To configure a SAML Server to perform authentication tasks, you must add a SAML authenticator and specify a label, Metadata URL, Administration URL, and other settings.

Verify that the SAML 2.0 Authenticator is installed and available for inclusion in the Horizon service and View Connection Server. For installation and configuration information, see https://www.vmware.com/support/pubs/horizon_pubs.html.

Make a note of the name of the Horizon server. You must enter this name in the metadata URL string during configuration.

Make a note of the URL for accessing the administration console of the SAML identity provider. You specify this URL during configuration.

1

In View Administrator, navigate to View Configuration > Servers.

2

Click the Connection Servers tab.

3

Select a server and click Edit.

4

Click the Authentication tab in the Edit View Connection Server Settings dialog box.

5

On the Delegation of authentication to VMware Horizon (SAML 2.0 Authenticator) drop-down menu, select the appropriate authentication setting.

Option

Description

Disabled

SAML authentication is disabled.

Allowed

SAML authentication is allowed. You can login to View manually from the View Client, or you can log in by using Horizon.

Required

SAML authentication is required. You can log in to View only from Horizon. You cannot log in manually.

6

From the SAML Authenticator drop down menu, select Create New Authenticator.

If a SAML 2.0 authenticator has already been added, click Manage Authenticators > Add SAML 2.0 Authenticator.

7

Complete the information in the Add SAML 2.0 Authenticator dialog box.

Option

Description

Label

Used to identify the SAML 2.0 authenticator in the Select Authenticator drop-down menu on the Authenticators tab of the Edit View Connection Server Settings dialog box.

Description

This is optional. This a brief description of the authenticator.

Metadata URL

Used to retrieve all the information required to exchange SAML information between the SAML identity provider and a connection server. The URL has the following format: https://YOUR HORIZON SERVER NAME/SAAS/API/1.0/GET/metadata/idp.xml.

Administration URL

This is optional. This URL is a link to the administration console for the SAML identity provider.

8

Click OK.

If you do not have valid trusted certificates installed, you will be prompted to verify the certificate.

9

Navigate to Dashboard in the Inventory section of View Administrator.

10

Click SAML 2.0 Authenticators.

11

Select the SAML server that you modified or added, verify the details, and click OK.

The View dashboard now displays the SAML 2.0 authenticator in a Healthy condition, which is indicated by a green icon.

You can configure each View Connection Server instance with a Required, Allowed, or Disabled authentication setting, depending on specific customer requirements.