VMware Horizon Community
AnujJoshi
Contributor
Contributor
‎09-10-2012 02:48 AM

Single Sign page for 2 factor authentication

Hi,

Please advise how to have sigle sign on page for RSA authentication. As per our existing setting, this is how it works.

1. User opens VMWare view client ==> Supplies detail of connection server (which is publically available).

2. It prompts for RSA user name and RSA passcode.

3. User supplies those details and if authenticated its promopted for another page for AD authentication.

4. User supplies AD password and he is able to access his pool and connects.

In this entire process, he gets 2 pages (one for RSA credentials and one for AD password). Is it possible to have a single page with

Username

Password

RSA passcode

Thats it..

Regards,

Anuj

0 Kudos
3 Replies
markbenson
VMware Employee
VMware Employee
‎09-10-2012 04:12 AM

This is not possible as step 4 is a necessary step. Even if the Connection Server were to omit the AD password prompt, the user would still be asked for the AD password when they connect to the virtual desktop, so it wouldn't save any step.

RSA SecurID authentication is an optional additional step before AD password authentication.

Mark.

AnujJoshi
Contributor
Contributor
‎09-10-2012 04:43 AM

Hi Mark,

Thanks for responding. So essentially, whichever way I go, I will get two screens (one for RSA) and one for AD authentication before I could see VM.

Thanks for clarifying.

Is there any way I can customize these pages (change icons, headers etc…).

Best regards,

Anuj Joshi

0 Kudos
markbenson
VMware Employee
VMware Employee
‎09-10-2012 06:41 AM

AnujJoshi wrote:

Hi Mark,

Thanks for responding. So essentially, whichever way I go, I will get two screens (one for RSA) and one for AD authentication before I could see VM.

Thanks for clarifying.

Is there any way I can customize these pages (change icons, headers etc…).

Best regards,

Anuj Joshi

Yes. RSA Security Authentication adds a single step in the authentication sequence. The default is to just to AD authentication in which case you get just one prompt.

View clients don't support customization, but in any case there is still a requirement to get the SecurID PIN/Tokencode and then the AD password.

Mark