A workspace defines a set of applications and user permissions. These workspaces are shown on the Turbo Portal and on the Turbo Clients to users with sufficient permissions. By default there is a single Default Workspace with User permissions granted to the Everyone user group, allowing access to all users. Applications, permissions, and analytics can be managed from the the Workspace Administration page.
Server Administrators, as well as users with Administrator permissions to the workspace, may click the Manage button to access the Workspace Administration site.
The Dashboard page shows application usage analytics for the workspace. The analytics are separated into 4 sections:
Application Launch Volume: A graph visualizing the application launch volume for the past week.
Key Statistics: A summary of the unique applications, launches, users, and devices for the past week.
Usage Summary: A table grouped by application summarizing each application's launch volume for the past week.
Recent Activity: A table detailing the last 100 application launches.
The Applications page lists all applications that have been added to this workspace and provides management options such as adding, editing, and deleting applications. Applications added to the workspace will be displayed on the portal to users will sufficient permissions and will be available for launch.
Applications are broken down into several different types:
A PC Application is a Windows desktop application that runs in a containerized environment using the Turbo VM. These applications can be configured with a variety of launch, virtualization, and display settings.
PC Applications can be managed from the Application Settings page and contain the following fields:
- Display Name: The application display name shown on the portal.
- Icon: The icon that will be displayed to end users on the Portal. The icon must be a valid image type and at most 1MB in size. We recommend using a square icon that is at least 60px x 60px. If no icon is configured, the repository icon will be displayed.
- Repository: The name of the image repository used by this application.
- Application Version: The exact application version that will be launched. By default the latest version will be used.
- Allowed Launch Modes: Application launch modes that are available for applications on the portal. Disallowed launch modes will be disabled.
- Default Launch Mode: The launch mode the application will use by default if the user does not specify a launch mode. The is the default left-click behavior on the portal.
- Video Encoding: The preferred video encoding used for remote execution. Video encoding support depends on the application server settings and hardware.
- Startup File: The startup file that is used when launching the application. By default the image's startup file is used.
- Startup File Arguments: Arguments passed to the application startup file.
- Profile Mode: The login mode used when launching applications in the cloud. Possible options are:
- Temporary Profile: A temporary user profile will be created on the Application Server. Temporary profile persistance can be configured on the Server Settings page.
- Ask for Credentials: The user will be prompted to enter their Windows credentials for the Application Server.
- Kerberos: The user will be prompted to login using Kerberos authentication.
- Restrict to AD Groups: Restricts the application's visibility to members of the specified AD group. If a value is provided, then only members of that AD Group will see the application on the portal. If no value is provided, then all users with access to the workspace will see the application.
- VM Version: The VM version is a version string that specifies which Turbo VM version will be used for execution. See VM Version.
- Enable Assembly cache: Enables pre-caching of application DLL and EXE files on the Application Servers’ local disk for faster loading. See Use DLL cache.
- Container Name: The container name that is used when launching the application. By default the image's name is used.
- Access Local User Folders: Allows the application to access the host device's local user folders, such as Desktop, Downloads, Documents, Music, Pictures, and Videos. See Access local user folders.
- File Isolation: Determines the level of file visibility and access from the vm to the host environment. By default, local launches use Full isolation and cloud launches use Write Copy isolation. See Isolation Settings.
- Isolate Network: Isolates the virtualized network environment from the host device's network. See Isolate network.
- Tunneling: Tunneling allows the application to tunnel traffic from the virtual environment to the specified targets accessible from the Portal server. Tunneling currently supports TCP and IP protocols and requires SSL (https) to be enabled on the domain. UDP is not supported. See Proxy Settings.
- Network Routes: A whitelist or blacklist of network routes that are accessible by the virtual network environment. See Controlling Outbound Traffic.
- Components: A list of additional image repository IDs that are added to the base image as layers. See Components.
- Sessions are persistent: Persists the application state and settings on the host machine, enabling persistence across multiple sessions. Typically this setting should be enabled in order to prevent loss of data. This setting defaults to true.
- Synchronize across devices: Automatically synchronizes the application state and settings with the Hub server, enabling persistence across multiple devices. Sessions are persistent must be enabled to change this setting. This setting defaults to false.
- Drive Visibility: Controls which drives are visible in the virtualized application environment during cloud runs. This setting does not apply to local runs. By default, only the system drives and T: Drive are visible.
- Mount Points: A list of mount points that mount file paths from the host into the container. Supports NTFS paths, UNC paths, and special folder variables (see Folder Variables)
- Licensing: Restricts the number of users or devices that can launch the application. The license counters are reset when the setting is modified. Available options are:
- Unlimited: No limits to the application. Set to unlimited to reset previously assigned named licenses.
- Named Users: Restricts the total number of named user that can run the application. A named user is a distinct Turbo user, which includes anonymous users and api-key sessions.
- Concurrent Users: Restricts to the number of users allowed to run the application at a given time.
- Named Devices: Restricts the total number of devices that can run the application. A named device is base on the end user operation system SID and MAC address.
- Concurrent Devices: Restricts to the number of devices allowed to run the application at a given time.
PC Native Applications
A PC Native Application is a Windows desktop application that launches an existing installed application on the application server or local client host in a containerized environment using the Turbo VM.
When adding a Native Application to a workspace, a list of applications will be recommended based on the link files in the application servers' all users (common) Desktop and Start Menu folders. Selecting an application will set the launch settings to the link file's target and arguments. The application list is updated on service start and every 30 minutes thereafter.
If you do not see your desired application, check to see if the application has shortcuts in the common Desktop or Start Menu folders on the application server. This may be the case for Internet Explorer if is not installed on the server (no shortcuts, but still exists in program files). You may also select Custom application to manually enter your settings. We recommend setting the Startup File to the target file path instead of a link file path to ensure that the path is resolved correctly. Please ensure that the file path exists on the target Application Servers and client hosts, or else the application will fail to launch.
The Native Application isolation must be set to
merge in order to access the natively installed application. Using
full isolation will cause the application to fail to launch.
Native Applications offer the same launch, virtualization, and display settings as PC Applications. These settings may be managed from the Application Settings page.
A Web Application is a link to an external website or resource that is opened in a new virtual browser environment.
When adding a Web Application to a workspace, you must select a repository with the
browser category. Repository categories may be managed from the Repository Settings page.
Web Applications offer the same launch, virtualization, and display settings as PC Applications, in addition to the following Web Application specific fields. These settings may be managed from the Application Settings page:
- URL: The target URL that is opened when launching the web application.
To launch the browser with more complex startup arguments, the placeholder value
%web-url% may be added to the Startup File Arguments field. This placeholder will be replaced with value in the URL field.
The Links page allows administrators to create and customize web links for end users to open URLs from their dashboard. These links appear under the Links tab on the Portal dashboard.
To create a new workspace link, click the Add Link button and enter your preferred options:
- Name: The name that will be displayed to end users on the Portal.
- URL: The target URL of the workspace link.
- Open in New Tab: If enabled, the link will be opened in a new browser tab. Otherwise, the link will be opened in the current browser tab.
- Icon: The icon that will be displayed to end users on the Portal. The icon must be a valid image type and at most 1MB in size. We recommend using a square icon that is at least 60px x 60px. If no icon is configured, a default icon will be displayed.
Sharing a Workspace Application
The Sharing page allows administrators to create shareable URLs for end users to run applications without having to log into the portal.
To create a new shareable URL, first create a non-system API key using the API Key administration page.
Next, click the Share Application button and select your preferred launch options:
- Application: The workspace application that will be launched.
- Name: A display name for the share link. This name is only displayed on the workspace administration site to help differentiate share links.
- API Key: The API key that will be used to authentication anonymous users who use this share link. If None is selected, user's will authenticate using their logged in credentials. The API Key Name must be added to the Workspace User Permissions as a User or the shared application will fail to launch due to insufficient permissions.
- Launch Location: The location where the application will be launched.
To test your link, open an incognito browser window without logging into Turbo.net and paste the URL into the browser address bar. The application should run without requiring a login. Please be aware that the Share URLs use an API Key that allows access to your organization's applications and should be kept secure within the organization.
If you wish to modify or revoke your Share URL, you may do so by clicking Settings button on the appropriate Share URL.
The Users page allows administrators to manage user-related settings, assign user and group entitlements, and manage channels.
The users General page allows the administrator to configure the following settings:
- Default Item Permission: The default user entitlement for workspace items. If this setting is disabled, workspace items will not be visible to users unless they have been granted access, such as through channel membership. Permission is enabled by default.
- Default Active Directory Domain: Sets the default Active Directory domain used to login when launching applications in the cloud with non-temporary profiles.
The users Permissions page lists all user and user group permissions that have been added to the workspace and provides management options such as adding and deleting permissions. Granting User permissions will allow that user or user group to access the workspace, while granting Administrator permissions will allow that user or user group to access the workspace administration site.
A channel is a collection of workspace items such as applications, links, and files that are made available to a configurable list of users and groups. Channels are visibile on the Turbo Server portal to users with sufficient permissions.
The users Channels page lists all channels that have been added to this workspace and provides management options such as adding and deleting channels.
Channels can be managed from the following channel settings pages:
The channel General page allows the administrator to configure the following settings:
- Display Name: The name that will be displayed to end users on the Portal.
- Web Path: The web path that uniquely identifies this channel, used to form the channel URL.
The channel Items page lists all workspace items that have been added to the channel and allows the administrator to add and remove workspace items.
To add a workspace item to a channel link, click the Add button and select the workspace item type that you wish to add. The add dialog will list all items of the corresponding type that exist in the workspace. Items must be added to the workspace before they can be added to a channel.
The channel Users page lists all user and user group permissions that have been added to the channel and provides management options such as adding and deleting permissions. Granting User permissions will allow that user or user group to access the channel, while granting Administrator permissions will allow that user or user group to access the channel administration page on the portal.
The Everyone group is automatically added with User permissions when the channel is created.
If the Default Item Permission workspace setting is enabled, all channel items will be visible from the workspace dashboard regardless of channel membership.
- Display Name: The display name of the workspace.
- Web Path: Folder name consisting of letters and numbers used to form the workspace URL.
- Precache Applications: Controls whether this workspace is automatically cached to the Application Server.