To integrate your Horizon Cloud with On-Premises Infrastructure environment with your VMware Identity Manager environment, you must configure your Horizon Cloud Node with the appropriate VMware Identity Manager information. You use the Administration Console to configure this information.

You use the General Settings page to configure the VMware Identity Manager information.

Verify that you have completed the steps to configure the federation artifact as described in Configure VMware Identity Manager for Horizon Cloud with On-Premises Infrastructure.

Verify that you have the following information:

The SAML identity provider (IdP) metadata URL from your VMware Identity Manager environment. You obtain the environment's SAML IdP metadata URL using the VMware Identity Manager administration console and navigating to Catalog > Settings > SAML Metadata. When you click the Identity Provider (IdP) metadata link on that page, your browser's address bar displays the URL, typically in the form https://VMwareIdentityManagerFQDN/SAAS/API/1.0/GET/metadata/idp.xml, where VMwareIdentityManagerFQDN is the fully qualified domain name (FQDN) of your VMware Identity Manager environment. For details, see the VMware Identity Manager product information appropriate for your situation:

VMware Identity Manager environment

Configure SAML Authentication Steps

Cloud-hosted

On-premises version 2.8.x

If you are not using Unified Access Gateway, obtain the FQDN used for your Horizon Cloud Node, such as desktops.mycorp.com. One way to obtain the FQDN is to first locate the IP address in the Administration Console by navigating to Settings > Infrastructure. Then obtain the FQDN that is associated with that IP address from your organization's DNS information.

If you are using Unified Access Gateway, obtain the URL used for your Unified Access Gateway deployment.

1

Log in to the Administration Console at https://cloud.horizon.vmware.com.

2

Navigate to Settings > General Settings and click Edit.

3

In the IDM section, click Add IDM.

4

Configure the following options.

Setting

Description

IDM URL

Type your VMware Identity Manager environment's SAML IdP metadata URL, typically of the form https://VMwareIdentityManagerFQDN/SAAS/API/1.0/GET/metadata/idp.xml where VMwareIdentityManagerFQDN is the FQDN of your VMware Identity Manager environment.

Timeout SSO Token

(Optional) The amount of time, in minutes, after which the SSO token times out. The default is zero (0).

Data Center

The drop-down displays a numeric indicating the build version of the installed Horizon Cloud Node software.

Tenant Address

Type one of the following items, depending on whether you are using Unified Access Gateway in this integration:

The FQDN for your Horizon Cloud Node.

The FQDN for your Unified Access Gateway deployment.

Important

This value must correspond to the settings that you configured in the corresponding federation artifact in the VMware Identity Manager environment, either using the Horizon Cloud Node information or the Unified Access Gateway information.

5

Click Save.

A status of green indicates that the configuration is successful.

In your VMware Identity Manager environment, sync the entitled desktops to VMware Identity Manager, as documented in the VMware Identity Manager product information appropriate for your situation:

VMware Identity Manager environment

Link to Desktop Enablement Steps

Cloud-hosted

On-premises version 2.8.x