Amazon DCV Server parameter reference
The following table lists the parameters that can be configured to customize the Amazon DCV server.
Note
The Reload context column in each table indicates when the parameter is reloaded. Possible contexts include:
-
server
—The parameter is loaded once when the server is started. If the parameter value is updated, the new value is loaded when the server is restarted. -
session
—The parameter is loaded when the session is created. If the parameter value is updated, the new value is loaded for subsequent sessions. -
connection
—The parameter is loaded when a new client connection is established. If the parameter value is updated, the new value is used for subsequent client connections. -
custom
—The conditions under which the parameter loads is unique to this parameter. See the parameter description for more information.
Topics
- audio Parameters
- clipboard Parameters
- connectivity Parameters
- display Parameters
- display/linux Parameters
- extensions Parameters
- input Parameters
- license Parameters
- log Parameters
- printer Parameters
- redirection Parameters
- security Parameters
- session-management Parameters
- session-management/automatic-console-session Parameters
- session-management/defaults Parameters
- smartcard Parameters
- webauthn Parameters
- webcam Parameters
- windows Parameters
- Modifying Configuration Parameters
audio
Parameters
The following table describes the configuration parameters in the [audio]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the audio
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
avsync-support | string | session | 'auto' | Determine if the clients can enable audio/video synchronization — Allows connected clients to enable audio/video synchronization. The valid values are 'enabled', 'disabled' or 'auto' (default='auto'). If 'auto' is specified, the audio/video synchronization is enabled only on console sessions and only if accelerated video compression is available. — Available since version 2021.1-10557. |
source-channels | integer - DWORD (32-bit) | session | 2 | Number of channels of the speaker device on Linux — Sets the number of channels of the Linux speaker device. The value must be less than or equal to the number of channels supported by the device. Allowed values are: 2 (stereo), 4 (4.0 quadriphonic), 6 (5.1 surround), 8 (7.1 surround). Default value is 2 (stereo). — Available since version 2020.0-8428. |
clipboard
Parameters
The following table describes the configuration parameters in the [clipboard]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the clipboard
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enabled | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether the clipboard feature should be enabled — Specifies if the clipboard feature is enabled. If the clipboard feature is disabled, users will not be able to use the clipboard remotization. Clipboard monitoring will be disabled too. — Available since version 2020.0-8428. |
max-image-area | integer - DWORD (32-bit) | session | -1 | Maximum area of clipboard's image — Specifies the maximum area (number of pixels) of clipboard images that can be transferred between server and clients. If this value is missing or set to -1, the limit is not applied. — Available since version 2017.0-4334. |
max-payload-size | integer - DWORD (32-bit) | session | 20971520 | Maximum size of clipboard's data — Specifies the maximum size (in bytes) of clipboard data that can be transferred between server and clients. Maximum supported value 20 MB. If this value is missing, the maximum limit is enforced. — Available since version 2017.0-4334. |
max-text-len | integer - DWORD (32-bit) | session | -1 | Maximum number of characters of clipboard's text — Specifies the maximum number of characters of clipboard text that can be transferred from server to clients. Excess characters will be truncated. If this value is missing or set to -1, the limit is not applied. — Available since version 2017.0-4334. |
primary-selection-copy | true or false - DWORD (32-bit) | session | Linux: false - Windows: 0 | Enable the primary selection copy from linux — Linux desktops support multiple clipboards: the generic clipboard and the primary selection. The primary selection is updated or copied when content is selected. It can then be pasted using the mouse's middle button or with the Shift+Insert key combination. When enabled, the primary selection is monitored and updates are propagated to the client. — Available since version 2019.0-7318. |
primary-selection-paste | true or false - DWORD (32-bit) | session | Linux: false - Windows: 0 | Enable the primary selection pasting on linux — Linux desktops support multiple clipboards: the generic clipboard and the primary selection. The primary selection is updated or copied when content is selected. It can then be pasted using the mouse's middle button or the Shift+Insert key combination. When enabled, the client's clipboard content will be also inserted in the primary selection. — Available since version 2019.0-7318. |
update-timeout | integer - DWORD (32-bit) | session | 200 | Update event notification timeout — Specifies the time in msec to wait from the last update event for sending the notification to the client. Default value 200 msec. — Available since version 2020.1-8942. |
connectivity
Parameters
The following table describes the configuration parameters in the [connectivity]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the connectivity
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
disconnect-on-lock | true or false - DWORD (32-bit) | custom | Linux: false - Windows: 0 | Whether the clients are disconnected on OS session lock — Enable this to force client disconnection when the remote OS session is locked. Otherwise clients will continue to stream the remote session. Currently supported only on console sessions. This parameter value is read at every remote OS session lock. — Available since version 2023.1-16220. |
disconnect-on-logout | true or false - DWORD (32-bit) | custom | Linux: false - Windows: 0 | Whether the clients are disconnected on OS user logout — Enable this to force client disconnection when the remote OS user is logged out (i.e. OS session is closed). Otherwise clients will continue to stream the remote session. Currently supported only on console sessions. This parameter value is read at every remote OS user logout. — Available since version 2023.1-16220. |
enable-quic-frontend | true or false - DWORD (32-bit) | server | Linux: true - Windows: 1 | Whether to enable the QUIC frontend — Specifies whether the QUIC frontend should be enabled. — Available since version 2020.2-9508. |
idle-timeout | integer - DWORD (32-bit) | custom | 60 | Idle timeout — Specifies the number of minutes to wait before disconnecting idle clients. Specify 0 to never disconnect idle clients. This parameter value is read every second. — Available since version 2017.0-4100. |
idle-timeout-warning | integer - DWORD (32-bit) | custom | 350 | Idle timeout warning — Specifies the number of seconds relative to idle-timeout to wait before warning idle clients about idle timeout disconnection. Specify 0 to never warn idle clients. — Available since version 2017.4-6898. |
quic-listen-endpoints | string | server | ['0.0.0.0', '::'] | Specify the endpoints over which DCV listens for incoming QUIC connections — Specifies a list of endpoints where DCV will listen for incoming QUIC connections. The endpoints can be a list of local bindable IPv4 addresses ('0.0.0.0' to wildcard all the possible addresses), or bindable IPv6 addresses ('::' to wildcard all the possible addresses) with an optional port separated by a colon (':'). For example, '1.2.3.4:5678' would listen for incoming connections on the interface associated with the '1.2.3.4' address, on port of 5678. If the port is not specified the setting in 'quic-port' will be used as a default. To specify a port with an IPv6 address, enclose the address in square brackets (e.g. '[::1]:8443'). IPv6 addresses including an explicit interface are also supported (e.g. '[::%eth1]:8443'). — Available since version 2022.0-11954. |
quic-port | integer - DWORD (32-bit) | server | 8443 | UDP port for the QUIC frontend — Specifies the UDP port on which the DCV server listens for client connections. The port number must be between 1024 and 65535. See the 'quic-listen-endpoints' setting for further details on how this setting is applied. — Available since version 2020.2-9508. |
web-extra-http-headers | string | server | [] | Set the array of extra headers to be added to the HTTP/HTTPS headers — Uses it to add extra headers. The array should be filled with couples like: [('header_name','header_content')]. Multiple headers can be added. — Available since version 2017.2-6182. |
web-listen-endpoints | string | server | ['0.0.0.0', '::'] | Specify the endpoints over which DCV listens for incoming web connections — Specifies a list of endpoints where DCV will listen for incoming web connections. The endpoints can be a list of local bindable IPv4 addresses ('0.0.0.0' to wildcard all the possible addresses), or bindable IPv6 addresses ('::' to wildcard all the possible addresses) with an optional port separated by a colon (':'). For example, '1.2.3.4:5678' would listen for incoming connections on the interface associated with the '1.2.3.4' address, on port of 5678. If the port is not specified the setting in 'web-port' will be used as a default. To specify a port with an IPv6 address, enclose the address in square brackets (e.g. '[::1]:8443'). IPv6 addresses including an explicit interface are also supported (e.g. '[::%eth1]:8443'). — Available since version 2022.0-11954. |
web-port | integer - DWORD (32-bit) | server | 8443 | TCP port for the client — Specifies the TCP port on which the DCV server listens for client connections. The port number must be between 1024 and 65535. See the 'web-listen-endpoints' setting for further details on how this setting is applied. — Available since version 2017.0-4100. |
web-root | string | server | '' | Document root for the embedded web server — Specifies the document root for the embedded web server. — Available since version 2017.0-4100. |
web-url-path | string | server | '/' | URL path for the embedded web server — Specifies the URL path for the embedded web server, must start with '/'. For example, setting it to /test/foo means that the web server is reachable at https://host:port/test/foo. — Available since version 2017.0-4100. |
web-use-hsts | true or false - DWORD (32-bit) | server | Linux: true - Windows: 1 | Whether to use HSTS — Enables this to force browsers to prevent any communication being sent over HTTP. All transfer to the webpage (and all subdomains) will be done using HTTPS instead. — Available since version 2017.0-4100. |
web-x-frame-options | string | server | 'DENY' | Set the X-Frame-Options value — The default value is set to DENY. If you change this, you must introduce another form of protection to avoid clickjacking attacks. If you do not have other protection, do not change this setting. — Available since version 2017.1-5870. |
ws-keepalive-interval | integer - DWORD (32-bit) | server | 10 | Websocket keepalive interval — Specifies the interval (in seconds) after which to send a keepalive message. If set to 0, the keepalive message is disabled. — Available since version 2017.0-4100. |
display
Parameters
The following table describes the configuration parameters in the [display]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the display
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
console-session-default-layout | string | session | [] | Default screen resolution and position for console sessions — Specifies the default screen resolution and position for console sessions. If this is set, DCV sets the requested layout at startup. Each monitor can be configured with resolution (w,h) and position (x,y). All specified monitors are enabled. Default layout example value: [{'w':<800>, 'h':<600>, 'x':<0>, 'y': <0>}, {'w':<1024>, 'h':<768>, 'x':<800>,'y':<0>}] — Available since version 2017.0-5600. |
cuda-devices | string | connection | [] | CUDA devices used for stream encoding — Specifies the list of local CUDA devices which DCV uses to distribute encoding and CUDA workloads. Each device is identified by a number that can be retrieved from the nvidia-smi command. For example, cuda-devices=['0', '2'] indicates that DCV uses two GPUs, with IDs 0 and 2. This setting is similar to the CUDA_VISIBLE_DEVICES environment variable, but it only applies to DCV. If the option is not set, DCV uses an incremental session index starting from 0 to pick the next device to use. — Available since version 2017.2-6182. |
enable-client-resize | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow clients to set the display layout — Specifies whether clients are allowed to set the display layout. — Available since version 2017.0-4100. |
enable-qu | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to send quality updates — Specifies whether to send quality updates. — Available since version 2017.0-4100. |
enable-yuv444-encoding | string | session | 'default-off' | Whether to enable YUV444 encoding — Enables or disables YUV444 encoding. If 'always-on' the server will prefer the YUV444 format that is optimized for high color accuracy. If 'always-off' the server will prefer a format that is optimized for streaming performance. The values 'default-on' and 'default-off' have the same semantics, which is to let the client decide. Allowed values: 'always-on', 'always-off', 'default-on', 'default-off'. — Available since version 2022.0-11954. |
grabber-target-fps | integer - DWORD (32-bit) | session | 0 | Target frames per second of frame grabber — Sets the upper limit to grab frames per second. A value of 0 defaults to the standard behavior of each specific frame buffer reader, e.g. fallback to target-fps or don't limit grabbing. Not all frame capture backends honor this setting. — Available since version 2017.1-5870. |
max-compressor-threads | integer - DWORD (32-bit) | session | 4 | Max compressor threads — Specifies the maximum number of compressor threads. — Available since version 2017.0-4100. |
max-head-resolution | string | custom | (4096, 2160) | Max head resolution — Sets the maximum resolution of a display head requestable by the client. A display head is equivalent to a host monitor. The setting is reloaded at each client layout request. When a bigger head resolution is requested by a client, the server adjusts the resolution to make sure that it matches the maximum width and height values set by this option. The maximum supported resolution value is (4096, 4096). — Available since version 2017.0-4100. |
max-layout-area | integer - DWORD (32-bit) | custom | 0 | Max layout area in pixels — Sets the maximum area in pixels of a display layout requestable by the client. Layouts that are larger than this limit will be ignored. This maximum is meant to provide an upper bound to the amount of display data that must be sent, without providing constraints on the display layout geometry. If set to 0, no limit is applied to layout area. The setting is reloaded at each client layout request. — Available since version 2019.1-7423. |
max-num-heads | integer - DWORD (32-bit) | custom | 4 | Max number of heads — Specifies the maximum number of display heads requestable by the client. A display head is equivalent to a host monitor. The setting is reloaded at each client layout request. When a greater number of heads is requested by a client, the server adjusts the number of heads so that the value does not exceed the value set by this option. — Available since version 2017.0-4100. |
min-head-resolution | string | custom | (640, 480) | Min head resolution — Sets the minimum resolution of a display head requestable by the client. A display head is equivalent to a host monitor. The setting is reloaded at each client layout request. When a smaller resolution is requested by a client, the server adjusts the resolution to make sure that it matches the minimum width and height values set by this option. — Available since version 2017.0-4100. |
target-fps | integer - DWORD (32-bit) | session | -1 | Target frames per second — Specifies the maximum allowed frames per second. A value of 0 means no limit. A value of -1 means that the target-fps value will be determined according to the server characteristics and the session type. With versions < 2020.2, the -1 value is not recognized and the default value is 25. — Available since version 2017.0-4100. |
use-grabber-dirty-region | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to use dirty regions — Specifies whether to use dirty screen regions. If enabled, the grabber tries to compute new frames out of the dirty regions from the screen. — Available since version 2017.0-4100. |
web-client-max-head-resolution | string | custom | (1920, 1080) | Max head resolution for web client — Sets the maximum resolution of a display head requestable by a web client. A display head is equivalent to a host monitor. The setting is reloaded at each client layout request. This setting is ignored in case the web client is setting the max resolution explicitly. The max-head-resolution limitations option is applied on top of the max width and height values set by this option. In case the value is set to (0, 0), it is ignored. — Available since version 2020.0-8428. |
display/linux
Parameters
The following table describes the configuration parameters in the [display/linux]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the display/linux
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
disable-local-console | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Blanks the local screen and inhibits local input (Linux console sessions on Xorg only) — Blanks locally-connected monitor(s) to prevent ongoing DCV console sessions from being shown and disables local input devices while remote clients are connected. Monitors and input devices are enabled back upon disconnection of the last client. This prevents local users to meddle into the remote console session and increases privacy. Input devices whose names start with 'DCV ' (space included) or 'Xdcv ' (space included) are not disabled by the setting. — Available since version 2024.0. |
enable-console-scaling | true or false - DWORD (32-bit) | session | Linux: false - Windows: 0 | Enable scaling the framebuffer to support arbitrary resolutions (Linux console sessions on Xorg only) — Permits arbitrary resolutions on console sessions by setting the XRandR transform from the framebuffer to the scan-out buffer accordingly. If set to 'false' (which is the default) the legacy behavior is to be expected (only resolutions directly supported by the locally plugged-in displays are permitted). If set to 'true' the client can request arbitrary resolutions on the server irrespective of whether the physically connected displays support them or not. — Available since version 2024.0. |
gl-displays | string | session | [':0.0'] | 3D accelerated X displays — Specifies the list of local 3D accelerated X displays and screens used by DCV for OpenGL rendering in virtual sessions. If this value is missing, you can't run OpenGL applications in virtual sessions. This setting is ignored for console sessions. — Available since version 2017.0-4100. |
extensions
Parameters
The following table describes the configuration parameters in the [extensions]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the extensions
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enabled | true or false - DWORD (32-bit) | connection | Linux: true - Windows: 1 | Whether the extensions feature should be enabled — Specifies if the extensions feature is enabled. If the extensions feature is disabled, users will not be able to use third party extensions for DCV. — Available since version 2023.0-14852. |
input
Parameters
The following table describes the configuration parameters in the [input]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the input
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enable-autorepeat | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow autorepeat on Linux — Specifies whether to allow autorepeat for a single key. — Available since version 2017.2-6182. |
enable-gamepad | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow gamepad input — Specifies whether gamepad is enabled. — Available since version 2022.0-11954. |
enable-relative-mouse | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow relative mouse movements — Specifies whether to allow relative mouse movements. — Available since version 2017.0-5121. |
enable-stylus | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow stylus input — Specifies whether a stylus is enabled. — Available since version 2019.0-7318. |
enable-touch | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to allow touch input — Specifies whether touch is enabled. — Available since version 2017.3-6698. |
license
Parameters
The following table describes the configuration parameters in the [license]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the license
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
license-file | string | session | '' | License — Specifies the licenses to use for DCV server when running on non-EC2 instances. Licensing is granted through RLM licenses. It can contain a list of license specifications, separated by ';' on Windows, and separated by ':' on Linux. Each license specification can be a local license file for extended evaluation licenses, or an RLM server port and hostname specified in the format PORT@HOSTNAME for floating licenses. In case multiple licenses are specified, the server will try each one in turn until the first one is validated (e.g. the license file is correctly recognized or the remote RLM server could be contacted). If no value is specified, the server will look for the default license file '/usr/share/license/license.lic' on Linux, 'C:\Program Files\NICE\DCV\Server\license\license.lic' on Windows; in case the default license file is not found, a demo license is used. This parameter is ignored on EC2 instances. — Available since version 2017.0-4100. |
log
Parameters
The following table describes the configuration parameters in the [log]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the log
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
directory | string | server | '' | Log output directory — Specifies the destination to which logs are saved. If not specified it defaults to "C:\ProgramData\NICE\DCV\log\" on Windows and to "/var/log/dcv/" on Linux. — Available since version 2017.0-4100. |
enable-image-audit | true or false - DWORD (32-bit) | server | Linux: false - Windows: 0 | Enables content auditing of transferred images — Specifies if the content of any transferred images has to be saved in a separate file. The images will be stored in a log subdirectory and the filename will be reported in the audit CSV file. If transfer-audit is disabled, the value is ignored. — Available since version 2023.0-14852. |
level | string | custom | 'info' | Log level — Specifies the log file verbosity level. The verbosity levels (in order of the amount of detail they provide) are: 'error', 'warn', 'info', and 'debug'. The new value is effective as soon as it is changed on the configuration and propagated to the DCV agent processes. With versions <= 2019.1, the log level on the DCV agent processes is only set when they start. — Available since version 2017.0-4100. |
max-file-size | integer - DWORD (32-bit) | server | 0 | Maximum log file size in MegaBytes before rotation — Specifies the maximum log file size before a rotation is triggered. If the value is '0', rotation by size is disabled, and instead files are rotated when the process generating them is restared. — Available since version 2022.1-13067. |
rotate | integer - DWORD (32-bit) | server | 10 | Number of log file rotations — Specifies the number of times that log files are rotated before being removed. If the value is 0, old versions are removed rather than rotated. — Available since version 2017.0-4100. |
rotation-interval | string | server | 'none' | The maximum time interval between two successive log file rotations — Specifies the maximum time interval between two successive log file rotations. If the value is 'none', files are not rotate based on time. Other possible values are 'every-minute', 'every-twenty-minutes', 'every-hour' and 'every-day'. — Available since version 2022.1-13067. |
rotation-suffix | string | server | 'counter' | The suffix to be appended to a rotated log file — Specifies the suffix to be appended to the rotated log file. In case 'counter' is specified, a simple increasing counter suffix is appended to each rotated log file. In case 'timestamp' is specified, a timestamp of the form 'YYYY-MM-DD-HH-MM' is applied to the log file. In case a rotated file with that timestamp already exists in the log folder, an additional numeric counter is appended to the timestamp. — Available since version 2022.1-13067. |
transfer-audit | string | server | 'none' | Transfer direction to audit — Specifies which transfer direction to audit. If this parameter is enabled, a new CSV file logs transfers between the server and clients. The allowed values are: 'none', 'server-to-client', 'client-to-server', and 'all'. If this value is missing or equal to 'none', transfer audits are disabled and no file is created. — Available since version 2017.0-4100. |
printer
Parameters
The following table describes the configuration parameters in the [printer]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the printer
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
file-printer-name | string | custom | 'DCV Printer' | Name of the virtual DCV Printer for file download — String representing the name of the virtual DCV Printer on a DCV server. In Linux, this value is read from the configuration every time a new Linux DCV session is created. If this setting is non-empty, and has string PREFIX as value, a new virtual printer with name 'PREFIX - SESSION-NUMBER' will be registered in CUPS. If this setting is empty, no DCV virtual printer will be registered. In Windows, this setting is used to change the default printer on the system. If set to an empty string, DCV will not change the current default printer. — Available since version 2022.0-11954. |
use-default-printer | string | custom | 'client-decides' | Decides how the default printer gets set — Server decides which printer to set as default printer. Accepted values are 'client-decides', 'always-on', 'always-off'. If the value for this setting is 'always-off', the server does not set any printer as default. If the value is 'always-on', sets the printer that is specified in the setting 'file-printer-name' under section 'printer'. If the value is 'client-decides', the default printer sent from the client is set. If no default printer is sent by the client, the printer specified in 'file-printer-name' under section 'printer' is set. The default value is 'client-decides'. Currently supported only on windows. — Available since version 2022.2-13907. |
redirection
Parameters
The following table describes the configuration parameters in the [redirection]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the redirection
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enable-timezone-redirection | string | session | 'client-decides' | Allow or deny time zone redirection from client to server — Allows or denies time zone to be redirected from client to server. Accepted values are: 'always-on', 'always-off' and 'client-decides'. If it is set to 'always-on', priority user client will send its time zone to the server and that becomes the time zone of the server. If it is set to 'always-off', the server will display its own time zone to the clients. Any client time zone message will be discarded. If it is set to 'client-decides', priority user client can send its time zone to the server and that becomes the time zone of the server. The client can choose not to send its time zone to the server. The default value is 'client-decides'. — Available since version 2022.2-13907. |
security
Parameters
The following table describes the configuration parameters in the [security]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the security
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
allowed-http-host-regex | string | server | '^.+$' | Allowed host regular expression — Specifies a regular expression pattern representing the host names that this DCV server can serve. If the Host header of an incoming HTTP request does not match this pattern, the request itself fails with a 403 Forbidden status code. This is a security measure to prevent HTTP Host header attacks. The pattern must be a valid Javascript-like regular expression. Letters in the pattern match both uppercase and lowercase letters. Example: '^(www\.)?example\.com$'. — Available since version 2017.0-4100. |
allowed-ws-origin-regex | string | server | '^https://.+$' | Allowed origins — Specifies a regular expression pattern representing the origins that this DCV server accepts. When establishing a WebSocket connection, the Origin header field in the client's handshake indicates the origin of the script establishing the connection. If the Origin header of an incoming HTTP request does not match this pattern, the request itself fails with a 403 Forbidden status code. This is a security measure to prevent cross-site WebSocket hijacking (CSWSH) attacks. The pattern must be a valid Javascript-like regular expression. Letters in the pattern match both uppercase and lowercase letters. The Origin header has the form: <scheme> "://" <host> [ ":" <port> ]. Example: '^https://(www\.)?example\.com(:443)?$'. — Available since version 2017.0-4100. |
auth-connection-setup-timeout | integer - DWORD (32-bit) | server | 120 | Authentication channel connection setup timeout — Specifies the amount of time (in seconds) allowed for the authentication channel connection setup procedure to be completed before timing out. If the procedure takes more, then the channel is closed. If set to 0, the authentication channel connection setup timeout is disabled. — Available since version 2017.0-4100. |
auth-token-verifier | string | server | '' | The endpoint of the authentication token verifier — Specifies the endpoint (URL) of the authentication token verifier used by the DCV server. If empty, the internal authentication token verifier is used. If not empty, valid changes to the endpoint are immediately applied with no need to restart the server (cannot be changed to empty without restarting). — Available since version 2017.0-4100. |
auth-token-verifier-timeout | integer - DWORD (32-bit) | server | 100 | The timeout (in seconds) for the authentication token verifier. — Specifies the time (in seconds) to wait for the authentication token verifier used by the DCV server. — Available since version 2023.0-14852. |
authentication | string | server | 'system' | Authentication method — Specifies the client authentication method used by the DCV server. Use 'system' to delegate client authentication to the underlying operating system. Use 'none' to disable client authentication and grant access to all clients. — Available since version 2017.0-4100. |
authentication-threshold | integer - DWORD (32-bit) | server | 3 | Authentication threshold — Specifies how many times each client can fail authentication before the connection is closed by the server. To allow unlimited authentication attempts, use 0. — Available since version 2017.0-4100. |
ca-file | string | custom | '' | CA file — Specifies the file containing the certificate authorities (CAs) trusted by the DCV server. If empty, use the default trust store provided by the system. — Available since version 2017.0-4100. |
certificate-to-user-file | string | custom | '' | Certificate to user mapping file — Specifies the file containing the certificate to user mapping list. — Available since version 2022.0-11954. |
ciphers | string | server | 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384' | Cipher list used on the TLS connections — Specifies the cipher list used on TLS connections. The cipher list must be separated using the character ":" and must be supported by openssl and the clients. — Available since version 2017.0-4100. |
connection-estab-timeout | integer - DWORD (32-bit) | server | 5 | Connection establishment timeout — Specifies the amount of time (in seconds) allowed for the connection procedure to be completed before timing out. If the procedure takes more, then the connection is closed. If set to 0, the connection establishment does not time out. — Available since version 2017.0-4100. |
connection-setup-timeout | integer - DWORD (32-bit) | server | 5 | Channel connection setup timeout — Specifies the amount of time (in seconds) allowed for the channel connection setup procedure to be completed before timing out. If the procedure takes more, then the channel is closed. If set to 0, the channel connection setup does not time out. — Available since version 2017.0-4100. |
crl-file | string | custom | '' | CRL file — Specifies the file containing the certificate revocation list (CRL). — Available since version 2022.0-11954. |
enable-gssapi | true or false - DWORD (32-bit) | server | Linux: false - Windows: 0 | Enable GSSAPI SASL mechanism — Enables or disables GSSAPI SASL mechanism, that allows DCV authentication with kerberos. — Available since version 2017.3-6698. |
max-connections-per-user | integer - DWORD (32-bit) | server | 10 | Maximum number of user's connections — Specifies the maximum number of allowed concurrent connections per user. Exceeding connections are rejected. — Available since version 2017.0-4100. |
no-tls-strict | true or false - DWORD (32-bit) | custom | Linux: false - Windows: 0 | Enable or disable strict certificate validation — Enables or disables strict certificate validation when connecting to an external authentication token verifier. Strict certificate validation must be disabled if the authentication token verifier uses a self-signed certificate. Changes to this parameter are immediately applied with no need to restart the server. — Available since version 2017.0-4100. |
os-auto-lock | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether to lock the OS session when last client connection ends — If enabled, the OS session is locked when the last client connection is closed. — Available since version 2017.1-5777. |
pam-service-name | string | server | 'dcv' | PAM service name — Specifies the name of the PAM configuration file used by DCV. The default PAM service name is 'dcv' and corresponds with the /etc/pam.d/dcv configuration file. This parameter is only used if the 'system' authentication method is used. — Available since version 2017.0-4100. |
passwd-file | string | server | '' | Password file — Specifies the password file to be used to check user credentials (only with dcv authentication mode). If empty, use the default file in ${XDG_CONFIG_HOME}/NICE/dcv/passwd for Linux, or %CSIDL_LOCAL_APPDATA%\NICE\dcv\passwd for Windows. — Available since version 2017.0-4100. |
server-fqdn | string | server | '' | Server FQDN — Specifies the server fully qualified domain name. Empty means gethostname(). — Available since version 2017.3-6698. |
service-name | string | server | 'dcv' | Service Name — The registered name of the service (usually the protocol name). — Available since version 2020.0-8428. |
supervision-control | string | custom | 'disabled' | The type of supervision control for the sessions — Specifies the type of supervision control for the sessions. The possible values are 'disabled' and 'enforced'. If this value is set to 'enforced', then unsupervised-access permission can be set to allow or deny owner-less access of users in a collaborative session. If unsupervised-access is allowed for a user, the user can access a session without an owner. All users except the owner are denied this permission by default. When this value is set to 'disabled' (default), the server does not enforce this supervision control and permission. The new value is effective as soon as it is changed in the configuration. — Available since version 2021.3-11591. |
user-realm | string | server | '' | Server user realm — Specifies a user realm for the server. — Available since version 2017.3-6698. |
session-management
Parameters
The following table describes the configuration parameters in the [session-management]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the session-management
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
create-session | true or false - DWORD (32-bit) | server | Linux: false - Windows: 0 | Create a console session at server startup — Specifies whether to automatically create a console session (with ID "console") at server startup. — Available since version 2017.0-4100. |
enable-gl-in-virtual-sessions | string | session | 'default-on' | Whether to employ dcv-gl feature — Specifies whether to use the dcv-gl feature (a license is required). Allowed values: 'always-on', 'always-off', 'default-on', 'default-off'. — Available since version 2017.0-4100. |
max-concurrent-clients | integer - DWORD (32-bit) | session | -1 | Maximum number of concurrent clients per session — Specifies the maximum number of concurrent clients per session. If set to -1, no limit is enforced. To set the limit only for the automatic session, use 'max-concurrent-clients' of section 'session-management/automatic-console-session'. — Available since version 2017.0-4100. |
max-concurrent-sessions | integer - DWORD (32-bit) | server | 0 | Maximum number of concurrent sessions — Specifies the maximum number of allowed concurrent sessions. This limit currently applies only to virtual sessions, because console sessions are intrinsically limited to one. Specify 0 to not enforce any limit. — Available since version 2019.0-7318. |
max-sessions-per-user | integer - DWORD (32-bit) | server | 0 | Maximum number of sessions per user — Specifies the maximum number of allowed concurrent sessions that each user can own. This limit currently applies only to virtual sessions. Specify 0 to not enforce any limit. — Available since version 2021.0-10242. |
performance-profile | string | custom | 'none' | Specifies the profile used during the initialization of some features — Adjust the default settings of some features according the performance profile of the instance. When no profile is selected the profile is estimated automatically according the number of CPUs and if a GPU is present. Allowed values are: 'low', 'medium', 'high' and 'none'. — Available since version 2024.0. |
virtual-session-default-layout | string | session | [] | Default layout for virtual sessions — If this is set, Xdcv is configured to create the specified layout at startup. Each monitor can be configured with resolution (w,h) and position (x,y). All specified monitors are enabled. Default layout example value: [{'w':<800>, 'h':<600>, 'x':<0>, 'y': <0>}, {'w':<1024>, 'h':<768>, 'x':<800>, 'y':<0>}] For this setting, the maximum number of monitors (specified in the virtual-session-monitors setting) has more priority than the number of elements in the array. For example, if five monitors have been set, but the maximum number of monitors is four, only the first four monitors are created. If this key is set, the number of enabled monitors (specified in the virtual-session-monitors setting) is ignored. — Available since version 2017.0-5600. |
virtual-session-font-path | string | session | '' | Whether to add special font paths — Specifies the path of special fonts. Some applications require a special font to be passed to the X server. — Available since version 2017.0-4100. |
virtual-session-source-profile | true or false - DWORD (32-bit) | session | Linux: false - Windows: 0 | Whether to source the user profile in session starter — Specifies whether the shell that runs the session starter script should source the user profile. By default this is false and DCV will run the session starter script with "bash --noprofile --norc" — Available since version 2021.3-11591. |
virtual-session-xdcv-args | string | session | '' | Additional arguments to pass to Xdcv — Specifies any additional arguments to be passed to Xdcv. — Available since version 2017.0-4334. |
session-management/automatic-console-session
Parameters
The following table describes the configuration parameters in the [session-management/automatic-console-session]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the session-management/automatic-console-session
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
client-eviction-policy | string | server | 'reject-new-connection' | Specify how to handle client connections when a limit is reached — Specifies whether to reject a new connection or to automatically close an existing connection when the maximum number of concurrent clients per session is reached. Allowed values are 'reject-new-connection' (the incoming connection will be closed), and 'same-user-oldest-connection' (the server will close the connection of the same user that hasn't interacted with the session for the longest time or, absent that information, with the oldest connection time). — Available since version 2022.1-13067. |
max-concurrent-clients | integer - DWORD (32-bit) | server | -1 | Maximum number of concurrent clients per session — Specifies the maximum number of concurrent clients allowed per session. If set to -1, no limit is enforced. — Available since version 2017.0-5600. |
owner | string | server | '' | Owner of the automatically created "console" session — Specifies the username of the "console" session owner. If empty, the owner is the user who started the DCV server. This setting is applied only to the "console" session automatically created at server startup when the create-session setting is set to true. — Available since version 2017.0-5600. |
permissions-file | string | server | '' | Permissions file for the automatic "console" session — Specifies the path to the permissions file to be used to check user access to DCV features. If empty, only the owner has full access to the session. — Available since version 2017.0-5600. |
storage-root | string | server | '' | Path to file storage root folder — Specifies the full path to the folder to be used for console session storage. If the storage-root is empty or the folder does not exist, file storage is disabled. — Available since version 2017.0-5600. |
session-management/defaults
Parameters
The following table describes the configuration parameters in the [session-management/defaults]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the session-management/defaults
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
permissions-file | string | session | '' | Default permissions included in all sessions — Specifies the path to the permissions file to be automatically merged with the permissions selected by the user for each session. If empty, use the 'default.perm' file, which is located in /etc/dcv/ for Linux, or in the DCV installation folder (for example, 'C:\Program Files\NICE\DCV\Server\conf') for Windows. — Available since version 2017.0-5600. |
smartcard
Parameters
The following table describes the configuration parameters in the [smartcard]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the smartcard
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enable-cache | string | custom | 'default-on' | Whether to enable smartcard caching messages — Enables or disables smart card caching. When enabled, the DCV server caches the last value received from the client's smart card. Future calls are retrieved directly from the server's cache, instead of from client. This helps to reduce the amount of traffic that is transferred between the client and the server, and improves performance. Allowed values include 'always-on', 'always-off', 'default-on', and 'default-off'. This value is read from the configuration every time a client smartcard application is started. — Available since version 2017.2-6182. |
webauthn
Parameters
The following table describes the configuration parameters in the [webauthn]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the webauthn
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
enabled | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Whether the webauthn redirection feature should be enabled — This setting controls the redirection of WebAuthn requests. When enabled, it allows users to authenticate for web resources using their local authenticator, such as YubiKey, Windows Hello, or others. If you disable this setting, WebAuthn redirection will be disabled, and users won't be able to use their local authenticators. — Available since version 2023.1-16220. |
webcam
Parameters
The following table describes the configuration parameters in the [webcam]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the webcam
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
max-resolution | string | connection | (0, 0) | Max webcam resolution — Specifies the maximum webcam resolution that can be selected among the resolutions provided by the clients exposed to applications. If this value is missing or (0, 0) the default value will be used. Default value: 1280x720 for high and medium performance-profile, 640x480 for low performance-profile. — Available since version 2021.0-10242. |
preferred-resolution | string | connection | (0, 0) | The preferred webcam resolution — Specifies the preferred webcam resolution among the resolutions provided by the client. If the specified resolution is not supported, the closest matching resolution is selected. If this value is missing or (0, 0) the default value will be used. Default value: 640x360 for high and medium performance-profile, 424x240 for low performance-profile. — Available since version 2021.0-10242. |
windows
Parameters
The following table describes the configuration parameters in the [windows]
section of the
/etc/dcv/dcv.conf
file for Linux Amazon DCV servers, and the windows
registry key for Windows Amazon DCV servers.
Parameter | Type - Windows registry type | Reload context | Default value | Description |
---|---|---|---|---|
disable-display-sleep | true or false - DWORD (32-bit) | session | Linux: true - Windows: 1 | Prevent display from entering power-saving mode — Specifies whether to prevent the display from entering power-saving mode. — Available since version 2017.0-4100. |
printer | string | session | '' | Printer to be set as default — Specifies the name of the virtual DCV printer. The name is used to change the default printer on the system. If set to an empty string, DCV will not change the current default printer. Deprecated: use 'file-printer-name' of section 'printer'. — Available since version 2017.0-4100. |