Configuring Advanced Authentication Integration with VMware Horizon View

Configuring Advanced Authentication Integration with VMware Horizon View

This document provides information on how to configure Advanced Authentication with VMware View.

To configure the Advanced Authentication integration with VMware View you’ll have to perform the following configuration tasks:

  • Configure the Advanced Authentication Chains

  • Configure the Advanced Authentication RADIUS Server

  • Configure the VMWare Horizon View Connection Server

  • Assign Emergency Password for a specific user


 

Configure the Advanced Authentication Methods and Chains



  1. Open the Advanced Authentication Administration portal

  2. Click Methods and configure your authentication methods (I configured the Smartphone method)

  3. Configure the Emergency Password method, this allows you to specify an emergency password for a user in case he forgot or lost his Smartphone, Key etc.

  4. Click Chains and create a new chain with you previously configured methods, make sure that the Emergency Password method is the first on the list.


 

Configure the Advanced Authentication RADIUS Server



  1. Open the Advanced Authentication Administration portal

  2. Click Events > Radius Server

  3. Set Is enabled to ON

  4. Move one or more chains from Available to Used list. Ensure that the chains are assigned to the appropriate group of users in Roles & Groups of the Chains section

  5. Click Client > Add

  6. Specify an IP address or FQDN of the VMWare Horizon View Connection Server

  7. Specify a secret and confirm it

  8. Set Enabled to ON

  9. Click Save in Client

  10. Click Save in Events



Configure the VMWare  Horizon View Connection Server



  1. Sign-in to the VMware Horizon View Administrator portal

  2. Click View Configuration

  3. Click Servers

  4. Click Connection Servers

  5. Select the Connection Server you like to configure for Advanced Authentication

  6. Click Edit

  7. Click Authentication

  8. Under Advanced Authentication select RADIUS as 2-factor authentication method

  9. Enable Enforce 2-factor and Windows user name matching

  10. Enable Use the same user name and password for RADIUS and Windows authentication

  11. Click Manage Authenticators…

  12. Click Add….

  13. Set a Labelg. login.company

  14. Set a Descriptiong. AAF Radius Server

  15. Set Hostname / Addressg. 192.168.100.99 or FQDN of your AAF server

  16. Leave Authentication port default (1812)

  17. Set Accounting port to 0 (this is important as AAF RADIUS seems not to support Radius accounting)

  18. Leave Authentication type default (PAP)

  19. Set Shared secret to the same value you defined in the AAF RADIUS settings

  20. Change the Server timeout g. 20 seconds

  21. Finalize the authenticator settings

  22. Select your new Authenticator


 
Assign Emergency Password for a specific user

The Emergency Password method allows the Helpdesk to assign an Emergency Password for a specific user in case he’s not able to use the defined method / chain.

Because the Emergency Password method is the first method in the chain the helpdesk can set a password for a specific user allowing to login with that password as 2nd factor.


  1. Open the Advanced Authentication Helpdesk portal (https://myaafserver.com/helpdesk)

  2. Select the user

  3. Create and assign a password and define max. logins and validity time range

  4. Communicate the user the password



Test and enjoy 2-Factor authentication 

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Comments
This is great. Thanks for getting this written up, it was exactly what I was looking for. 🙂
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2018-09-07 22:18
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.