Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


When the Terminal Policy is authenticated, the client asks the user for a username and a password, and passes them to the Manager. The Manager then authenticates the user against the LDAP server and retrieves the list of Desktop Policies. This list is created by merging the values of the desktop attribute from the following LDAP entries:

  • The user entry.
  • Since flexVDI Manager v3.0.2: The entries of any group the user is member of, either directly or indirectly. A user is a member of a group G1 if the user entry contains a "memberOf" attribute with value "G1". A user is also member of a group G2 if group G1 is a member of G2.


One of the most common tasks of a flexVDI administrator is to update the template assigned to a Desktop Policy. This can consist in updating the software, installing new programs, applying some patches, etc... In general, any action that modifies a template's disk images. The problem is that a template cannot be directly modified. It must be first converted into a standalone guest, and in order to do so it must have no cloned guests. As a result, a pre-condition to modify the template of a Desktop Policy is to destroy all the desktops cloned from that template. This also means that your desktops must be volatile. More on how to configure your guests so that they are volatile in this page of this guide.

However, in order to avoid destroying the desktops of users that are currently using them while you modify the template, the preferred way of updating a Desktop Policy's template is the following: