Getting Started - Workspace ONE Access & Workspace ONE UEM SaaS Instance
Part 1 Overview
The scenario you will be working with this week is a company called euc-livefire. They are a very dynamic organisation and have traditionally been on-premise but have recently moved into the cloud without truly understanding the challenges and would like a simple solution from an end-user perspective.
The organisation has key drivers around security, availability, mobility, and business continuity. They have an existing infrastructure with multiple authentication services such as OKTA and active Directory and would like to bring these together from the end-user perspective.
The organisation has recently started considering moving from office 2013 to Office 365 and sees this as another cloud resource the users would potentially need to connect to.
End-users require consumption of their applications across all platforms and recently have commented on how difficult it is to remember all the access portals and passwords.
As a consulting team our objective this week will be to integrate all existing resources both On-premise and SaaS into a singular simple solution for end users.
1. Overview of our On-premise and SaaS resources
The following resources in your lab environment are representative of what the EUC-Livefire organisation "On-premise' resources.
Active Directory Domain Controller and DNS services.
Server Name is ControlCenter2 and the Active Directory Domain is EUC-Livefire.com
Citrix XenApp server.
We have a Citrix XenApp server with Storefront and legacy applications published to Citrix XenApp server name is Citrix.euc-livefire.com. A dedicated server for the integration broker called Citrixbroker.euc-livefire.comand a server called citrixrdsh.euc-livefire.com
A dedicated Windows server called ws1.euc-livefire.com, this is dedicated for the Workspace ONE Access connector which will have to be installed.
- Active Directory Domain Controller and DNS services.
Cloud SaaS resources
As part of this story and part of the final solution you will register now in this section, with the following SaaS resources.
- A SaaS Instance of Workspace ONE Access (formerly known as VMware Identity Manager)
- A SaaS Instance of WorkspaceONE UEM (formerly known as VMware AirWatch)
In a later part of the labs you will register with the following SaaS services with a view to building a complete EUC solution.
- Office 365 tenant which will federate with Workspace ONE Access
- A Salesforce tenant with Workspace ONE Access
Part 2 : Registration of your SaaS Tenants for Workspace ONE Access and Workspace ONE UEM
This section takes you through the registration process for your lab resources. You will login to a SaaS tenant of Workspace ONE Access and Workspace ONE UEM.
In addition you will login and gain access to what will represent your on-premise components.
These include the Microsoft Windows Workspace ONE Access Connector, your Windows 10 Test Virtual machine and your Citrix Farm
1. To Register for the course (Digital Workspace Livefire) by clicking on the unique lab registration link found on www.vmware.com/go/euclivefire that takes your to mylearn.vmware.com
2. Click on Start This Course
3. You will notice that a new Windows will open that allows you to Access the VLP (VMware Learning Platform) from which you will interact with your on-premises components. We will come back to these later in the lab.
4. At this time check your e-mail and you should have received an e-mail from [email protected].
NOTE: Check your JUNK folder
5. This e-mail contains the unique tenant for your Workspace ONE Access SaaS instance. Click on the TENANT URL to launch the Workspace ONE Access Admin Console.
Use the credentials provided to login : Username: Administrator Password: VMware1!
6. Now that you are signed in, change from the catalog view to the admin console by navigating to the top right and clicking on Tenant Admin and selecting Administration Console from the drop-down.
7. You should now see the Workspace ONE Access Admin Console to which we will return in a later lab.
8. Open a browser and navigate https://cn-livefire.awmdm.com
9. Use the e-mail address you signed up to the course with as the User Name (Eg [email protected]) and the password: VMware1! Click Log In
10. Now set a security question and answer and a four digit Pin
11. You should now be on the Getting started window of the UEM console which is the default landing page.
Part 3. Integrating with Workspace ONE Intelligence
This part of the lab will take you through how to activate your WorkspaceOne Intelligence Trial environment from the UEM console.
1. IF you aren't already, log into the Workspace ONE UEM console by opening a browser to https://cn-livefire.awmdm.com
2. Login using your e-mail as username and password: VMware1!
3. Select Monitor on your left of the Workspace ONE UEM pane and then select Intelligence and click GET STARTED
4. It will now give you the information as to what Intelligence will collect from your UEM environment.
Click the check box next to "Opt In" and select Next at the bottom of the page.
5. You will now need to fill in your details and select ACCEPT. Note: The form values can be fictitious.
6. You will now be re-directed to the Intelligence server.
You now have access to the WorkspaceOne Intelligence platform.
We will setup the WorkspaceOne Intelligence integration with Workspace ONE Access. this will allow us to begin aggregating information based on logins to Workspace ONE UEM and AppLaunch.
1. On the left of the pane, navigate to and select the dropdown next to Settings , and select Integrations select SET UP under Workspace ONE Access
2. Select GET STARTED on the the wizard page
3. On the Authorize: Workspace ONE Access page select Provide Credentials and next to Tenant Domain* type your unique Workspace ONE Access tenant URL for this course.
e.g https://aw-livefirerplaston.Workspace ONE Accesspreview.com
4. Select CONNECT TO WORKSPACE ONE ACCESS
5. On the Workspace ONE Intelligence Integration window select ACCEPT
6. On Workspace ONE Access authorised successfully window select FINISH
This concludes the the setup of our VMware WorkspaceOne tenants needed for the remainder of the labs.
You may now move on to the next lab
Part 4. Configuring domain trust
1. On your ControlCenter Desktop, Select the Start Button to launch the Start Menu and select Administrative Tools
- Select Active Directory Domains and Trusts shortcut
- In Active Directory Domain and Trusts mmc select and right-click Active Directory Domains and Trusts [ControlCenter2.euc-livefire.com]
- Select Properties
- Under the UPN Suffixes Tab under Alternative UPN suffixes type your custom domain name. the example we have in this lab is tokyo01.euc-livefire.com
- Select Add , select OK to close the window, close the Active Directory Domains and Trusts Window.
- On your ControlCenter Desktop close Active Directory Domain and trusts.
- In the Administrative tools folder select Active Directory Users and Computers shortcut and select open
- Under the euc-livefire.com domain, expand the Corp > Marketing Organisational Units
- You will notice we have Users 1 to 4. Select and right-click User1 and select Properties
- Select the Account tab, to the right of User logon name: select the drop down arrow and select your custom domain
- Repeat these tasks for all 4 users. Close the Active Directory Users and Computers window
Part 5. Configuration of a Custom Test Account
In this part you'll be creating your test user for the salesforce lab.
- Open Active Directory User & Computers. Expand the EUC-livefire.com domain, expand the Corp OU and expand the Marketing OU
- On the Marketing OU select and right-click the Marketing OU and select New User. Fill in the unique user details,
- Select Next
- In the New Object - User, type your password VMware1!
- select the Password never expires checkbox, select Next, select Finish
- Select your custom user and select and go to properties, on the General Tab type in the email address eg.[email protected]
- Select the Member Of tab select Add, in the Enter the object names box type Marketing and select Check Names, select OK, select` OK