Configuring Desktop Images
Configure an image for use as a desktop.
The preferred starting point for an image is one of the base images provided by Oracle for use in Secure Desktops. See Supported Images.
Base images have the software required to communicate with Secure Desktops already installed. You will need to complete additional configuration depending on the intended use of the desktop.
User-level customization is lost each time a desktop is opened from the image. Therefore, desktop users will need to perform certain configuration steps. See Configuring Your Desktop.
Linux Desktops
Installing the Required Software
Install the following required software:
- cloudinit for Oracle Linux from
yum
ordnf
- GNOME X11 or another desktop environment. The base images include GNOME, KDE and XFCE.
- OpenSSL and Secure Desktops Support packages
These packages are required for Secure Desktops features, including support for multiple monitors.
- Download and install the latest OpenSSL packages (in order), a dependency for the Secure Desktops Support package.
- Install the latest Secure Desktops Support Package for Oracle Linux 7 or 8.
Note
For existing customers using an older Linux desktop image, the administrator must update the image with the latest packages above to enable support for multiple monitors. - Oracle Cloud Agent for Compute instances
- KVM User Space Package
Configuring Security in the Image
- Firewalld has service ssh enabled and port 9876/tcp open and VCN/subnet Security List chosen for the desktop pool needs Ingress on ports 22,3389 and 9876.
- /etc/ssh/sshd_config must allow
PasswordAuthentication yes
Configuring the Boot Disk Size
Set the boot volume size in Linux to match the size of the boot volume you used to instantiate the image.
Turning off Key Repeat in GNOME
Turn the key repeat option off in GNOME to resolve the issue of key presses being erroneously repeated.
-
Run the following command:
dconf write /org/gnome/settings-daemon/peripherals/keyboard/repeat false
- Log out and then reopen the desktop.
Turning off the Screen Lock
Desktop users will typically log in to the Secure Desktops Interface and open their desktop from there without the use of a user account for the desktop itself. Therefore they will not know the password for the account used to access the desktop. If the desktop is left idle, the screen lock will prompt the desktop user for a password. Disable the screen lock to prevent this from happening.
Instructions for disabling the screen lock are dependent on the Linux desktop environment being used. For example, screen lock is disabled by default for GNOME environments. Contact the provider for your specific desktop environment for more information.
For more information on usernames and passwords for desktops see User Accounts.
Windows Desktops
Installing the Required Software
Install the following required software:
- cloudinit for Windows
- Oracle Cloud Agent for Compute instances
- KVM User Space Package
Configuring Security in the Image
Enable Remote Desktop Protocol (RDP).
Configuring the Boot Disk Size
Set the boot volume size in Windows to match the size of the boot volume you used to instantiate the image.
Configuring NTP
Improperly configured time settings can cause activation issues in Windows. Correctly configure the NTP settings to resolve this issue.
Follow Configuring NTP for an Instance.
Configuring Time Zone
When a Windows 11 desktop is opened for the first time, the time zone will be set to the time zone in the image.
Use the RDP feature enable timezone redirection to change the time zone according to the client settings.
Turning off the Screen Lock
Desktop users will typically log in to the Secure Desktops Interface and open their desktop from there without the use of a user account for the desktop itself. Therefore they will not know the password for the account used to access the desktop. If the desktop is left idle, the screen lock will prompt the desktop user for a password. Disable the screen lock to prevent this from happening. Contact Microsoft for specific instructions.
For more information on usernames and passwords for desktops see User Accounts.
Relocating Your User Folders to the Storage Volume
When you configure the virtual desktops created from the image, it is recommended that you relocate user folders (Downloads, Documents, and so on) to the OCI Volume (D:) to protect your files from data loss. See Relocating User Folders to the OCI Storage Volume (Windows only).