To get SSO working you'll need to implement TrueSSO. This in turn gives you all the bells and whistles Azure authentication offers you, but it will require an user to enter their credentials again when logging into the desktop (so no SSO). Option 2 is a direct connection to Azure which users a different Identity Provider compared to VMware Horizon (Active Directory). VMware Unified Access Gateway is an extremely useful component within a VMware Workspace ONE and VMware Horizon deployment because it enables secure remote access from an external network to a variety of internal resources. If everything is configured properly users will fill in their username and password, answer the security prompt on their phones and will successfully be logged in. On the UAG you use the Radius settings to connect to the NPS server. Option 1 requires a NPS server which will be connected to Azure via the NPS Extension. Use all MFA authentication methods (Phone call, text message, app).Use the Microsoft Authenticator App only.Select either Admin Interface or Internet Interface to apply the certificate to either of the interfaces. In the Advanced Settings section, click the TLS Server Certificate Settings gearbox icon. In this scenario you have two options for MFA: Procedure In the Configure Manually section of the Unified Access Gateway admin UI, click Select. Most deployments I do are using separate entries for internal and external user, and the customer wants to use MFA when users are connecting externally. The directions are covered here Using PowerShell to Deploy VMware Unified Access Gateway. It depends on what you want to achieve/what your customer/company wants. Keep in mind a UAG is disposable and we redeploy them for any change (Ive seen changes on older versions cause instability).
0 kommentar(er)
