DirectAccess 2012 OTP and Force Tunneling

Recently I worked with a customer in a project to get DirectAccess 2012 up and running in a POC environment. The customer wished to use RSA as an OTP provider in the setup. One another request was to use Force Tunneling for their clients for different reasons.

Force Tunneling introduces some drawbacks in the setup as you might well know, one being that only IP-HTTPS can be used. There are other implications as well but one, previously unknown to me, was that Force Tunneling and OTP does not play well (or at all actually) together.
This was pointed out to us after performing some debugging together with Microsoft support.

I just found this document regarding this issue and other non-working and unsupported configurations

Customize the VMware Horizon View web portal with your own corporate branding

VMware offers a method to make customizations to the content of the View web portal. This is useful but it has some limitations. For instance, you might want to put your own corporate logo in the header bar like I’ve done below but this is not documented anywhere in their guides.



To make this customization you need to open up the folder C:\Program Files\VMware\VMware View\Server\broker\webapps\ROOT\styles\clientlaunch-default on the Connection Server. In there, you will find three PNG-files. For instance, the one that contains the logo is called “271x62_vmwareview.png” (or “343x62_vmware_horizon_view.png” on Horizon view with the default portal). To make your changes visible after editing, you need to restart the “VMware View Connection Service” on the Connection server.

In the example, I’ve also translated the default text strings in the “*.properties” files in the folder C:\ProgramData\VMware\VDM\portal.