VMware Workspace ONE Access – Set Up Connector

Release date: November 9th 2021

Welcome to my VMware Workspace ONE Access series. In this session I will describe how I installed and set up the VMware Workspace ONE Access connector. This connector will be used for both connecting MS Active Directory and VMware Horizon 8 On-Prem Desktops/Apps. To prepare for this set up, I have created a Virtual Machine running MS Server 2016, joined this to the domain and logged in with a user with administrative privileges. Detailed information about the system requirements and sizing of the connector server(s) can be found here: Workspace ONE Access Connector 21.08 Systems Requirements

To start off, I will be creating a configuration-file in Workspace ONE Access. From the top menu I select Identity & Access Management

From the Directories section, I click Setup…

Under Legacy Connectors, I click New to configure a new connector

I’m planning to integrate my on-premise Horizon 8 environment, so I select Workspace ONE Access Connector 21.08, OK…

I’ve already downloaded the connector installer, so I just click Next…

I enter a password for this configuration and click Download Configuration File, when done, Next…

Looks promising, Close…

For the VMware Workspace ONE Access 21.08 Connector to work properly with Horizon 8, it needs to trust the certificate on the Horizon connection server. As I have used a certificate from my domain CA, I will need to export the CA Root certificate beforehand, as shown below.

I can now start the actual VMware Workspace ONE Access connector setup. When the installation wizard opens, Next…

I accept the license agreement, Next…

At this point in the installation, I can choose which services to install. If this was an enterprise setup, setting up multiple connectors behind load balancers, running separate services, would be recommended, in order to get HA and scalability. But as I’m doing a small lab set up, I will be installing all services on only one server.

Next, I browse and select the configuration file I downloaded above. Enter password and click Next…

I will select Custom installation as this provides me with the opportunity to add the CA certificate I exported above, Next…

I wont be configuring a Proxy or Syslog server at this point, Next…

I can now browse and select the Root CA certificate i exported to begin with, Next…

At this point I can adjust the service ports. As the default ports will work fine in my Lab, I leave them as is, Next…

I provide the username and password for my service account and make sure to adhere to the correct form as stated, Next…

The summary looks good, I click Install and Finish when the installer completes.

Once the installation is finished, I check Services.msc and see that the Directory Sync, User Auth and the Virtual App Service isn’t started. When I try to manually start the services, they stop after a short while.

After some investigation, I saw that I had exported the es-config json file with the wrong tenantURL. Most likely because I hadn’t adjusted the Workspace ONE Access FQDN in the VA configuration, before I exported the es-config.json file.

I guess I could have uninstalled the connector, restarted the server and re-done the complete process, but instead I adjust application.properties files for the services, as shown below.

I can now start the services as expected and the Status and Health for the connector show up as Active and in good condition in Workspace ONE Access.

With that, the configuration of the Workspace One Access connector is complete. I’m now ready to set up the MS Active Directory integration using the above configured connector, this I have described here: VMware Workspace ONE Access – MS Active Directory Integration

VMware Official documentation: Installing the Workspace ONE Access Connector (v. 21.08)

Workspace ONE Access Product Page

VMware Workspace ONE Access Documentation

Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: