When your Horizon Cloud Node environment is integrated with your VMware Identity Manager environment, you can specify that end users must use the Workspace ONE portal to access their desktops. Requiring end users to access their desktops through the Workspace ONE portal prevents direct desktop access using their Horizon Client or by HTML access. This enforcement is useful when you want to use the two-factor authentication method that is set in your VMware Identity Manager environment.

About this task

Your end users typically launch their entitled desktops using the following methods.

  • From a browser, by loading the FQDN associated with your Horizon Cloud Node.

  • From the Horizon Client application, by including your Horizon Cloud Node FQDN as a new server location in the client application.

  • From the Workspace ONE portal, if your environments are integrated.

You can optionally configure your Horizon Cloud Node environment to require using the Workspace ONE portal only.

You can configure enforcement on users who are accessing their desktops from locations outside your corporate network or on users accessing from inside your corporate network, or both. When using the Workspace ONE portal is enforced, users that try to access their desktops other than from the Workspace ONE portal see a message informing them to use the portal.

Prerequisites

Verify that your environments are integrated, by completing the steps described in Integrate Horizon Cloud with On-Premises Infrastructure with a VMware Identity Manager Environment.

Procedure

  1. In the Administration Console, navigate to Settings > General Settings and click Edit.
  2. In the User Account Configuration section, make selections according to your organization's needs.

    Option

    Description

    Force Remote Users to vIDM

    When set to Yes, users that are trying to access their desktops from locations outside of your corporate network must log in to their Workspace ONE portal and access desktops from that portal.

    Force Internal Users to vIDM

    When set to Yes, users that are trying to access their desktops from locations within your corporate network must log in to their Workspace ONE portal and access desktops from that portal.

  3. Click Save to confirm the configuration to the system.

What to do next

Verify that the desktop access behaves according to your settings by trying to access a desktop using the Horizon Client or using a browser directly instead of from the Workspace ONE portal.