2 Replies Latest reply on Jul 21, 2020 9:10 AM by fborges555

    Horizon Dream

    fborges555 Enthusiast

      Hi gurus

       

      I am in the process of standing up a total new Horizon environment and I would like to accomplish multi-domain authentication and shared resources

       

      1) just one Vsphere

      2) Just one vcenter

      3) do I need a security server for each domain

      4) Do I need UAG for each domain.- I am still on connection server , that is why I want to stand up a totally new Horizon

      5) what MFA is better for this type scenario, Right now we use OKTA

       

       

      any discussion on this matters will be really usefull, so I can go and start designing my perfect dream Horizon

        • 1. Re: Horizon Dream
          sjesse Master
          User ModeratorsvExpert

          1) just one Vsphere

          2) Just one vcenter

          vSphere is a combination of esxi and vcenter products, I'm not sure what your asking here. There is a concept of pods Horizon 7 Pods  which you can very well use just one vcenter and set of esxi hosts

          3) do I need a security server for each domain

          4) Do I need UAG for each domain.- I am still on connection server , that is why I want to stand up a totally new Horizon

          Security and UAG server the same purpose so you need one or the other, security server is the older original and Unified Access Gateway is the newer and preferred method in most cases. The login outside of saml or MFA is don one through the connection server. Generally UAGs are more for external vs internal connection, but you can use UAGs internally instead of allowing direct access to the virtual machines.

           

          5) what MFA is better for this type scenario, Right now we use OKTA

          Okta will work fine if you want to use it

          https://cloudvillage.in/index.php/2020/03/30/vmware-uag-integration-with-okta-saml/

           

           

          Take a look at this, its a lot of content but its hard to make informed descions without understanding all the moving pieces.

          VMware Workspace ONE and VMware Horizon Reference Architecture | VMware

          • 2. Re: Horizon Dream
            fborges555 Enthusiast

            J.

             

            Thanks for jumping in on this, what I am looking for is:

             

            1) I would like to have a cross/multiple domains authentication the vpshere will leave in one main

            2) the possibility of use only one vsphere

            3) the possibility of use only one vcenter

            4) at this point I have security servers, I think I will need them as to outside user access but is there a better way to access this multiple domain

            5) at this point I have connection servers , do I need a connection server for each domain ? or different URL to the connection server for each domain or using UAG will get this cross domain authentication better and easier

             

             

            thanks for the help , I have at this point four View Horizon one for each domain and I would like to consolidate them all in one domain