Configure AirWatch and Sync AD Users to Main IDM Tenant
Now that you have logged in and accessed the Administrator Console for both your Main IDM Tenant and IDP IDM Tenant, we will configure AirWatch to sync our corp.local domain users to the Main IDM Tenant.
1. Configure Directory Services
In the AirWatch Console,
- Click Groups & Settings.
- Click All Settings.
1.1. Override Directory Services
- Click System.
- Click Enterprise Integration.
- Click Directory Services.
- Click Override for Current Setting.
1.2. Configure Directory Services Manually
Click Skip wizard and configure manually.
1.3. Save Directory Services
You'll notice that all of the Directory Services settings are still configured from our parent configuration. You won't need to make any additional configurations.
- Scroll down to the bottom.
- Click Test Connection.
- Ensure you receive the Connection successful with the given server name, bind user name, and password confirmation message.
- Click Save.
Question - Why are we overriding the Directory Services settings if we are not making any changes at our Organization Group level?
To establish integration with VMware Identity Manager, which we will be doing soon to sync our corp.local AD users, Directory Services must be configured at that same Organization Group level. Directory Services cannot be inherited for this integration to work, so we are only overriding the settings so that we can also establish a connection to our Main VMware Identity Manager Tenant from AirWatch in the upcoming steps.
1.4. Close the Directory Services Settings
- Confirm the Saved Successfully prompt is shown.
- Click Close.
2. Add User Group
- Click Accounts.
- Click User Groups.
- Click List View.
- Click Add.
- Click Add User Group.
2.1. Search for the Users Organizational Unit
- Select Directory for the Type.
- Select Organizational Unit for the External Type.
- Enter "Users" for the Search Text.
- Click Search.
- Select Users.
2.2. Use Custom User Group Settings
- Scroll down to the bottom.
- Select Custom for User Group Settings.
NOTE - DO NOT click Save yet.
2.3. Configure Custom User Group Settings
- Set Auto Merge Changes to Enabled.
- Set Maximum Allowable Changes to "100".
- Set Add Group Members Automatically to Enabled.
- Click Save.
2.4. Sync User Group to Add Users
- Click the checkbox by the Users user group you created to select it.
- Click Sync.
- Click OK when asked to confirm the Sync action.
2.5. Confirm Users Were Added
- You may need to scroll to the right to view the Users count for the Users group.
- Confirm the Users count shows 26.
3. Integrate VMware Identity Manager
- Click Getting Started.
- Click the Getting Started dropdown.
- Click Workspace ONE.
- You may need to expand the SETUP section by clicking the Plus button.
- Click Configure under Enterprise Connector & Directory.
3.1. Connect to Your MAIN VMware Identity Manager Tenant
- Enter your Main IDM Tenant URL for the Tenant URL field. This should be "https://{yourTenant}.vidmpreview.com". DO NOT use the Tenant URL that contains "-idp.vidmpreview.com".
- Enter "Administrator" for the User name.
- Enter "VMware1!" for the Password.
- Click Test Connection.
- Ensure the Test connection successful! prompt displays.
- Click Continue.
3.2. Configure and Save VMware Identity Manager Integration
- Select Yes for Do you want to use AirWatch to authenticate users.
- Click Save.
- Click Finish.
3.3. Navigate to All Settings
- Click Groups & Settings.
- Click All Settings.
3.4. Sync VMware Identity Manager
- Click System.
- Click Enterprise Integration.
- Click VMware Identity Manager.
- Scroll down to the bottom.
- Click Sync Now.
- Click Close.
4. Confirm Users Have Synced to Main VMware Identity Manager Tenant
- Click the tab for your Main IDM Tenant Administrator Console.
NOTE - Be sure you are accessing your MAIN IDM Tenant. The URL should be https://{tenantName}.vidmpreview.com. - Click Users & Groups.
- Confirm you see the 4 corp.local users synced from AirWatch.
0 Comments
Add your comment