Getting started with Workspace ONE
In this section of your hands on labs you will put in base requirements for Workspace ONE Access to integrate with VMware Horizon.
You will install the Workspace ONE Access Connector and configure Microsoft Active Directory integration to sync User accounts and Security Groups
Part 1: Workspace ONE Access Connector pairing pre-requisites
Part 2: Installing and configuring the Workspace ONE Access Connector
Part 3: Configure Directory Sync with Workspace ONE Access Connector
- In your email account
- ( used for registering you on this session )
- look for a no-reply email with Workspace ONE Workshop | vIDM Tenant Information
- open the email
- In your email
- copy your Tenant URL information
- On your ControlCenter server
- On your Site 1 Profile Chrome browser
- Paste the Tenant URL information into the address bar
- with your keyboard
- select Enter
- On your Site 1 Profile Chrome browser
- On the right side of the Site 1 Chrome Browser
- select the Bookmark Icon
- In the Bookmark added window
- next to Name
- enter Access
- select Done
- next to Name
In this lab you will download the Workspace ONE Access connector configurations. These configurations will be used later in Part 4 to installer the Workspace ONE Access connector.
- On your ControlCenter server
- Open your Workspace ONE Access, Admin console URL
- Under Username
- enter Administrator
- Under Password
- enter VMware1!
- Select Sign In
- Under Username
- Open your Workspace ONE Access, Admin console URL
- In the Web Intelligent Hub Console
- To the right,
- select TA
- From the dropdown
- select Workspace ONE Access Console
- To the right,
- In the Workspace ONE Access Console
- select Integrations
- Under Integrations
- select Connectors
- In the Connectors area
- select NEW
- In the Connector Usage Confirmation window
- select the radio button, next to :-
- Latest Workspace ONE Access Connector
- select OK
- select the radio button, next to :-
- In the Confirm the latest Workspace ONE Connector window
- select CONFIRM
- In the Add New Connector window
-
Downloader Installer area
- select NEXT
-
Downloader Installer area
- In the Add New Connector window
-
Download Configuration File area
- next to Password: enter VMware1!VMware1!
- next to Reenter Password: enter VMware1!VMware1!
- select DOWNLOAD CONFIGURATION FILE
- note an es-config.json file gets downloaded
- select NEXT
-
Download Configuration File area
- In the Add New Connector window
-
Summary window
- select CLOSE
-
Summary window
- On your ControlCenter server browser
- Next to the es-config.json
- Select the Dropdown
- Select Show in folder
- Next to the es-config.json
- In the File Explorer window
- Select and right-click the es-config.json file
- Select Copy
- In the left pane
- Select Desktop
- In the File Explorer window
-
Desktop area
- Select the Software shortcut
- In the Software folder
- Open the ACCESS folder
-
Desktop area
- In the File Explorer window
-
ACCESS folder
- Paste your es-config.json file
- Close your File Explorer window
-
ACCESS folder
- On your ControlCenter server
- On the Desktop.
- Open the Remote Desktops\Site1 folder
- Select and launch the WS1-Connector.RDP shortcut
- On the Desktop.
- On your WS1-Connector server
- open the Software Folder
- select the ACCESS Folder
- select and Launch
- Workspace-ONE-Access-Connector-Installer-22.09.1.0.exe
- On your WS1-Connector server
- on the Open File - Security Warning windows
- select Run
- on the Open File - Security Warning windows
- On the Workspace ONE Access Connector - InstallShield Wizard
- in the Welcome to the Installation Wizard for Workspace ONE Access Connector 22.09.0.0
- select Next
- in the Welcome to the Installation Wizard for Workspace ONE Access Connector 22.09.0.0
- On the Workspace ONE Access Connector - InstallShield Wizard
-
Licence Agreement window
- select the radio button next to:-
- I accept the terms in the license agreement
- select Next
- select the radio button next to:-
-
Licence Agreement window
- On the Workspace ONE Access Connector - InstallShield Wizard
-
Service Selection window
- Select Next
-
Service Selection window
- On the Workspace ONE Access Connector - InstallShield Wizard
-
Specify Configuration File window
- In the box in front of Browse...
- type \\horizon-01a\software\ACCESS\es-config.json
- Next to Password: type VMware1!VMware1!
- In the box in front of Browse...
- Select Next
-
Specify Configuration File window
- In the Workspace ONE Access Connector - InstallShield Wizard
- keep Default
- select Next
- In the Workspace ONE Access Connector - InstallShield Wizard
-
Specify Service Account window
- under User name: type
- euc-livefire.com\administrator
- under Password:
- type VMware1!
- under User name: type
- select Next
-
Specify Service Account window
- In the Workspace ONE Access Connector - InstallShield Wizard
-
Ready to Install window
- select Install
-
Ready to Install window
The Installation of the Workspace ONE Access Connector will take about 10 minutes to complete. Continue with Part 5 while the installation is going. Check back periodically to ensure it has successfully installed.
- In the Workspace ONE Access Connector - InstallShield Wizard
-
Installation Wizard Completed window
- Select Finish
-
Installation Wizard Completed window
First we will configure the Attributes. Note! Every organisation will need to research their requirements when deciding whether or not to set attributes to required. For specific applications where this needs to be considered, if the associated user object does not have the attribute, authentication might fail.
- In the Workspace ONE Access Admin console
- Select Settings
- Select User Attributes
- Select Settings
- In the User Attributes console
-
In the right area under Custom Attributes
- Select ⊕ ADD ROW 3 times
-
In the right area under Custom Attributes
- In the User Attributes console
- Under Name
- Add the following additional attributes
- note this is case sensitive :
- objectGuid
- sid
- netBios
- Add the following additional attributes
- Under Name
- In the User Attributes console
- Under User Attributes
- Select SAVE
- In the Workspace ONE Access admin console.
- Select Integrations,
- Select Directories
- Select Integrations,
- In the Directories area
- To the right
- Select Add Directory
-
In the Add Directory dropdown
- Select Active Directory
- To the right
- In the Add Active Directory Page,
- Under Directory Information
- Directory Name: type EUC-Livefire
- Ensure the Active Directory over LDAP radio button is selected
- Click NEXT
- Under Directory Information
- In the Configure Directory section,
- Leave the Directory Sync and Authentication as default
- In the Bind User Details area
- Enter the following Next to :
- Base DN: dc=EUC-Livefire,dc=com
- Bind DN: cn=administrator,ou=corp,dc=EUC-Livefire,dc=com
- Bind DN Password: VMware1!
- Enter the following Next to :
- Select Save
- In the Select the Domains page,
- euc-livefire.com (EUC-LIVEFIRE)
- Select Save.
- euc-livefire.com (EUC-LIVEFIRE)
- On the Map User Attribute page
- Map the following attributes :
- what you enter here is case sensitive
- Scroll down next to:-
-
netbios:
- select custom input
- enter msDS-PrincipalName
- select custom input
-
objectGuid:
-
from the dropdown
- select objectGUID
-
from the dropdown
-
sid:
- select custom input
- enter objectSid
- select custom input
-
netbios:
-
In the bottom left corner
- select SAVE
- Scroll down next to:-
- what you enter here is case sensitive
- Map the following attributes :
Note: userPrincipalName is a required attribute for Horizon, it is enabled by default
- On the Select the Groups you want to sync page,
- select +ADD
- under Create Group
- enter dc=euc-livefire,dc=com
- select ADD
- On the Select the Groups you want to sync page,
- under Select All
- select the check box
- select SAVE.
- under Select All
- In the Select Users you would like to sync window
- under Specify the user DNs
- edit the existing syntax so that it reads
- ou=corp,dc=EUC-Livefire,dc=com
- select SAVE
- edit the existing syntax so that it reads
- under Specify the user DNs
- On the Sync Frequency window
- next to Sync Frequency
- from the dropdown
- select to Every hour
- from the dropdown
- select SAVE & SYNC
- next to Sync Frequency
- On the Directories window
-
Refresh your browser window
- note the Synced Groups and Synced Users
-
Refresh your browser window
- In your Workspace ONE Access admin console
- select Settings
- select Login Preferences
-
under Login Preferences
- select EDIT
- select Settings
- In the Login Preferences area
- In line with:
-
Sync Group Members to the Directory When Adding Group
- select the Checkbox
-
Sync Group Members to the Directory When Adding Group
- In line with:
- In the Login Preferences area
- in the bottom right
- select SAVE
- in the bottom right
- In the Workspace ONE Access console
- select Integrations
- select Directories
- select Integrations
- In the Directories area
- select EUC-Livefire
- In the EUC-Livefire directory area
- In the right corner
- next to Sync
- select the dropdown
- select Sync without Safeguards
- select the dropdown
- next to Sync
- In the right corner
0 Comments
Add your comment