Login Enterprise Windows Launcher

Introduction

Login Enterprise Launcher is a host used as an endpoint to communicate between the Login Enterprise virtual appliance running a Test and the Targets (VMware, Citrix, etc.). This article describes the installation, configuration, and best practices for the Login Enterprise Launcher, also referred to as a Windows Launcher.

To learn about the Launcher’s role in Login Enterprise, what it does, how it works, and more, see Launchers: Overview and best practices.

Downloading and installing the Login Enterprise Windows Launcher

To download and install the Launcher:

  1. Log in to your Login Enterprise with the Launcher intended to be the host.
  2. In the Sidebar menu, navigate to Configuration > Launchers.

Frame 30.png

3. In Launchers, scroll down and find Download Launcher Setup.

4. In the bottom right, click Download file.

Frame 31.png

5. Once downloaded, extract the Launcher zip file.

6. Start the Launcher installation by running the Setup.msi file, following the prompts.

The Launcher will launch by default at the end of the installation.

Installation directory

You can save the extracted Launcher installation directory on a shared network location. This way, you can access it quickly without downloading and extracting it each time you set up a new Launcher.

Silent installation

You can use command-line functions to simplify the deployment and update processes for the Launcher installation.

To run the MSI file silently, use the following parameters. Be sure to replace <URL> and <secret> with your specific values:

msiexec /I "<full path to Setup.msi>"/qb! serverurl=<FQDN of appliance> secret=<secret>

For example:

msiexec /I "\\fileserver\share\Setup.msi"/qb! serverurl=https://loginvsi.demo.com secret=E0733F0B555035C7E377CA8797530855770141C1

Copy the secret from the Download Launcher Setup > Launcher secret:

Frame 33.png

Using silent installation for the Launchers allows administrators to streamline the deployment process, reduce potential human error, and ensure consistent configurations across all systems.

Silent installation supports automated, programmatic deployment.

Running, operating, and starting the Login Enterprise Windows Launcher

Ensuring proper connection

When you run the Launcher, check the bottom toolbar of the UI. It will indicate if the Launcher is successfully connected to the appliance from which the installer was originally downloaded.

Frame 39.png

Accessing the LE Launcher

Enabling remote connectivity to the Launcher

If you are using a physical Launcher machine, we recommend enabling remote connectivity. Options include Remote Desktop Protocol (RDP), TeamViewer, Virtual Network Computing (VNC), or other remote access applications. Remote access simplifies troubleshooting when necessary.

Maintenance and updates

For the optimal performance of the Launcher, follow these best practices

  • Restart the Launcher periodically.
  • Have the Launcher run automatically upon startup.
  • Update the Launcher with each Login Enterprise release. Currently, there is no automatic update mechanism available. However, you can create a script to perform a silent installation of the new Launcher over the old one using a Launcher installer stored centrally, such as on a network share.

For more detailed information, see the Launcher life cycle and best practices.

After installing a new version of Login Enterprise, in the Sidebar menu, navigate to Launchers. Download the updated version and install it over the existing Launcher.

Starting the Login Enterprise Windows Launcher

Manually starting the Launcher

By default, the installation creates a desktop shortcut for the launcher. To manually run the Launcher, double-click the shortcut on your desktop. The shortcut points to the installation path: "C:\Program Files\Login VSI\Login Enterprise Launcher\LoginEnterprise.Launcher.UI.exe".

Automatically starting the Launcher

You can configure the Launcher to start automatically when Windows starts. There are several methods to achieve this:

Option 1: Using the Startup Folder

  • Copy the Launcher shortcut:
    • After installation, the shortcut is located on the desktop.
  • Open the Startup folder:
    • Press Win + R to open the Run dialog.
    • Type shell:startup (for the current user) or shell:common startup (for all users) and press Enter.
  • Paste the Shortcut:
    • Paste the copied launcher shortcut into the Startup folder. This ensures the launcher starts automatically when a user logs in.

Option 2: Using a Workspace Management tool

For domain users or domain-attached launchers, consider using workspace management tools such as VMware UEM or Ivanti:

  • Integrate with Workspace Management tool:
    • Attach a login action to the launcher device or user.
    • Configure the tool to execute the Launcher executable found in the installation directory (by default located at "C:\Program Files\Login VSI\Login Enterprise Launcher\LoginEnterprise.Launcher.UI.exe").

Option 3: Configuring automatic logon in Windows

To streamline operations and reduce manual intervention, you can enable automatic login after scheduled restarts by configuring specific registry keys:

  • Registry Location:
  • HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
  • Registry Keys:
  • AutoAdminLogon
    • Type: REG_SZ
    • Value: 1 (enabled) or 0 (disabled)
    • Enables automatic administrator logon functionality.
  • DefaultDomainName
    • Type: REG_SZ
    • Value: Your domain name (if applicable)
    • Specifies the domain name for the user.
  • DefaultPassword
    • Type: REG_SZ
    • Value: The user's password
    • Sets the password for auto-login.
  • DefaultUserName
    • Type: REG_SZ
    • Value: Username
    • Specifies the username for auto-login.
  • AutoLogonCount
    • Type: REG_SZ
    • Value: 1 (once), 2 (twice), etc.
    • Configures the number of times the machine stores the configuration.

Ensure the following registry keys are disabled for the above settings to work:

  • Registry Location:
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
  • DontDisplayLastUsername
    • Type: REG_SZ
    • Value: 0 (disabled) or 1 (enabled)
    • Controls the display of the username on the logon screen.
  • Registry Location:
    • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
  • DisableAutomaticRestartSignOn
    • Type: REG_DWORD
    • Value: 0 (disabled) or 1 (enabled)
    • Enables or disables automatic sign-on for users.
  • Using Sysinternals "Autologon" tool
    • The Sysinternals section of Microsoft support offers a tool called "Autologon" which simplifies the process of automating the autologon feature on a machine. To utilize the tool, follow these steps:
    • Visit the Autologon v.3.10 provided by Microsoft support to access detailed instructions on downloading and using the "Autologon" tool.
    • Download the "Autologon" tool from the provided link.
    • Follow the instructions provided in the guide to configure autologon for your machine.

Option 4: Creating an executable for automatic logon

For a successful and secure implementation, you can create an executable using a tool like AutoIT. This executable will be executed before the automatic reboot of a machine and will contain the implementation of the registry keys described earlier. Ensure that the "AutoLogonCount" registry value is set to 1.

The rationale behind using an executable is twofold:

The executable compiles and encrypts the content, ensuring that all values, including passwords, are securely stored. For example, PowerShell scripts store values as plain text, which can pose a security risk.

By default, the "DefaultPassword" value stores the password as plain text in the registry. This means that if a person with malicious intent gains access to the device, they can see the password stored in the registry. Using an executable in conjunction with the "AutoLogonCount" registry key ensures that after the reboot, the registry entries are cleared, eliminating any security issues.

Login Enterprise Windows Launcher user interface

When the Launcher loads, pay attention to the Login Enterprise Launcher menu window:

Frame 39.png

Menu option Definition
Top bar Shows the Launcher version
Launcher name The launcher name defaults to the machine name where the launcher software is installed. If a specific name is required for a launcher, it should match the name of the machine.
Connections pane Shows active and historical Test session connections and status
Right-side menu Shows connection information for selected connections
Open logs folder Shows deeper troubleshooting information, if needed
Bottom launcher connection status banner

If the banner is green, the connection to the Login Enterprise virtual appliance is successful.

The appliance hostname and the appliance version are at the right of the connection status banner.

Troubleshooting and best practices

Certificate update

If a new certificate is uploaded to the appliance, we recommend reinstalling the launcher software.

Connection status

Pay attention to the Launcher's UI bottom toolbar. If there's a connection error, the toolbar won't be green. Additionally, check the Launcher page in the Login Enterprise web interface for the Launcher's hostname; if it doesn't exist, a connection error may be occurring. Sometimes, the log files in the %appdata% path for the logged-in Launcher user can provide helpful information, so remember to check them as well. Launcher debug level logging can be enabled by adding a Launcher to a Test. For more information, see Adding a Launcher to a Test.

Versioning notice

The Launcher app won't connect to a virtual appliance that's one version ahead of it. For example, if the Launcher app is version 5.9.99 and the virtual appliance (VA) is version 6.0.0, they will still communicate, but the Launcher won't attempt to launch Target connections.

Best practices

  • Recommended deployment: two Launchers - For optimal performance, deploy two Launchers per environment:
    • One Launcher within the data center: used to gauge connectivity and establish baseline measurements.
    • One Launcher outside the data center: used to assess real-world variations from the baseline.

This comparison helps identify potential performance degradation from either the connection to the data center or the data center itself. It also assesses environment accessibility from both internal and external perspectives.

  • Configuring the Launcher (Windows) - To ensure a successful implementation of the Login Enterprise Launcher on Windows, perform several configurations on the machine:
    • Automatic reboots for the Launcher
    • Scheduled reboots for stability
      • To mitigate caching issues and other potential instabilities arising from prolonged uptime, schedule regular reboots for the Launcher machine. Set up a scheduled task within Windows to automatically reboot the machine on a daily or weekly basis.
      • For detailed instructions on setting up a scheduled task in Windows, see Windows Server – Schedule a Reboot.
  • Power, Lock Screen, and Screensaver settings - To ensure continuous operation of the Launcher, it's essential to prevent interruptions caused by power-saving modes, lock screens, and screensavers. Follow these steps to configure the necessary settings:
    • Power Settings:
      • Set the screen setting "On battery power, Turn off after" to Never.
      • Set the screen setting "When Plugged, Turn off after" to Never.
      • Set the power setting "On battery power, PC goes to sleep after" to Never.
      • Set the power setting "Sleep when plugged in, PC Goes to sleep after" to Never.
      • Set the "Lid close action" for both "On battery" and "Plugged In" scenarios to Do Nothing.
      • Set the "Power button action" for both "On battery" and "Plugged In" scenarios to Do Nothing.
      • Set the "Sleep button action" for both "On battery" and "Plugged In" scenarios to Do Nothing.
    • Other Settings:
      • Disable the screensaver on the machine.
      • Disable the lock screen on the machine.

Deployment and compatibility

Physical Launcher setup

When configuring the Launcher as a physical device, prioritize security and minimize the risk of unauthorized access by following these best practices:

  • Secure placement - Place the Launcher machine in a secure location, such as a locked storage room or server room. Limit access to the room as much as possible to minimize the risk of unauthorized entry.
  • Kensington lock - Ensure that the device supports the use of a Kensington lock to prevent easy removal from the secure location.
  • Device selection for security - To mitigate potential security risks, use a physical device without an attached screen. Avoid using laptops and instead opt for devices such as Intel NUCs, desktop machines, Windows Thin clients, IGEL Thin clients, or similar alternatives. If a laptop is used, ensure that the lid is closed at all times.
  • Stable connection - To maintain a stable connection, connect the Launcher to the internet using a wired LAN cable. Use wireless connections only when necessary.

IT environment Launcher implementation

Extend security considerations for the Launcher beyond the physical realm by following these recommendations:

  • Avoid adding a Launcher device to the domain - For management or remote connectivity, refrain from adding the Launcher machine to the Domain unless necessary. This reduces the risk of unauthorized access to the domain if the device is compromised.
  • Updates and upgrades - Ensure that the Launcher device is consistently updated with the latest security patches recommended by the software supplier.
  • Add Launcher to automatic software distribution method - Enhance manageability and streamline software upgrades for the Login Enterprise by adding the Launcher machine to your preferred software distribution setup, such as SCCM or similar tools. This enables easy distribution of new Launcher software updates as soon as they are released.
  • Virus scanner configuration - Configure and maintain a virus scanner on the Launcher machine at all times. Ensure the virus scanner is updated regularly to provide optimal protection against threats.

Login Enterprise Launcher requirements