workstation selection screen.

For more information about the PCoIP Software Client, please see the following PCoIP Software Client guides: