EUCCurrent ClassesEUC: Horizon Advanced Integrations 2024 Chapters7. Unified Access Gateway / Horizon integration into Workspace ONE Access

7. Unified Access Gateway / Horizon integration into Workspace ONE Access

Overview

  • Traditional Federation with Horizon and Workspace ONE Access has been a popular approach and is used my many organizations.
  • Organizations with High Security requirements do not like and SAML artifacts being validated internally
  • In this session we look at the option to validate the SAML artifact on the Unified Access Gateway instead of forwarding the artifact internally.

Preparing Workspace ONE Access for Horizon Integration

Part 1: Workspace ONE Access , Connector pairing pre-requisites
  1. On your ControlCenter Server
    • Using your assigned credentials
      • Log in to your Workspace ONE Console
    • In the My Workspace console
      • below Services
        • find the Access icon
          • select Launch
  1. In the Workspace ONE Access Console
    • select Integrations
    • under Integrations
      • select Connectors
    • In the Connectors area
      • select NEW
  1. In the Connector Usage Confirmation window
    • select the radio button, next to :-
      • Latest Workspace ONE Access Connector
        • select OK
  1. In the Confirm the latest Workspace ONE Connector window
    • Select CONFIRM
  1. In the Add New Connector window
    1. Downloader Installer area
      • Select NEXT
  1. In the Add New Connector window
    1. Download Configuration File area
      • next to Password: enter Pa$$w0rdPa$$w0rd
      • next to Reenter Password: enter Pa$$w0rdPa$$w0rd
      • select the DOWNLOAD CONFIGURATION FILE
        • note an es-config.json file gets downloaded
      • select NEXT
  1. In the Add New Connector window
    1. Summary window
      • Select CLOSE
  1. On your ControlCenter server
    • In the File Explorer window
      • Quick Access Bar
        • select the Downloads folder
      • select and right-click the es-config.json file
      • select Copy
      • In the Quick Access Bar
        • select Desktop
  1. In the File Explorer window
    • Desktop area
      • select the Software shortcut
        • in the Software folder
          • open the ACCESS folder
  1. In the File Explorer window
    • ACCESS folder
      • Paste your es-config.json file
    • Close your File Explorer window
Part 2: Installing and Configuring the Workspace ONE Access connector
  1. On your ControlCenter server
    • On the Desktop.
      • Open the Remote Desktops\Site1 folder
      • Select and launch the WS1-Connector.RDP shortcut
        • login with the following credentials
          • Username area
            • techseals\administrator (default)
          • Password area
            • enter Pa$$w0rd
            • select OK
  1. On your WS1-Connector server
    • open the Software Folder
      • select the ACCESS Folder
        • select and launch
          • Workspace-ONE-Access-Connector-Installer-23.09.0.0
  1. On your WS1-Connector server
    • On the Open File - Security Warning window
      • Select Run
  1. On the Workspace ONE Access Connector - InstallShield Wizard
    • In the Welcome to the Installation Wizard for Workspace ONE Access Connector 22.09.0.0
      • Select Next
  1. On the Workspace ONE Access Connector - InstallShield Wizard
    • Licence Agreement window
      • Select the radio button next to:-
        • I accept the terms in the license agreement
      • Select Next
  1. On the Workspace ONE Access Connector - InstallShield Wizard
    • Service Selection window
      • Select Next
  1. On the Workspace ONE Access Connector - InstallShield Wizard
    • Specify Configuration File window
      • In the box in front of Browse...
        • type \\horizon-01a\software\ACCESS\es-config.json
      • next to Password: type Pa$$w0rdPa$$w0rd
    • select Next
  1. In the Workspace ONE Access Connector - InstallShield wizard
    • keep Default
      • select Next
  1. In the Workspace ONE Access Connector - InstallShield Wizard
    • Specify Service Account window
      • under User name: type
        • techseals\Ws1Access
      • under Password:
        • type 0Mnissa1!
      • select Next

I had to reset my AD administrator password to Pa$$w0rd

  1. In the Workspace ONE Access Connector - InstallShield Wizard
    • Ready to Install window
      • Select Install

The Installation of the Workspace ONE Access Connector will take about 10 minutes to complete. Continue with Part 5 while the installation is going.  Check back periodically to ensure it has successfully installed.

  1. In the Workspace ONE Access Connector - InstallShield Wizard
    • Installation Wizard Completed window
      • Select Finish
Part 3: Configuring Directory Sync with  Workspace ONE Access connector

First we will configure the Attributes. Note!  Every organisation will need to research their requirements when deciding whether or not to set attributes to required. For specific applications where this needs to be considered,  if the associated user object does not have the attribute, authentication might fail.

  1. In the Workspace ONE Access Admin console
    • Select Settings 
      • Select User Attributes
  1. In the User Attributes console
    • In the right area under Custom Attributes
      • Select  ⊕ ADD ROW  2 times
  1. In the User Attributes console
    • Under Name
      • Add the following additional attributes
        • note this is case sensitive :
      • objectGuid
      • managerDN
  1. In the User Attributes console
    • under User Attributes
      • select SAVE
  1. In the Workspace ONE Access admin console.
    • select Integrations,
      • select Directories
  1. In the Directories area
    • to the right
      • select Add Directory
    • In the Add Directory dropdown
      • select Active Directory
  1. In the Add Active Directory page,
    • under Directory Information
      • next to Directory Name:
        • type TechSEALs
      • ensure the radio button next to Active Directory over LDAP is selected
        • select NEXT
  1. In the Configure Directory  section,
    • leave the Directory Sync and Authentication as default
    • In the Bind User Details area
      • enter the following next to :
        • Base DN: dc=techseals,dc=co
        • Bind DN: cn=administrator,ou=corp,dc=techseals,dc=co
        • Bind DN Password: Pa$$w0rd
    • select Save
  1. In the Select the Domains page,
    • next to techseals.co
      • select the checkbox
        • select SAVE
  1. On the Map User Attribute page
    • Map the following attributes :
    • (what you enter here is case sensitive)
      • managerDN select custom input and type manager
        • Scroll down next to:-
          • objectGuid: select objectGUID
        • click SAVE
  1. On the Select the Groups you want to sync page,
    • click the +ADD
      • under Create Group
        • enter dc=techseals.co
      • click ADD
  1. On the Select the Groups you want to sync page,
    • Under Select All
      • select the check box
    • select Save.
  1. In the Select Users you would like to sync window
    • Under Specify the user DNs
      • edit the existing syntax so that it reads
        • ou=corp,dc=techseals,dc=co
      • select TEST
        • after the successful message
      • select SAVE
      • Scroll down
  1. On the Sync Frequency window
    • next to Sync Frequency
      • from the dropdown
        • select Every hour
    • select SAVE & SYNC
  1. On the Directories window
    • Refresh your browser window
      • Note the Synced Groups and Synced Users
  1. In your Workspace ONE Access admin console
    • select Settings
      • select Login Preferences
        • under Login Preferences
          • select EDIT
  1. In the Login Preferences area
    • In line with:
      • Sync Group Members to the Directory When Adding Group
        • select the Checkbox
  1. In the Login Preferences area
    • In the bottom right
      • select SAVE
  1. In the Workspace ONE Access  console
    • select Integrations
      • select Directories
  1. In the Directories area
    • select techseals
  1. In the TechSEALS directory area
    • In the right corner
      • next  to Sync
        • select the dropdown
          • select Sync without Safeguards

Part 1. Enabling SAML federation with the Unified Access Gateway for Workspace ONE Access as the IDP

The Federation of Unified Access Gateway and Horizon with Workspace ONE Access will be done in three phases

  • Phase 1. We enable and configure the SAML federation on  4 Unified Access Gateway servers in a multi-site scenario
  • Phase 2. We enable and configure the SAML Integration as a Web App in Workspace ONE Access
  • Phase 3. We will create deep links in Workspace ONE Access for our Desktop entitlements
Step 1. Downloading the Workspace ONE Access SAML MetaData file
  1. In your Workspace ONE Access Console
    • select the Resources tab
      • in the left menu
        • select Web APPS
      • in the Web Apps area
        • to the right
          • select SETTINGS
  1. In the Settings window
    • In the left menu, under SaaS Apps
      • select SAML Metadata
  1. In the Settings window
    • Below  SAML Metadata
      • select Identity Provider (IdP) metadata
        • right-click
          • in the dropdown menu
            • select Save link as...
      • In the Save As window
        • select Save
Step 2. Enabling SAML Federation on Site 1 , UAG-HZN-01a
  1. On your  Site 1 Browser profile
    • In the Favourites bar
      • select the UAG-HZN-01a shortcut
  1. In the Unified Access Gateway login
    • in the Admin Username area
      • enter admin
    • in the Password area
      • enter Pa$$w0rd
    • select Login
  1. In the Unified Access Gateway admin console
    • below Configure Manually
      • click Select
    • scroll down to Identity Bridging Settings
  1. In the Unified Access Gateway admin console
    • Identity Bridging Settings section
      • to the right of Upload Identity Provider Metadata
        • select the GEAR icon
  1. In the Upload Identity Provider Metadata window
    • select Upload IDP Metadata
    • next to Entity ID
      • enter Workspace ONE Access
    • next to IDP Metadata
      • click Select
  1. In the File Explorer - Open window
    • Quick Access > Downloads folder
      • (this should be the default)
        • select idp.xml
    • in the bottom right corner
      • select Open
  1. In the Upload Identity Provider Metadata window
    • next to Always force SAML auth
      • switch the Toggle from OFF to ON
        • select Save
    • scroll back up to the top of UAG admin console
  1. In the Unified Access Gateway admin console
    • In the General Settings area
      • next to Edge Service Settings
        • turn the TOGGLE from OFF to ON
      • to the right of Horizon Settings
        • select the GEAR icon
  1. In the Horizon Settings window
    • scroll down to the bottom
      • next to More
        • select the expand icon
  1. In the Horizon Settings window
    • next to Auth Methods
      • from the dropdown
        • select SAML and Passthrough
  1. In the Horizon Settings window
    • below Auth Methods
      • next to Identity Provider*
        • from the dropdown
          • select Workspace ONE Access
  1. In the Horizon Settings window
    • below Identity Provider*
      • select Download SAML service provider metadata
  1. In the Download SAML service provider metadata window
    • next to External Host Name
      • enter corp.techseals.co:5002
        • select Download
  1. In the Horizon Settings window
    • scroll down to the bottom of the window
      • select Save
  1. In the UEM admin Console
    • scroll down to Advanced Settings
      • to the right under Advanced Settings
        • in line with System Configuration
          • select the GEAR
  1. In the System Configuration window
    • scroll down until you find Allowed Host Headers
      • to the right of Allowed Host Headers
        • enter corp.techseals.co
          • select the PLUS icon
    • scroll down to the bottom of the window
      • select Save
Step 3. Enabling SAML Federation on Site 1 , UAG-HZN-01b
  1. On your  Site 1 Browser profile
    • In the Favourites bar
      • select the UAG-HZN-01B shortcut
  1. In the Unified Access Gateway login
    • in the Username area
      • enter admin
    • in the Password area
      • enter Pa$$w0rd
    • select Login
  1. In the Unified Access Gateway admin console
    • below Configure Manually
      • click Select
  1. In the Unified Access Gateway admin console
    • scroll down to Identity Bridging Settings
      • to the right of Upload Identity Provider Metadata
        • select the GEAR icon
  1. In the Upload Identity Provider Metadata window
    • select Upload IDP Metadata
      • next to Entity ID
        • enter Workspace ONE Access
      • next to IDP Metadata
        • click Select
  1. In the File Explorer - Open window
    • Quick Access > Downloads folder
      • (this should be the default)
        • select idp.xml
    • in the bottom right corner
      • select Open
  1. In the Upload Identity Provider Metadata window
    • next to Always force SAML auth
      • switch the Toggle from OFF to ON
        • select Save
    • scroll back up to the top of UAG admin console
  1. In the Unified Access Gateway admin console
    • In the General Settings area
      • next to Edge Service Settings
        • turn the TOGGLE from OFF to ON
      • to the right of Horizon Settings
        • select the GEAR icon
  1. In the Horizon Settings window
    • scroll down to the bottom
      • next to More
        • select the expand icon
  1. In the Horizon Settings window
    • next to Auth Methods
      • from the dropdown
        • select SAML and Passthrough
  1. In the Horizon Settings window
    • below Auth Methods
      • next to Identity Provider*
        • from the dropdown
          • select Workspace ONE Access
  1. In the Horizon Settings window
    • scroll down to the bottom of the window
      • select Save
  1. In the UEM admin Console
    • scroll down to Advanced Settings
      • to the right under Advanced Settings
        • in line with System Configuration
          • select the GEAR
  1. In the System Configuration window
    • scroll down until you find Allowed Host Headers
      • to the right of Allowed Host Headers
        • enter corp.techseals.co
          • select the PLUS icon
    • scroll down to the bottom of the window
      • select Save
Step 4. Enabling SAML Federation on Site 2 , UAG-HZN-02a
  1. On your ControlCenter server
    • switch to your Site 2 Browser profile
      • In the Favourites bar
        • select the UAG-HZN-02a shortcut
  1. In the Unified Access Gateway login
    • in the Username area
      • enter admin
    • in the Password area
      • enter Pa$$w0rd
    • select Login
  1. In the Unified Access Gateway admin console
    • below Configure Manually
      • click Select
  1. In the Unified Access Gateway admin console
    • scroll down to Identity Bridging Settings
      • select Upload IDP Metadata window
      • select Upload IDP Metadata
      • to the right of Upload Identity Provider Metadata
        • select the GEAR icon
  1. In the Upload Identity Provider Metadata window
    • next to Entity ID
      • enter Workspace ONE Access
    • next to IDP Metadata
      • click Select
  1. In the File Explorer - Open window
    • Quick Access > Downloads folder
      • (this should be the default)
        • select idp.xml
    • in the bottom right corner
      • select Open
  1. In the Upload Identity Provider Metadata window
    • next to Always force SAML auth
      • switch the Toggle from OFF to ON
        • select Save
    • scroll back up to the top of UAG admin console
  1. In the Unified Access Gateway admin console
    • In the General Settings area
      • next to Edge Service Settings
        • turn the TOGGLE from OFF to ON
      • to the right of Horizon Settings
        • select the GEAR icon
  1. In the Horizon Settings window
    • scroll down to the bottom
      • next to More
        • select the expand icon
  1. In the Horizon Settings window
    • next to Auth Methods
      • from the dropdown
        • select SAML and Passthrough
  1. In the Horizon Settings window
    • below Auth Methods
      • next to Identity Provider*
        • from the dropdown
          • select Workspace ONE Access
  1. In the Horizon Settings window
    • scroll down to the bottom of the window
      • select Save
Step 5. Enabling SAML Federation on Site 2 , UAG-HZN-02b
  1. On your ControlCenter server
    • on your Site 2 Browser profile
      • In the Favourites bar
        • select the UAG-HZN-02b shortcut
  1. In the Unified Access Gateway login
    • in the Username area
      • enter admin
    • in the Password area
      • enter Pa$$w0rd
    • select Login
  1. In the Unified Access Gateway admin console
    • below Configure Manually
      • click Select
  1. In the Unified Access Gateway admin console
    • scroll down to Identity Bridging Settings
      • select Upload IDP Metadata window
      • select Upload IDP Metadata
      • to the right of Upload Identity Provider Metadata
        • select the GEAR icon
  1. In the Upload Identity Provider Metadata window
    • next to Entity ID
      • enter Workspace ONE Access
    • next to IDP Metadata
      • click Select
  1. In the File Explorer - Open window
    • Quick Access > Downloads folder
      • (this should be the default)
        • select idp.xml
    • in the bottom right corner
      • select Open
  1. In the Upload Identity Provider Metadata window
    • next to Always force SAML auth
      • switch the Toggle from OFF to ON
        • select Save
    • scroll back up to the top of UAG admin console
  1. In the Unified Access Gateway admin console
    • In the General Settings area
      • next to Edge Service Settings
        • turn the TOGGLE from OFF to ON
      • to the right of Horizon Settings
        • select the GEAR icon
  1. In the Horizon Settings window
    • scroll down to the bottom
      • next to More
        • select the expand icon
  1. In the Horizon Settings window
    • next to Auth Methods
      • from the dropdown
        • select SAML and Passthrough
  1. In the Horizon Settings window
    • below Auth Methods
      • next to Identity Provider*
        • from the dropdown
          • select Workspace ONE Access
  1. In the Horizon Settings window
    • scroll down to the bottom of the window
      • select Save

Part 2. Configuring the SAML Federation for Horizon

For TrueSSO to work the Horizon SAML authenticator is required.
We configure this on both Site 1 and Site 2

Step 1. Configuring the SAML federation with VMware Horizon on Site 1
Configuring VMware Identity Manager to deliver remote Applications and Desktops
  1. On your ControlCenter server
    • Site 1 Browser
    • In the Horizon Admin Console
      • In the Inventory
        • expand Settings,
          • select Servers
        • In the Servers area
          • select the Connection Servers tab
  1. Under Servers
    • Select the radio button to next HORIZON-01a
    • Select  Edit 
  1. On the Edit Connection Server Settings page
    • Select the Authentication tab.
  1. On the Authentication tab
    • below Delegation of authentication to VMware Horizon (SAML 2.0 Authenticator):
      • On the Drop down Arrow
        • Select Allowed,
    • Select the Manage SAML Authenticators box
  1. On the Manage SAML Authenticators box
    • Select Add
  1. In the Add SAML 2.0 Authenticator window.
    • ensure Dynamic radio button is selected,
    • enter the following:
      • under Label:
        • type Workspace ONE Access
      • under Metadata URL : enter
        • https://YOUR CUSTOM Access URL/SAAS/API/1.0/GET/metadata/idp.xml
          • e.g. https://aw-euclivefirefran.vidmpreview.com/SAAS/API/1.0/GET/metadata/idp.xml
      • under * TrueSSO Trigger Mode
        • from the dropdown
          • select Enabled
      • select OK
  1. In the Manage SAML Authenticators window
    • next to Workspace ONE ...
      • select the radio button
    • select OK to close
  1. In the Connection Server Settings
    • select OK
Step 2. Configuring the SAML federation with VMware Horizon on Site 2
Configuring VMware Identity Manager to deliver remote Applications and Desktops
  1. On your ControlCenter server
    • Site 2 Browser
    • In the Horizon Admin Console
      • Inventory pane
        • expand Settings,
          • select Servers
          • In the middle pane
            • select the Connection Servers tab
  1. Under Servers
    • select the radio button to next HORIZON-02a
    • select  Edit 
  1. On the Edit Connection Server Settings page
    • select the Authentication tab.
  1. In the Edit Connection Server Settings window
    • on the Authentication tab,
      • under Delegation of authentication to VMware Horizon (SAML 2.0 Authenticator):
        • from the Drop down Arrow
          • select Allowed,
      • below SAML Authenticator
        • select the Manage SAML Authenticators box
  1. On the Manage SAML Authenticators box
    • Select Add
  1. In the Add SAML 2.0 Authenticator window.
    • ensure Dynamic radio button is selected,
      • enter the following:
        • under Label:
          • type Workspace ONE Access
        • Under Metadata URL : enter
          • https://YOUR CUSTOM Access URL/SAAS/API/1.0/GET/metadata/idp.xml
            • e.g. https://aw-euclivefirefran.vidmpreview.com/SAAS/API/1.0/GET/metadata/idp.xml
        • under * TrueSSO Trigger Mode
          • from the dropdown
            • select Enabled
        • select OK
  1. In the Manage SAML Authenticators window
    • next to Workspace ONE...
      • select OK to close
  1. In the Connection Server Settings
    • Select OK

Part 3. Configuring Workspace ONE Access for Unified Access as the Service Provider

In this section perform the Workspace ONE Access part of the SAML Federation process with Unified Access Gateway

Configuring Workspace ONE Access for  Unified Access as the Service Provider
  1. On your ControlCenter server
    • switch to your Workspace ONE Access admin console
      • In the Workspace ONE Access Console
        • select Resources
        • Under the Resources > WEB Apps area
          • select NEW
  1. In the New SaaS Application window
    1. In the Definition area
      • under Name
        • enter Unified Access Gateway SAML SP
      • Under Icon
        • select SELECT FILE ...
  1. In the File Explorer > Open window
    • In the Quick Access pane
      • select Desktop
      • in the Desktop area
        • select software > UAG > Icons
          • in the Icons folder
            • select UAG.png
          • select Open
  1. In the New SaaS Application window
    1. In the Definition area
      • Select NEXT
  1. On the ControlCenter server
    • from the Taskbar
      • select the Folder icon
  1. In the File Explorer window
    • from the Quick Access pane
      • select Downloads
  1. In the File Explorer window
    • Downloads folder
      • select corp.techseals.co:5002.xml
        • right-click
          • from the menu
            • select Edit with Notepad++
  1. In the Notepad++ application
    • with your keyboard
      • enter CTRL + A
      • enter CTRL + C
    • switch back to the New SaaS Application wizard
  1. In the New SaaS Application window
    1. In the Configuration area
      • the box below URL / XML
        • paste your corp.techseals.co:5002.xml metadata
      • scroll down the Configuration area to the bottom
        • Open in Workspace ONE Web
          • turn the Toggle from No to Yes
        • below Show in User Portal
          • change the Toggle from ON to OFF
      • select NEXT
  1. In the New Saas Application window,
    1. In the Access Policies section
      • Select NEXT
  1. In the New Saas Application window,
    1. In the Summary section
      • Select SAVE & ASSIGN
  1. In the Assign window
    • under Users / Groups
    • under Deployment type
      • from the dropdowns
        • ensure both Sales and Developers are set to
          • Automatic
    • In the bottom right corner
      • select SAVE
  1. In your Workspace ONE Access Console
    • Web Apps interface
      • note your Unified Access Gateway SAML SP Web APP

As we are not using the Workspace ONE Access Connector to sync entitlements, we will create Deep Links for our Entitlements and assign these to our Security Groups

In this Part we will create Deep Links for existing entitlements

Part 5. Testing the Horizon desktop sessions in Workspace ONE Access

Part 5 brings everything we have done on Day 2 together.

We will look at 3 primary testing scenarios

Step 1: Testing Site 1 based network traffic
  1. On your ControlCenter server
    • from the Desktop
      • open the Remote Desktops \ Site 1 folder
        • launch the W11Client-01a.rdp shortcut
  1. In the Windows Security page
    • ensure Craig is the username
    • in the password area
      • enter Pa$$w0rd
        • select OK
  1. On your W11Client-01a desktop
    • From the taskbar or Desktop
      • launch your Horizon Client
        • In the Horizon Client
          • select + Add Server
        • below the Name of the Connection Server window
          • enter corp.techseals.co
            • select Connect
  1. On your W11Client-01a desktop
    • in the Workspace ONE console
      • below Select Your Domain
        • from the dropdown
          • select techseals.co
            • select Next
  1. In the Workspace ONE console
    • below username area
      • enter Craig
    • in the Password area
      • enter Pa$$w0rd
        • select Sign in
  1. In the Open VMware Horizon Client? window
    • select Open VMware Horizon Client

Workspace ONE Access cannot offer Single Sign-on on its own. In a later lab we will deploy and configure TRUESSO

  1. In the  Horizon Client
    • select the Enterprise_Desktop entitlement
  1. On your W11Client-01a desktop
    • Horizon Client session
      • select Other user
  1. In the Horizon Client session
    • username area
      • enter craig
    • password area
      • enter Pa$$w0rd
        • select the Sign in arrow

The reason there is no single sign-on is because we still need to configure TrueSSO, we will do this in a later lab

  1. On your Horizon Desktop session
    • from the taskbar
      • select and right-click the START button
      • from the inventory
        • select Run
  1. In the Run window
    • next to Open:
      • enter cmd.exe
      • select OK
  1. In the CMD.exe window
    • In the prompt area:
      • enter hostname
        • with your keyboard
          • select ENTER
    • Notice that you have a Horizon virtual desktop with the BLR naming convention representing Bangalore
Step 2: Testing Site 2 based network traffic
  1. On your ControlCenter server
    • from the Desktop
      • Open the Remote Desktops \ Site 2 folder
      • Launch the W11Client-02a.rdp shortcut
  1. In the Windows Security page
    • ensure Malcolm is the username
    • in the password area
      • enter Pa$$w0rd
    • select OK
  1. On your W11Client-02a desktop
    • From the taskbar or Desktop
      • launch your Horizon Client
        • In the Horizon Client
          • select + Add Server
        • below the Name of the Connection Server window
          • enter corp.techseals.co
            • select Connect
  1. On your W11Client-02a desktop
    • in the Workspace ONE console
      • below Select Your Domain
        • from the dropdown
          • select techseals.co
            • select Next
  1. In the Workspace ONE console
    • below username area
      • enter Malcolm
    • in the Password area
      • enter Pa$$w0rd
        • select Sign in
  1. In the  Horizon Client
    • select the Enterprise_Desktop entitlement
  1. On your W11Client-02a desktop
    • Horizon Client session
      • select Other user
  1. In the Horizon Client session
    • next to Exit Fullscreen
      • select the more button
    • from the dropdown
      • select Logoff Desktop

The reason we have single sign-on is because TrueSSO has been configured for site 2

  1. On your Horizon Desktop session
    • from the taskbar
      • select and right-click the START button
      • from the inventory
        • select Run
  1. In the Run window
    • next to Open:
      • enter cmd.exe
      • select OK
  1. In the CMD.exe window
    • In the prompt area:
      • enter hostname
        • with your keyboard
          • select ENTER
    • Notice that you have a Horizon virtual desktop with the BLR naming convention representing Bangalore

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.