Configure Microsoft Entra ID (formerly Azure Active Directory) SAML Authentication with VMware Cloud Director
You can configure SAML authentication with your Zettagrid Cloud Director service to take advantage of using Microsoft Entra ID Single Sign On. This guide outlines the step required to configure SAML Authentication. You will require administrator account access on both Cloud Director and Microsoft Entra ID to complete this configuration.
Step 1.
Click on Administration, and navigate to Identity Providers > SAML
Step 2.
Check the Certificate Expiration; if this has expired, click on Regenerate Certificate.
Click on Configure
Step 3.
Enter an Entity ID; you may wish to set this as your company name or descriptor that allows Entra ID to identify the Service Provider Entity ID. This will be used as the Entra Identifier (Entity ID) for the Entra Enterprise Application that will be shown later.
Click on ‘Retrieve Metadata’
Save this file to your local drive, in order to upload to Microsoft Entra for SSO Configuration.
Step 4.
Login to the Micrsoft Entra Admin center Microsoft Entra Admin Center using your Entra ID Administrator Account.
Navigate to ‘Applications/Enterprise Applications’
Click on ‘Create your own application’.
Enter the name of you new application and click ‘Create’
Click on ‘Assign Users and Groups’ to assign users that are assigned to the new SSO Application.
Next, click on ‘Set up single sign on’, then click on ‘SAML’
Here you can upload the metadata file that was retrieved from your Zettagrid Cloud Director account.
We then need to set the ‘Sign on URL’ that will be used for the Zettagrid Tenant URL.
Click save when done.
Use your Zettagrid Cloud Director Tenant URL for the correct zone.
Note that we have used the ‘Entity ID’ that we set from Cloud Director SAML Service Provider.
Under the section ‘SAML Certificates', adjacent to ‘Federation Metadata XML’ click on ‘Download. This metadata file will be uploaded to the Zettagrid SAML configuration in your Cloud Director account.
Returning to Cloud Director Administration > Identity Providers > SAML. Edit your SAML configuration and enable ‘Use SAML’ Identity Provider'.
Click the ‘Select Metadata XML File’ button and select your Federation Metadata XML file.
Click Save.
We are almost done!
Now navigate to Administration > Access Control > Users(or Groups).
Click on ‘Import Users’. You will now see the source as SAML. In the window, enter all the names of the users(or groups) that you wish to import from Azure AD to be permitted SSO access to your Zettagrid Cloud Director account. Assign a Role to these imported users.
Click save.
Congratulations! You’ve now configurated SAML authentication to be used with Zettagrid Cloud Director.
Your users will now be prompted to use Single Sign authentication when they next navigate to your Tenant URL.
You may wish to change the text on the Single Sign-On button.
Go to Administration > Identity Providers > SAML
Click Edit on SAML Configuration.
Go to Button Label, and edit Custom Button Label. Save
Now you have a custom Button for your tenant users.
Futher information can be found at Broadcom TechDocs
If you have any issues, or further questions please contact our support team.