VMware Horizon Community
fborges555
Enthusiast
Enthusiast
‎07-11-2020 06:40 AM

Horizon Dream

Hi gurus

I am in the process of standing up a total new Horizon environment and I would like to accomplish multi-domain authentication and shared resources

1) just one Vsphere

2) Just one vcenter

3) do I need a security server for each domain

4) Do I need UAG for each domain.- I am still on connection server , that is why I want to stand up a totally new Horizon

5) what MFA is better for this type scenario, Right now we use OKTA

any discussion on this matters will be really usefull, so I can go and start designing my perfect dream Horizon

Reply
0 Kudos
2 Replies
sjesse
Leadership
Leadership
‎07-11-2020 07:47 AM

1) just one Vsphere

2) Just one vcenter

vSphere is a combination of esxi and vcenter products, I'm not sure what your asking here. There is a concept of pods Horizon 7 Pods  which you can very well use just one vcenter and set of esxi hosts

3) do I need a security server for each domain

4) Do I need UAG for each domain.- I am still on connection server , that is why I want to stand up a totally new Horizon

Security and UAG server the same purpose so you need one or the other, security server is the older original and Unified Access Gateway is the newer and preferred method in most cases. The login outside of saml or MFA is don one through the connection server. Generally UAGs are more for external vs internal connection, but you can use UAGs internally instead of allowing direct access to the virtual machines.

5) what MFA is better for this type scenario, Right now we use OKTA

Okta will work fine if you want to use it

https://cloudvillage.in/index.php/2020/03/30/vmware-uag-integration-with-okta-saml/

Take a look at this, its a lot of content but its hard to make informed descions without understanding all the moving pieces.

VMware Workspace ONE and VMware Horizon Reference Architecture | VMware

Reply
0 Kudos
fborges555
Enthusiast
Enthusiast
‎07-21-2020 09:10 AM

J.

Thanks for jumping in on this, what I am looking for is:

1) I would like to have a cross/multiple domains authentication the vpshere will leave in one main

2) the possibility of use only one vsphere

3) the possibility of use only one vcenter

4) at this point I have security servers, I think I will need them as to outside user access but is there a better way to access this multiple domain

5) at this point I have connection servers , do I need a connection server for each domain ? or different URL to the connection server for each domain or using UAG will get this cross domain authentication better and easier

thanks for the help , I have at this point four View Horizon one for each domain and I would like to consolidate them all in one domain

Reply
0 Kudos