Access Installation

Connected Articles


Identity Manager Appliance

  • The Service; User portal, Built-in AuthN and idP (TCP443)
  • Certificate Proxy Service (TCP5262)
  • Kerberos Key Distribution Center (KDC) (TCP/UDP 88)
  • User database (vPostgres OR external MS SQL)
  • OS = PhotonOS
  • Main WS1 Access service = horizon-workspace

Enterprise Connector

  • ❗️Old connector version 1811 needed for ThinApp publishing
  • Modern Connector is a Java Microservices app, with 4 microservices: User Auth, Kerberos Auth, Virtual App (1Gb RAM set for each service) and Directory Sync (4Gb RAM)

Increasing memory of services on connector:

  1. Log in to the Windows server in which the Workspace ONE Access enterprise service is installed.
  2. Navigate to the INSTALL_DIR\Workspace ONE Access\serviceName folder.
  3. Open the serviceName.xml file in a text editor.
  4. Change the Xmx1g entry to Xmxng where n is the maximum heap memory you want to allocate. Example: Xmx5g
  5. Save file, restart service.

Network ports for connector: Inbound & outbound TCP443 (many uses); Outbound TCP389, TCP636, TCP3268, TCP3269 (LDAP); Outbound TCP88, UDP88, TCP464, TCP135, TCP445 (Kerberos, Directory Sync); Outbound TCP53, UDP53 (DNS); Outbound TCP5555 (RSA SecurID); Outbound UDP514 (Syslog).

Intelligent Hub This is a client simultaneously for WS1 UEM and WS1 Access (Corp apps marketplace + Hub Services: people search, notifications)

Old components

Identity Manager on Windows Server (Old, uses only Cloud KDC)

  • The Service; User portal, Built-in AuthN and idP (TCP443)
  • The Connector; AuthN and User, ThinApp and Horizon Sync (TCP8443)
  • Certificate Proxy Service (TCP5262)

! For IDM on Windows do NOT use non-English localized Windows versions. Workaround: change the regional number setting for decimal to use a period “.” instead of a comma “,”. ! For IDM on Windows shutdown IIS to free up port TCP80. It is not used, but it is needed for IDM install.

Workspace One Client Mobile App App Bundle ID: com.air-watch.appcenter