The authentication proxy delivers directory services integration across the cloud or across hardened internal networks. In this model, the AirWatch MDM server communicates with a publicly facing Web server or an Exchange ActiveSync Server. This arrangement authenticates users against the domain controller.
- Offers a secure method to proxy integration with AD/LDAP across the cloud.
- End users can authenticate with existing corporate credentials.
- Lightweight module that requires minimal configuration.
- Requires a public facing Web server or an Exchange ActiveSync server which ties into an AD/LDAP server.
- Only feasible for specific architecture layouts.
- Much less robust solution than VMware Enterprise Systems Connector.
- Device connects to AirWatch to enroll device. User enters their directory services user name and password.
- User name and password are encrypted during transport.
- AirWatch does not store the user's directory services password.
- AirWatch relays the user name and password to a configured Authentication Proxy endpoint that requires authentication (for example, Basic Authentication).
- The user's credentials are validated against the corporate directory services.
- If the user credentials are valid, the AirWatch server allows the device to complete a device enrollment.