Forum Discussion
NimbostratusAccess VMware Workspace Portal/Identity Manager using BIG-IP Access Policy Manager (APM)
The external users would like to access VMware Workspace Portal/Identity Manager through APM, so external users are able to launch Horizon View desktops or RDS farm applications presented on Workspace Portal/Identity Manager without using Security Servers.
Does current APM support it?
Hi, Paul.
Yes - we can do this today with iRules to make this work. Right now, we have it working for PCoIP, Citrix, and Web Applications launched through IDM (they can be proxied through APM). We are working on the HTML apps and/or desktops right now, and "hopefully" should have this done soon.
If you are interested, send me your contact information and we may be able to give you early access to the iRules...
Justin Venezia
Justin_Venezia_Cirrus
Hi, Paul.
Yes - we can do this today with iRules to make this work. Right now, we have it working for PCoIP, Citrix, and Web Applications launched through IDM (they can be proxied through APM). We are working on the HTML apps and/or desktops right now, and "hopefully" should have this done soon.
If you are interested, send me your contact information and we may be able to give you early access to the iRules...
Justin Venezia
Paul_Duan_24199Thanks Justin. I was expecting get answer from you. My contact has been messaged.
Victor_Badauy_2Hi Justin,
Is it possible to get these irules as well?
Best regards,
Michael_EbbelsHi Justin,
Is it possible to get these irules as well?
Regards Michael
- Justin_Venezia_
Michael - send me your contact info, please. We're still working on a portion of the solution and don't have a firm ETA on when we'll release to DevCentral.
We can discuss the options if you are willing/need only a portion of the solution (PCoIP, Citrix, Web Apps, etc.).
Thanks!
Justin
alex_4_236440Altostratus
Hi Justin,
I can't see a way to send you a PM - please could you share these irules with me too?
I'm hoping to use APM for PCoIP, HTML5, and Web Apps.
- Matt_Mabis
Employee
Hey Alex.4 we are still working on HTML5 (Apps and Desktops) through APM, we should have a solution soon coming down the pipeline. We do however have the Native Client Method for (PCoIP/Blast Extreme) Functional.
Just keep in mind that these iRules are functional they are not supported by Typical F5 Support. We are working on integrations into the next major release of our software to incorporate these as native supported Functions (Native Client).
If you want them please PM me on DevCentral with your contact information and ill make sure you get them.
Matt Mabis
Markus_HiltyHi Justin,
Is it possible to get these irules as well? i tried to analyze and implement workspace one an apm without success. we need only the Web Apps.
Regards, Markus
- LJM_301194
Hi, I am also looking to setup vIDM behind APM and enable SSO. Are you able to provide information on the APM configuration, please?
Lyle
JC_47645Have these iRules been published anywhere or is there a guide on how to set this up yet? If so, could someone please send a link or instructions. Thanks!
Which method are you hoping to do @JC
APM as IDP or VIDM as IDP?
i am working on some documentation for the APM as IDP method with Native Client. Nothing public as of yet but i will post about it as soon as its ready, This would be using native 13.0 code and no iRules to implement the APM as IDP for Horizon Native Client integration.
- JC_47645
I'm not exactly sure what the best setup for us is yet. I'm working on a POC with vIDM on-prem and integrating it with Horizon View/RDSH Apps. We already proxy View connections via APM for external access and everything works as expected. With the vIDM integration, accessing View internally works great but externally it appears the APM auth gets in the way. I've read the guide on how integrate APM (as SP) and vIDM (as IdP) so we can translate SAML to kerberos or header-based credentials for SSO access to internal apps. I was hoping there was something similar you could do for View connections but maybe had to incorporate some iRules to handle the auth request coming from the View Native Client.
To make a long story short...just looking for some guidance on how to access View Desktops/Apps externally via vIDM when View is being proxied by APM. Any assistance or design recommendations would be appreciated.
