balancedHostĪllow HTML Access Through a Load Balancer More information on these two properties follows the table below. The two most common properties used in a deployment are the balancedHost and portalHost. For more information, please reference the Horizon Installation guide located at. If any of the following are added to the locked.properties file, save the file and restart the Connection Server Service. The SAML assertion metadata will need to be regenerated and exchanged (probably to a Unified Access Gateway) in order for the trust relationship to be re-established. The day after that expiration date will mean that users can no longer log in. Mark your calendar for the time frame entered above. Multi-valued String EditorĬlick the OK button on the Multi-valued String Editor window to return to the CN=Common Properties window.Ĭlick on the OK button on the CN=Common Properties window to return to the ADSI Edit window. After this period of time, the process of exchanging SAML metadata must be repeated. In this example, number-of-days is the number of days that can elapse before a remote Connection Server stops accepting SAML assertions. In the Properties dialog box, edit the pae-NameValuePair attribute to add the following values cs-samlencryptionkeyvaliditydays= number-of-daysĬs-samlsigningkeyvaliditydays= number-of-days Expand the ADSI Edit tree, expand OU=Properties, select OU=Global, and double-click CN=Common in the right pane.Ħ. In the Computer pane, select or type localhost:389 or the fully qualified domain name (FQDN) of the Connection Server host followed by port 389.įor example: localhost:389 or :389 Connection Settings – Filled Outĥ. In the Select or type a Distinguished Name or Naming Context text box, type the distinguished name DC=vdi,DC=vmware,DC=int.Ĥ. In the console tree, right-click ADSI Edit and select Connect to. Start the ADSI Edit utility on your Connection Server host.Ģ. If you do not change the expiration period, Connection Server will stop accepting SAML assertions from the SAML authenticator, such as a Unified Access Gateway appliance or a third-party identity provider, after 24 hours, and the metadata exchange must be repeated.ġ.
0 Comments
Leave a Reply. |