basketballnsa.blogg.se - Netiq federation azure

Netiq federation azure install#

Open the Horizon admin page by entering in your web browser.

Configuring Horizon for SAML Authentication Select SAML + passthrough if you want to use Active Directory authentication when launching Horizon apps and desktops. Select SAML if you want to use True SSO for single sign-on to the Horizon apps and desktops. Next to Horizon Settings, click the gear icon.įor Auth Methods, select SAML or SAML + passthrough. Next to Edge Service Settings, click the SHOW slider. Select the SAML metadata file you saved previously, and click on Open. Next to Upload Identity Provider Metadata, click the gear icon. In the Configure Manually section, click on Select. Depending on your configuration, the Unified Access Gateway admin page may be dedicated on a specific NIC / IP.Įnter your admin credentials, and click on Login.

Replace or with the URL or IP for your Unified Access Gateway. Open the Unified Access Gateway admin page by entering in your web browser. Configuring the Unified Access Gateway for SAML Authentication In the SAML Signing Certificate section, next to Federation Metadata XML, click on Download. In the Basic SAML Configuration section, click on Edit.įor the Identifier (Entity ID), change the Default field, and enter Replace with the URL for your Unified Access Gateway.įor the Reply URL (Assertion Consumer Service URL), change the Default field, and enter Replace with the URL for your Unified Access Gateway.įor the Sign on URL enter Replace with the URL for your Unified Access Gateway. While still having the application ( Horizon-SAML) open, click on Overview.Ĭlick on (2. Select the Azure AD group or users you want to allow access for this application (the group Horizon-SAML-Users in this example), and click Select. Assign users and Groups) Assign users and groups. Give the application a name (from now on Horizon-SAML in this example) and click on Create.Ĭlick on (1. Go to the Azure AD portal and click on Azure Active Directory. The latter is used when using True SSO for single sign-on in Horizon.

Netiq federation azure install#

Install Azure AD Connect Creating the Enterprise Application (Metadata)įirst we need to create the metadata required for the integration between the Unified Access Gateway and Azure AD, and between Horizon and Azure AD. If you want to setup Azure AD Connect, you can follow the steps from the link below. If you already have Azure AD Connect in place or don’t want to setup Azure AD Connect, you can skip this chapter.

A running Unified Access Gateway, version 3.8 or higherĮven though it is not strictly necessary to have Azure AD Connect in place for this solution, it may be easier to sync your on-prem AD identities with Azure AD from, for instance, an administrative perspective.

A running Horizon environment, version 7.11 or higher.

Prerequisitesīefore continuing, I assume you already have the following in place.

Integrating Microsoft Azure MFA with VMware Unified Access Gateway 3.8, written by Sean Massey, Staff Cloud Solutions Architect at VMware.Ĭredits go the authors of these articles.

Enabling SAML 2.0 Authentication for Horizon with Unified Access Gateway and Okta: VMware Horizon Operational Tutorial, written by Andreano Lanusse, End-User-Computing Staff Architect, Technical Marketing at VMware.

This blog post describes the required steps for enabling SAML authentication for Horizon with Unified Access Gateway and Azure AD, including the configuration for integrating Horizon apps and desktops in existing (third-party) workspace portal solutions.īefore I start, I want to give a huge shout-out to the following people for pointing me to useful articles, and giving input and contributing to the solutions described in this blog post.įor the largest part, this blog post is based on two great already existing articles.