Category: VMware
Notes from the field: VMware Horizon Enrollment Server and Core O/S
Recently had an deployment with a customer who has a mandate core o/s deployments are preferred unless the product doesn’t support a core o/s installation. Well for this deployment we created two core o/s subordinate ADCS servers with the enrollment server software installed and configured. Everything is working fine and dandy, no issues and seems…
Notes from the field: VMware Access connector support LDAP Signing and Channel Binding
Quite recently I’ve encountered a random synchronization error that VMware Access connector could not synchronize and would error out with the following error: “Connector communication failed because of invalid data: The specified Bind DN and password could not be used to successfully authenticate against the directory” At first I stumbled upon the known issues list:…
Notes from the lab: VMware Horizon and Microsoft MFA NPS Extension
In my own lab environment I have a mixture of EUC components and dual factor configured accordingly, but more and more I see that customers also just use the MFA solution of Microsoft to integrate it for their environments. Why not it’s included with your license right. So back to the techie part I’ve configured…
Notes from the lab: Configuring vCenter 7 with ADFS
With the release of vCenter 7 you can now integrate it with Microsof Active Directory Federation Services (ADFS) See the following blog article for an overview: https://blogs.vmware.com/vsphere/2020/03/vsphere-7-identity-federation.html See the following configuration articles for a setup overview: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-C5E998B2-1148-46DC-990E-A5DB71F93351.html https://kb.vmware.com/s/article/78029 With this information I’ve configured my lab environment to a working SAML based login with a few…
Notes from the lab: Migrating Windows vCenter to VCSA 7
In my lab environment I was running Windows vCenter 6.7 and with the release of vCenter 7 a migration is needed because there is no Windows vCenter anymore. The following articles will give you enough information on how the process works especially the how-to from Vladan Seget: https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.upgrade.doc/GUID-9A117817-B78D-4BBE-A957-982C734F7C5F.html https://www.starwindsoftware.com/blog/how-to-migrate-vmware-vcenter-from-windows-to-vcsa-6-7-update-1 Basically the process is the same…
Notes from the field: Configuring SentinelOne SSO with VMware Workspace ONE Access
SentinelOne’s configuration can be achieved after you have a valid account and support login. Afterwards its pretty easy to configure the SSO part. In the cloud console of SentinelOne go to Settings>>Integrations>>SSO Configure the following items for SSO usage: IDP Redirect URL: https://workspaceoneaccessurl:443/SAAS/API/1.0/GET/apps/launch/app/uniqueapplicationid IssuerID: https://workspaceoneaccessurl/SAAS/API/1.0/GET/metadata/idp.xml Configure the rest of the items at your own requirements…
Notes from the field: Configuring Autotask PSA with VMware Workspace ONE Access
Autotask PSA SSO configuration can be found at the following url: https://ww13.autotask.net/help/Content/AdminSetup/1FeaturesSettings/ResourcesUsers/Security/SSSO_OIDC.htm For the configuration part of Workspace ONE Access SSO you can see the available API at this url: https://code.vmware.com/apis/57/idm#/ The problem is that Autotask PSA SSO doesn’t work/supports the setup of VMware Workspace ONE Access. I worked around this issue by having a…
Notes from the field: Configuring OpsGenie (without Atlassian Access) with VMware Workspace ONE Access
OpsGenie can use SAML SSO without the use of Atlassian Access, see the following url: https://docs.opsgenie.com/docs/single-sign-on-with-opsgenie For the configuration part of Workspace ONE Access just add a new manual SAML 2.0 application and provide the following information according to above article: Single Sign On URL https://app.opsgenie.com/auth/saml?id=”uniquesamlidprovided Recipient URL https://app.opsgenie.com/auth/saml?id=”uniquesamlidprovided Application ID https://app.opsgenie.com/auth/saml?id=”uniqesamlidprovided Username Format =…
Notes from the field: Configuring Atlassian Access with Workspace ONE Access
Atlassian Access is the SSO portal being used for SSO access across Jira, Confluence etc. for the configuration part see the following url: https://confluence.atlassian.com/cloud/saml-single-sign-on-943953302.html For the configuration part of Workspace ONE Access just add a new manual SAML 2.0 application and provide the following information according to above article: Single Sign On URL https://auth.atlassian.com/login/callback?connection=saml”uniquesamlidprovided Recipient…
Notes from the field: vCloud usage meter doesn’t meter NSX
A while back I had an support case with VMware support regarding NSX integration and that it wasn’t getting metered by vCloud Usage Meter in a customer deployment. Turns out that Usage meter looks for a Global Transport Zone before the discovery of a Universal Transport Zone and metering can occur. So if you are…