Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Excerpt Include
AIRWATCH:AirWatch
AIRWATCH:AirWatch
nopaneltrue

Components

Identity Manager Appliance (Recommended for On-Premise)

  • The Service; User portal, Built-in AuthN and idP (TCP443)
  • The Connector; AuthN and User, ThinApp and Horizon Sync (TCP8443 or TCP6443)

  • Certificate Proxy Service (TCP5262)

  • Kerberos Key Distribution Center (KDC) (TCP/UDP 88)

  • User database

Identity Manager on Windows Server (Old, uses only Cloud KDC)

  • The Service; User portal, Built-in AuthN and idP (TCP443)
  • The Connector; AuthN and User, ThinApp and Horizon Sync (TCP8443)

  • Certificate Proxy Service (TCP5262)

Workspace One Client Mobile App

App Bundle ID: com.air-watch.appcenter

Installation

External link: https://www.carlstalhood.com/vmware-identity-manager/

Warning

For IDM on Windows do NOT use non-English localized Windows versions.

Workaround: change the regional number setting for decimal to use a period "." instead of a comma ",".

For IDM on Windows shutdown IIS to free up port TCP80. It is not used, but it is needed for IDM install. 

Articles

Page Tree
root@self

SQL Preparation scripts

Code Block
languagesql
themeEmacs
titleLocal SQL Login...
collapsetrue
USE master;
IF EXISTS(SELECT * FROM sys.databases WHERE NAME = N'saas')
 BEGIN
       ALTER DATABASE saas
       SET single_user WITH
       ROLLBACK immediate;
       DROP DATABASE saas;
 END 
go 
CREATE DATABASE saas COLLATE latin1_general_cs_as; 
ALTER DATABASE saas 
SET read_committed_snapshot ON; 
go 
IF NOT EXISTS (SELECT NAME FROM master.sys.server_principals WHERE NAME = N'horizon')   
BEGIN 
      CREATE login horizon WITH password = N'P@ssw0rd';  
 END 
go 
USE saas; 
IF EXISTS (SELECT * FROM sys.database_principals WHERE NAME = N'horizon') 
  DROP USER [horizon] 
go 
CREATE USER horizon FOR login horizon WITH default_schema = saas; 
go 
EXEC sp_addrolemember 
  N'db_owner', 
  N'horizon' 
go 
CREATE SCHEMA saas AUTHORIZATION horizon 
go 
Code Block
languagesql
themeEmacs
titleLocal SQL Login...
collapsetrue
-- Example account used is lab\idmadmin

USE master;


IF EXISTS(select * from sys.databases where name=N'saas')

BEGIN

alter database saas set single_user with rollback immediate;

DROP DATABASE saas;

END

GO



CREATE DATABASE saas

COLLATE Latin1_General_CS_AS;

ALTER DATABASE saas SET READ_COMMITTED_SNAPSHOT ON;

GO



IF NOT EXISTS

(SELECT name

FROM master.sys.server_principals

WHERE name = N'lab\idmadmin')

BEGIN

CREATE LOGIN ['lab\idmadmin'] FROM WINDOWS;  

END

GO



USE saas;

IF EXISTS (SELECT * FROM sys.database_principals WHERE name = N'lab\idmadmin')

DROP USER ['lab\idmadmin']

GO



CREATE USER [lab\idmadmin] FOR LOGIN [lab\idmadmin]

WITH DEFAULT_SCHEMA = saas;

GO



CREATE SCHEMA saas AUTHORIZATION "lab\idmadmin"

GRANT ALL ON DATABASE::saas TO "lab\idmadmin";

GO
Note
  • Database schema name must be 'saas', cannot be changed.
  • Collation must be 'Latin1_General_CS_AS', could be changed but change not recommended.

JDBC URLs

SQL local user

jdbc:sqlserver://<DB_VM_IP_ADDR>;DatabaseName=saas

jdbc:sqlserver://<DB_VM_IP_ADDR>\INSTANCE_NAME:PORT;DatabaseName=saas (you can remove the instance name if default)

AD domain user

jdbc:jtds:sqlserver://<DB_VM_IP_ADDR>:1433/saas;integratedSecurity=true;domain=LAB.LOCAL;useNTLMv2=true

Multi-site, SQL Always On

jdbc:sqlserver://<hostname-of-availability-grouplistener>;DatabaseName=saas;multiSubnetFailover=true