As the Enterprise Administrator setting up self-service federation, you have completed all configuration steps and are now ready to validate and activate the federation setup.

Prerequisites

  • Validate that you are logged in to the ACME Management Organization with the top-level primary domain acme.com.
  • To validate domains or subdomains that are different from your account, you must send a validation link to an employee that has the appropriate account credentials, and ask them to test the setup.
  • Verify that your browser settings allow pop-up windows.

Procedure

  1. In the Complete Setup section of the Set up Enterprise Federation page, click Start.
    The Validate login section of the workflow expands.
  2. Click the Validate login button next to the acme.com domain.
    The VMware Cloud services Welcome screen appears in a pop-up window.
  3. Enter the email, username@domain, or UPN.
    On the VMware Cloud services Welcome screen, you identify yourself as a user with your email, username@domain, or UPN. This is not the actual login. You authenticate and log in from the identity provider's page you configured as part of the self-service federation setup.
    If the enterprise federation setup has been configured correctly, your browser redirects to your identity provider's login page.
  4. In the identity provider's login page, enter your corporate credentials.
  5. After logging in, close the pop-up window and return to the self-service federation workflow.
    Upon successful login, the status of the acme.com domain in the Validate login section of the workflow changes to indicate that the domain has been validated.
  6. Click Next to expand the Notify users about federation section of the workflow.
    1. Download the email template and modify if necessary for the needs of your communication to the users of the registered and verified domains in your Organization and any other Organizations that have users from these domains.
    2. Download the list of enterprise users whose accounts have been synced with VMware Cloud services and must be notified about the change in their log in.
  7. Click Next.
  8. Review and acknowledge the list of changes that go into effect when federation is activated.
  9. Click Enable.
    You are redirected to a status page that notifies you enterprise federation has been enabled.
  10. Log out from the Cloud Services Console and all other VMware Cloud services you are logged in.
  11. Clear all browser cookies or open a new incognito browser.
  12. Log in to VMware Cloud services with your corporate credentials.

Results

If you can successfully log in to VMware Cloud services with your corporate credentials, you have activated federation for all users with accounts ending with the acme.com domain that you federated in this scenario.

What to do next

Link your federated account to your VMware ID. This step is required for all existing users of VMware Cloud services. Existing users of acme.com who previously used a VMware ID account to access their services won't be able to do so after federation is activated. Their access is restored only after they link the new federated account they used to log in to VMware Cloud services to their existing VMware ID account.