The True Single Sign-on (True SSO) feature grants users access to a Linux remote desktop after they first log in to VMware Workspace ONE. Users can log in to VMware Workspace ONE using a smart card or RSA SecurID or RADIUS authentication, and then access remote Linux resources without entering their Active Directory credentials.
Overview of True SSO
If a user authenticates by using Active Directory (AD) credentials, the True SSO feature is not necessary. However, you can configure True SSO to be used even in this case, so that the desktop can support both AD credentials and True SSO.
When connecting to a Linux remote desktop, users can select to use either the native Horizon Client or HTML Access.
The /etc/vmware/viewagent-greeter.conf configuration file allows you to configure the behavior of the VMware greeter in cases where True SSO fails. See Setting Options in Configuration Files on a Linux Desktop.
System Requirements for True SSO
True SSO is supported on single-session virtual desktops running the following Linux distributions:
- RHEL/CentOS 7.x
- RHEL 8.x/9.x
- Ubuntu 18.04/20.04/22.04
- SLED 12.x/15.x
- SLES 12.x/15.x
True SSO is supported on multi-session published desktops and applications based on the following types of farms.
- Manual and automated instant-clone farms of Ubuntu 18.04/20.04/22.04 or RHEL Workstation 7.8/7.9 host machines that have been integrated with Active Directory using the Samba domain-join method.
- Manual farms of RHEL Workstation 8.1 or later, or RHEL Workstation 9.0 or later, host machines that have been integrated with Active Directory using the System Security Services Daemon (SSSD) domain-join method.
Configuring True SSO
- Set up and configure True SSO in your Horizon 8 environment. For more information, see the Horizon Administration document.
- Integrate the base virtual machine with an AD domain, following the procedure for your Linux distribution.
- Configure True SSO on the base virtual machine, following the procedure for your Linux distribution.