Hi all,
We have a little challenge in the following situation.
We have a Top level Domain and 6 Child Domains:
top.local
- Domain1.top.local
- Domain2.top.local
- Domain3.top.local
- Domain4.top.local
- Domain5.top.local
- Domain6.top.local
In one Datacenter, and all the domains in the same network.
What we try to accomplish is that users on location of Domain 3, log into their thin clients with their UPN to the Thin Client and then log into VMware IDM 3.0 portal.
They now need to login twice (one time to the thin client, the second time to IDM). They really want to have SSO implemted in their environment.
So we configured Kerberos Authentication.
The situation is also in IDM that we have 1 connector for all the domains
When we have, as above have 2 domains enabled, like domain3.top.local & top.local.
And we login to a thin client / vdi :
We log in:
Then we open a browser (chrome)
We need to fill in username / user principal name in order to login
And we press "Volgende" or "Next"
We get into the portal (without entering Password! so Single Sign On works, except for the username part)
When we go back to the configuration of the Connector and we configure it for only 1 domain:
only for top.local in this case:
We go back to the vdi/thin client:
We log in again with the same credentials:
We open the browser again and fill in the URL:
And when we press enter:
It works as we expect and how we want it to work!
So only if there is one domain, then this is possible. With multiple domains not... We are not able to create a connector per domain (strangly enough)
Any suggestions are welcome!
Thanks in advance