Forum Discussion

veato's avatar
veato
Icon for Nimbostratus rankNimbostratus
Dec 15, 2015

VMWare VDI APM Design

I used the VMView iApp and an access policy (for client access) was created for me. I wanted to additionally use 2FA so I modified the policy to include RADIUS. At the moment though I have two independent logon pages where credentials are input on each screen e.g.

 

  1. Start
  2. Client Type (VMware View)
  3. View Logon Page (1-user, 2-PIN and One Time Password)
  4. Radius Auth
  5. View Logon Page (1-user, 2-AD Password)
  6. AD Auth
  7. NAT Variable Assign
  8. View Client Resource Assign

What I'd like is a single logon page for the user to input three fields: 1-user, 2-AD Password, 3-PIN & OTP, and then the relevant input be passed to the relevant auth so I end up with:

 

  1. Start
  2. Client Type (VMware View)
  3. View Logon Page (1-user, 2-AD Password, 3-PIN and One Time Password)
  4. Radius Auth
  5. AD Auth
  6. NAT Variable Assign
  7. View Client Resource Assign

Could someone help with this?

 

  • While defining the login page you need to use "password" variable name for the PIN and OTP and give a different variable name to AD Password (e.g AD_PASSWORD) so your first authentication will the Radius Auth on success you need to assign a variable where you will pass the AD_PASSWORD value to session.sso.token.last.password and then do to AD Auth, it will work.

     

    • veato's avatar
      veato
      Icon for Nimbostratus rankNimbostratus
      The default VMware View Logon Page only has 2 x Logon Page Input Field. Is there a way to add a third for the AD_PASSWORD variable?
    • Lucas_Thompson_'s avatar
      Lucas_Thompson_
      Historic F5 Account
      For the Horizon View client, you can't make the logon have 2 password boxes because the Horizon View client doesn't support it. For web browser, you can have it do that.