To import
Active Directory users on the Wyse Management Suite private cloud,
do the following:
Steps
Log in to the Wyse Management Suite private cloud.
Navigate to Portal Admin > Console Settings > Active Directory
(AD).
Click the Add AD Server Information link.
Enter the server details such as AD Server Name, Domain Name, Server URL, and Port.
Click Save.
Click Import.
Enter the user name and password.
NOTE: To search groups and users, you can filter them based on Search Base, and Group name contains options. You can enter the values as following:
OU=<OU Name>, for example, OU=TestOU
DC=<Child Domain>, DC=<Parent Domain>,
DC=com, for example, DC=Skynet, DC=Alpha, DC=Com
You can enter a space after a comma, but you cannot use single
or double quotes.
Click Login.
On the User Group page, click Group name and enter the group name.
In the Search field, type the group name you
want to select.
Select a group.
The selected group is moved to the right pane
of the page.
Click Next.
Click Import Users.
NOTE: If you provide an invalid name or do not provide a last name, or
provide any email address as name, then the entries cannot be imported
into Wyse Management Suite. These entries are skipped during the user
import process.
The Wyse Management Suite portal displays a confirmation
message with the number of imported active directory users. The imported
active directory users are listed at Users
tab > Unassigned Admins.
To assign different roles or permissions, select a user and click Edit User.
After you assign the roles to the
active directory user, they are moved to the Administrators tab on the Users page.
Next steps
Active directory
users can log in to the Wyse Management Suite Management portal by
using the domain credentials. To log in to the Wyse Management Suite
portal, do the following:
Start the
Wyse Management Suite management portal.
On the login screen, click the Sign in with your domain
credentials link.
Enter the domain user credentials, and click Sign In.
The imported Active Directory users can be activated
or deactivated on the Users page
by using the global administrator login. If your account is deactivated,
you cannot log in to the Wyse Management Suite Management portal.
NOTE: To import the users using LDAPS protocol, complete the following
steps:
Import the AD Domain Server Root Certificate into Java Key Store
Manually using the keytool. For example, <C:\Program
Files\DELL\WMS\jdk1.8.0_152\jre\bin>keytool.exe> -importcert -alias
"WIN-O358EA52H8H" -keystore "<C:\Program Files\DELL\WMS\jdk1.8.0_152\jre\lib\security\cacerts>"
-storepass changeit -file "Root Certificate Path"
Restart Tomcat service.
Configuring
Active Directory Federation Services feature on public cloud
About this task
To configure
Active Directory Federation Services (ADFS) on a public cloud, do
the following:
Steps
On the Portal Admin page, under Console Settings, click Active
Directory (AD).
Enter the Wyse Management Suite details to ADFS. To know the location
details on the ADFS server where you must upload the Wyse Management
Suite xml files, hover the mouse over the information (i) icon.
NOTE: To download the Wyse Management Suite xml file, click the download
link.
Set the Wyse Management Suite rules in ADFS. To know the custom claim
rule details, hover the mouse over the information (i) icon.
NOTE: To view the Wyse Management rules, click the Show WMS
Rules link. You can also download the Wyse Management
Suite rules by clicking the link provided in the Wyse Management Suite Rules window.
To configure the ADFS details, click Add Configuration, and do the following:
NOTE: To allow tenants to follow the ADFS configuration, upload the ADFS
metadata file.
To upload the XML file stored on your thin client, click Load XML file.
The file is available at https://adfs.example.com/FederationMetadata/2007–06/FederationMetadata.xml.
Enter the details of the entity ID and X.509 signing certificate
in the respective boxes.
Enter the ADFS login URL address and the ADFS logout URL address
in the respective boxes.
To enable tenants to configure Single Sign-On by using ADFS,
select the Enable SSO login using ADFS check
box. This feature follows the Security Assertion and Markup Language
(SAML) standard specification.
To validate the configuration information, click Test
ADFS Login. This enables tenants to test their setup before
saving.
NOTE: Tenants can activate/deactivate SSO login by using ADFS.
Click Save.
After you save the metadata file, click Update Configuration.
NOTE:
Tenants
can log in and log out by using their AD credentials configured from
their ADFS. You must ensure that the AD users are imported to the
Wyse Management Suite server. On the login page, click Sign in and enter your domain credentials. You must provide
the email address of your AD user and sign in.