Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications



Similar documents
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Configuring Single Sign-on from the VMware Identity Manager Service to Amazon Web Services

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

VMware Identity Manager Integration with Active Directory Federation Services 2.0

ThinPrint GPO Configuration for Location-Based Printing

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

VMware Identity Manager Administration

Setting Up Resources in VMware Identity Manager

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

SAP NetWeaver AS Java

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

VMware Identity Manager Administration

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Integration with Active Directory

DualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

Configuring EPM System for SAML2-based Federation Services SSO

Introduction to Directory Services

Security Assertion Markup Language (SAML) Site Manager Setup

Connected Data. Connected Data requirements for SSO

CA Nimsoft Service Desk

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta

Active Directory Solution 1.0 Guide

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Microsoft Office 365 Using SAML Integration Guide

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

SAP NetWeaver Fiori. For more information, see "Creating and enabling a trusted provider for Centrify" on page

vcloud Automation Center Self-Service Portal Guide

Getting Started with Database-as-a-Service

Configuring Parature Self-Service Portal

Configuring Salesforce

Offline Data Transfer to VMWare vcloud Hybrid Service

Configuring Multiple ACE Management Servers VMware ACE 2.0

SAM Context-Based Authentication Using Juniper SA Integration Guide

How to Migrate Citrix XenApp to VMware Horizon 6 TECHNICAL WHITE PAPER

McAfee Cloud Identity Manager

Using SAML for Single Sign-On in the SOA Software Platform

ACTIVID APPLIANCE AND MICROSOFT AD FS

Egnyte Single Sign-On (SSO) Installation for OneLogin

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Single Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

Configuring. Moodle. Chapter 82

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

VMware Virtual Desktop Manager User Authentication Guide

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

VMware vcenter Support Assistant 5.1.1

Installation and Configuration Guide

Configuring. SuccessFactors. Chapter 67

Configuring SuccessFactors

Single Sign On for ShareFile with NetScaler. Deployment Guide

Enabling Single Sign- On for Common Identity using F5

Section 1, Configuring Access Manager, on page 1 Section 2, Configuring Office 365, on page 4 Section 3, Verifying Single Sign-On Access, on page 5

Configuring SAML2 for Single Sign On to Smartsheet (Enterprise Only)

PingFederate. Windows Live Cloud Identity Connector. User Guide. Version 1.0

Reconfiguration of VMware vcenter Update Manager

SAML Single-Sign-On (SSO)

Deployment Guide. Deploying F5 BIG-IP Global Traffic Manager on VMware vcloud Hybrid Service

CONFIGURATION GUIDE WITH MICROSOFT ACTIVE DIRECTORY FEDERATION SERVER

VMware vcenter Configuration Manager SQL Migration Helper Tool User's Guide vcenter Configuration Manager 5.6

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

365 Services. 1.1 Configuring Access Manager Prerequisite Adding the Office 365 Metadata. docsys (en) 2 August 2012

SAML 2.0 SSO Deployment with Okta

Using the vcenter Orchestrator Plug-In for vsphere Auto Deploy 1.0

VMware vcenter Configuration Manager and VMware vcenter Application Discovery Manager Integration Guide

TIB 2.0 Administration Functions Overview

Upgrading Horizon Workspace

Multipathing Configuration for Software iscsi Using Port Binding

Single Sign-on to Salesforce.com with CA Federation Manager

SAML Authentication Quick Start Guide

Explore the VMware Horizon 6 Toolbox Auditing and Remote Assistance Capabilities

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Management Pack for vrealize Infrastructure Navigator

Obtaining SSL Certificates for VMware View Servers

Using the vcenter Orchestrator Plug-In for Microsoft Active Directory

Configuring. SugarCRM. Chapter 121

SAML Security Option White Paper

User Management Tool 1.5

Installing and Configuring vcloud Connector

HP Software as a Service. Federated SSO Guide

Installing and Configuring vcloud Connector

Obtaining SSL Certificates for VMware Horizon View Servers

PingFederate. Identity Menu Builder. User Guide. Version 1.0

Egnyte Single Sign-On (SSO) Installation for Okta

VMware Identity Manager Connector Installation and Configuration

Advanced Service Design

IP Application Security Manager and. VMware vcloud Air

Helping Customers Move Workloads into the Cloud. A Guide for Providers of vcloud Powered Services

MTP. MTP AirWatch Integration Guide. Release 1.0

ADFS Integration Guidelines

WatchDox SharePoint Beta Guide. Application Version 1.0.0

BusinessObjects Enterprise XI Release 2

OneLogin Integration User Guide

Transcription:

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications VMware Identity Manager AUGUST 2015 V1

Configuring Single Sign-On from VMware Identity Manager to AirWatch Applications Table of Contents Overview... 2 Add AirWatch Applications to the VMware Identity Manager Catalog... 2 Obtain AirWatch Group ID and Service Provider ID Information for VMware Identity Manager. 2 Add AirWatch Applications to the Catalog... 3 Configure AirWatch to Enable SAML for Authentication... 5 Locate Identity Provider SAML Metadata... 5 Setting up AirWatch... 6 /1

Overview This document provides information about configuring single sign-on from the VMware Identity Manager service to AirWatch applications. You can integrate the AirWatch Self Service Portal and AirWatch Content Locker Web applications with the service. This enables you to manage them like any other application in the catalog, entitle users to them, and provide single sign-on access to them. AirWatch Content Locker allows you to manage document distribution and mobile access to corporate documents through a Web-based console. The AirWatch Self Service Portal enables end users to view and manage their enrolled devices. To integrate the applications with the VMware Identity Manager service, you add each application to the VMware Identity Manager catalog and enable SAML authentication in AirWatch to allow users logged in to the service to have single sign-on access to the AirWatch applications. You must have an administrator account for the VMware Identity Manager service as well as an administrator account for the application you are adding. Add AirWatch Applications to the VMware Identity Manager Catalog Add the AirWatch Self Service Portal application, the AirWatch Content Locker application, or both, to the VMware Identity Manager catalog. Obtain AirWatch Group ID and Service Provider ID Information for VMware Identity Manager Before you can add the applications to the catalog, you obtain the AirWatch service provider ID and group ID, and disable Use SAML For Authentication on the AirWatch server. 1. Log in to the AirWatch console. 2. Navigate to the Accounts > Administrators > Administrators Settings > Directory Services page. 3. Select the Use SAML for Authentication checkbox to display the SAML 2.0 information. 4. Make a note of the value of the Service Provider (Airwatch) ID field, if it is set. 5. Deselect the Use SAML for Authentication checkbox. 6. Navigate to the Groups & Settings > Groups > Organization Groups > Organization Group Details page. /2

7. Make a note of the value of the Group ID field. Add AirWatch Applications to the Catalog 1. Log in to the VMware Identity Manager administration console. 2. In the Catalog page, click Add Application >...from the cloud application catalog. 3. Click the icon for the application you want to add: the AirWatch icon (for the Self Service Portal) or the Content Locker icon. 4. In the Modify application page, click Configuration. 5. In the Application Configuration section, accept the default values for all fields. For example: /3

6. In the Application Parameters section, enter the following values. F IELD AWServerName ed ac audience DESCRIPTION Enter the AirWatch server name and domain. For example, connect.awmdm.com. Enter the email domain that has been set for the organization in AirWatch. For example, myorg.com. When an email domain is set, users can specify the email domain instead of the Group ID while logging in. If an email domain has not been set for the organization in AirWatch, enter any value. If the ed field has a valid value, it is used to determine the AirWatch Group ID, otherwise the value of the ac field is used. Enter the AirWatch Group ID that you obtained. For example, vmw1. Enter the AirWatch Service Provider ID that you obtained. For example, AirWatch. If the Service Provider ID field was not set, enter a unique name. /4

7. In the Attribute Mapping section, ensure that at least one attribute is mapped to a specific user profile value. 8. Click Save. 9. Click Entitlement and entitle the application to the appropriate users and groups. 10. Repeat these steps to add the other AirWatch application to the VMware Identity Manager catalog, if necessary. The AirWatch applications are now in the VMware Identity Manager catalog. Configure AirWatch to Enable SAML for Authentication In the AirWatch console, enable SAML for authentication. This allows single sign-on from the VMware Identity Manager service to all the AirWatch applications that are added to the VMware Identity Manager catalog. Before you enable SAML, ensure that the applications have been added to the VMware Identity Manager catalog. Locate Identity Provider SAML Metadata You must have the VMware Identity Provider identity provider metadata xml URL to configure AirWatch. From the VMware Identity Manager administration console, save a copy of the identity provider SAML metadata idp.xml file. 1. In the service s administration console Catalog tab, click Settings > SAML Metadata. 2. In the SAML Metadata section, click Identity Provider (IdP) metadata to display the metadata content. Save the URL. The URL is similar to this example. https://myco.vmwareidentity.com/saas/api/1.0/get/metadata/idp.xml. /5

3. Save the file. Setting up AirWatch 1. Log in to the AirWatch console. 2. Navigate to the Accounts > Administrators > Administrators Settings > Directory Services page. 3. Select the Use SAML For Authentication check box. 4. Click OK. 5. In the SAML 2.0 section, in the Import Identity Provider Settings field, click Upload and upload the VMware Identity Manager idp.xml file that you saved. 6. Click Save. The remaining fields are automatically filled with information from the idp.xml file. 7. Verify that the settings on the page match the following. FIELD Service Provider (AirWatch) ID REQUEST section Request Binding Type Identity Provider Single Sign On URL NameID Format Authentication Request Security RESPONSE section Response Binding Type Sp Assertion Url Authentication Response Security DESCRIPTION The AirWatch Service Provider ID. This value must match the value of the Application Parameters - audience field in the VMware Identity Manager service. For example: AirWatch. Redirect The VMware Identity Manager URL that AirWatch uses to send requests. Prepopulated as https://yourtenant.workspaceair.com/saas/auth/federation/sso. Unspecified None POST AirWatch URL that is configured by VMware Identity Manager to direct its authentication responses, entered as ~/SAML/AssertionService.ashx? binding=httppost Validate response signatures /6

8. Click Test Connection to verify that you can establish a connection with the VMware Identity Manager service. 9. Click Save. 10. Close the Settings page. 11. Navigate to the Apps > Catalog > General page. 12. In the Require Authentication field, select Disabled. 13. Click Save. /7

VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright 2015 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information