Integrating Active Directory and Workspace ONE UEM
In this steps you will integrate Microsoft AD with Workspace ONE UEM.
This integration is required for a couple reasons:
- The User Certificate will be generated based on the Enrolled user information.
- Workspace ONE UEM will send the certificate request to Microsoft CA based in a certificate template that requires the user information.
- In order to perform Kerberos authentication, a Domain account is required..
- Click Groups & Settings.
- Click All Settings.
1. VMware Enterprise Systems Connector
In this step you will enable VMware Enterprise Systems Connector, which act as a Gateway between your devices and internal services like Microsoft AD, Certificate Authority, SMP Server, etc...
1.1. Enable VMware Enterprise Systems Connector
- Click System
- Click Enterprise Integration
- Click VMware Enterprise Systems Connector
- Select Override
- Click Enable for VMware Enterprise System Connector
- Click Enable Auto Update
- Click Save
1.2. Download VMware Enterprise Systems Connector
Click the Download VMware Enterprise Systems Connector Installer link.
A new screen requesting a password with minimum of 6 characters will popup. This password will be requested when you run the installer to allow to import the current settings to the VMware Enterprise Systems Connector server that you are just installing.
After provide the password, the installer will be download under your Downloads folder.
1.3. Create a Password for the VMware Enterprise Systems Connector Installer Certificate
- Enter
VMware1!
for the Password. - Enter
VMware1!
again to confirm the password. - Click Download.
2. Launch the VMware Enterprise Systems Connector
Once the download is finished, click the VMware Enterprise Systems Connector Installer.exe to begin the installer.
2.1. Run the VMware Enterprise Systems Connector Installer
Click Run when prompted to run this software.
2.2. Begin the VMware Enterprise Systems Connector Installer
Click Next.
2.3. Accept the License Agreement Terms
- Select I accept the terms in the license agreement.
- Click Next.
2.4. Choose the Program Features to Install
- Ensure that the AirWatch Cloud Connector is set to install and that the VMware Identity Manager Connector is not set to install.
- Click Next.
2.5. Accept the Default Destination Folder
Accept the default destination folder by clicking Next.
2.6. Enter the Certificate Password
- Enter
VMware1!
for the Certificate Password. - Click Next.
2.7. Disable Outbound Proxy
Leave Outbound Proxy disabled and click Next.
2.8. Begin the Installation Process
Click Install.
2.9. Close the VMware Enterprise Systems Connector Installer
Click Finish.
3. Confirm the VMware Enterprise Systems Connector Installation was Successful
In the Workspace ONE UEM Console,
- In the VMware Enterprise Systems Connector settings, scroll down to find the Test Connection button.
- Click Test Connection. Ensure the VMware Enterprise Systems Connector is active message is displayed.
4. Integrating Microsoft AD and Workspace ONE UEM
To integrate Active Directory with Workspace ONE UEM, navigate to the Directory Services settings.
- Click Directory Services under Enterprise Integration.
- Click Skip wizard and configure manually.
4.1. Configuring AD - Server Settings
- Select Override for Current Settings.
- Select Active Directory for Directory Type.
- Enter
controlcenter.corp.local
for Server - Select NONE for Encryption Type
- Enter
389
for Port. - Enter
3
for Protocol Version. - Select Disabled for Use Service Account Credentials.
- Select GSS-Negotiate for Bind Authentication Type.
- Enter
corp\imaservice
for Bind UserName - Enter
VMware1!
for Bind Password. - Enter
CORP
for Domain. - Click the User tab located on the top
4.2. Configuring AD - User Settings
- Select Override for Current Settings.
- Click on + next to CORP domain.
- Select
DC=corp,DC=local
. - Click the Group tab.
4.3. Configuring AD - Group Settings
- Select Override for Current Settings.
- Click on + next to CORP domain.
- Select
DC=corp, DC=local
. - Click Server to return to the Server Settings