In this walkthrough we're going to show you how to access the sample VMware Identity Manager Administrative Console in the TestDrive environments.
- Section 1: Logging in to the vIDM Admin Portal
- Section 2: Admin Portal Feature Walkthrough
- Section 3: vIDM Sample Environment Best Practices
Before you Begin
In order to complete this demo please make sure you have the following:
- A valid account in the VMware TestDrive environment, sign up here if you don't
Background Info - VMware Identity Manager Overview
VMware Identity Manager is identity management for the mobile cloud era that delivers on consumer-simple expectations like one-touch access to nearly any app, from any device, optimized with AirWatch Conditional Access. Empower employees to get productive quickly with a self-service app store while giving IT a central place to manage user provisioning and access policy with enterprise-class directory integration, identity federation and user analytics. A few of the key features of VMware Identity Manager include:
- Self-Service Unified App Catalog - Now, employees can access all their applications regardless of type in one central app catalog across all their devices. This aggregates entitlements to applications, regardless of where those entitlements are managed and allows for provisioning to be user activated or automatic. The app catalog includes applications brokered through AirWatch from the Google, Microsoft or Apple app stores, remotely hosted Windows apps entitled through Horizon or Horizon Air, remote Citrix apps, internal web apps, packaged Windows apps and more.
- Enterprise Single Sign On - Enable your employees to launch directly into the apps they need without requiring multiple sets of credentials or needing to continuously authenticate. Through vIDM and AirWatch a seamless Single Sign-On (SSO) experience can be achieved for web, mobile, SaaS, and legacy applications.
- Conditional Access Policies - Apply conditional access policies, denying or allowing access to individual apps, by user security group, network, and authentication strength.
With great privilege comes great responsibility - This vIDM admin instance is used by all Testdrive users so please be respectful to your peers and do not break the access for all users by editing a policy. We have defined which policies and apps cannot be edited at the end of this guide. Also, please do not change the branding! Thank you!
Note: This vIDM admin instance is used as view only. Any configurations and changes made within this vIDM instance will not be reflected onto devices within TestDrive.
Section 1: Logging in to the vIDM Admin Portal
To get started navigate to Workspace ONE at wsone.vmtestdrive.com Login with your TestDrive username and password.
Once you're logged in, search for vIDM to find the "vIDM Admin Portal" web app. Click to add the app to your bookmarks if you'd like. Click to launch the app and you'll be SSOd into the service.
A new tab will open for the Workspace ONE user portal for this vIDM instance. We'll want to navigate to the admin piece so choose the dropdown next your your account in the top right.
Select "Administration Console".
Section 2: Admin Portal Feature Walkthrough
Now you're logged into the VMware Identity Manager Administrative Console. First, you'll land on the dashboard which provides analytics for your vIDM deployment including top applications and login statistics.
Choose the "catalog" tab at the top. Here you will see all apps that have been added to the vIDM instance (Native mobile apps will not appear as those are added in the AirWatch Admin Console). You can tag your apps so they appear in specific categories within the Workspace ONE catalog. Also, you can add an app by choosing "Add Application" at the top right.
Choose "Add Application". You'll see you have multiple options for types of apps to add but for this walkthrough we will choose "...from the cloud application catalog".
Next the cloud app catalog will load and you can choose any app your organization uses from the list.
Here we can modify how the app will appear in the Workspace ONE catalog to end users as well as define user entitlements, conditional access policies and your organizations tenant information for the app.
Next, lets take a deeper look at the policies which can be applied by app. Navigate to "Identity & Access Management" at the top and choose "Policies" from the grey bar. We created the first policy for users to edit for demos so choose "0. WWE CORP Policy - Edit".
Note: Any policy that says "Edit" can be demo-ed, however, any policy that says "Do Not Change" should not be edited and saved.
The details page for this policy will display. You'll see which apps this policy applies to as well as the primary and failover authentication methods for each devices type.
Section 3: vIDM Sample Environment Best Practices
Now that we have walked through the key features of the vIDM admin portal lets highlight a few pieces which should not be changed by users. You can click to add or edit items but please do not save!
Note: if these are changed all users will not be able to login to the vIDM admin portal so please do not modify these!!!
Do Not Change!! - AWAdmin Internal Directory
Do Not Change!! - Identity Provider titled "DO NOT EDIT - TestDrive vIDM IdP"
Do Not Change!! - Access policies titled "DO NOT CHANGE"
Do Not Change!! - AirWatch Integration