Use the information in this article to configure unauthenticated sessions. No special settings are required when installing the Linux VDA to use this feature.
You must create an unauthenticated store using StoreFront to support an unauthenticated session on the Linux VDA.
After creating an unauthenticated store, enable unauthenticated users in a Delivery Group to support an unauthenticated session. To enable unauthenticated users in a Delivery Group, follow the instructions in the XenApp and XenDesktop documentation.
An unauthenticated session has a default idle timeout of 10 minutes. This value is configured through the registry setting AnonymousUserIdleTime. Use the ctxreg tool to change this value. For example, to set this registry setting to five minutes:
To set the maximum number of unauthenticated users, use the registry key MaxAnonymousUserNumber. This setting limits the number of unauthenticated sessions running on a single Linux VDA concurrently. Use the ctxreg tool to configure this registry setting. For example, to set the value to 32:
Consider the following when configuring unauthenticated sessions:
- Failed to log on to an unauthenticated session.
Verify that the registry was updated to include the following (set to 0):
Verify that the ncsd service is running and configured to enable passwd cache:
Set the passwd cache variable to no if it is enabled, then restart the ncsd service. You might need to reinstall the Linux VDA after changing this configuration.
- The lock screen button is displayed in an unauthenticated session with KDE.
The lock screen button and menu are disabled by default in an unauthenticated session. However, they can still be displayed in KDE. In KDE, to disable the lock screen button and menu for a particular user, add the following lines to the configuration file $Home/.kde/share/config/kdeglobals. For example:
[KDE Action Restrictions]
However, if the KDE Action Restrictions parameter is configured as immutable in a global wide kdeglobals file such as /usr/share/kde-settings/kde-profile/default/share/config/kdeglobals, the user configuration has no effect.
To resolve this issue, try to modify the system-wide kdeglobals file to remove the [$i] tag at the [KDE Action Restrictions] section or directly use the system-wide configuration to disable the lock screen button and menu. For details about the KDE configuration, see the KDE System Administration/Kiosk/Keys page.