This guide will walk you through how to set up SSO for Egnyte with VMware Horizon.
Set Up VMWare Horizon for Egnyte
1. Log in to the VMware Horizon website. Navigate to "Admin" --> "Applications" --> "Add Application".
2. Locate Egnyte and click "Add". You should be directed to the "Egnyte Edit Application" screen. If not, click on Egnyte in the "Applications" tab.
3. Under Application Parameters, click the "Edit" button. Enter "vmw-horizon" in the Domain row under "Current Value". Click "Save".
4. Under "Individual User Entitlements", click the +ADD button (you can also add group entitlements). Select which employees will have access to Egnyte via SSO by typing in their name or clicking the browse button to manually select them, and then set deployment to "automatic".
5. When configuring Egnyte settings in the next section, you will need to enter your SAML certificate. To locate your certificate, navigate to "Admin" --> "Settings" --> "SAML Certificate".
6. Copy your SAML certificate but do NOT include "----BEGIN CERTIFICATE----" nor "----END CERTIFICATE----".
Configure Egnyte Settings for VMware Horizon
1. Log into your Egnyte account through the Web UI.
2. Navigate to "Settings" --> "External Authentication" --> "SAML (SS0)".
3. Fill out the settings as follows:
- Check the box "Enable SAML (SS0).
- ldP Name: Choose vmw-horizon in the dropdown.
- ldP Account Name: Enter your Egnyte account name (without the ".egnyte.com" portion for this and all subsequent steps). For example, if your account is acme.egnyte.com, enter "acme".
- ldP Target URL: Enter https://<ldP Account Name>.horizonmanager.com/SAAS/API/1.0/POST/sso. For example, if your ldP Account name is "acme", enter: "https://acme.horizonmanager.com/SAAS/API/1.0/POST/sso"
- ldP Issuer URL: Enter https://<ldP Account Name>.horizonmanager.com/SAAS/API/1.0/GET/metadata/idp.xml. For example, if your ldP Account name is "acme", enter: "https://acme.horizonmanager.com/SAAS/API/1.0/GET/metadata/idp.xml
- SAML Certificate: Paste the certificate that you copied from Step 6 under VMware Horizon Setup.
4. Click on "Save".
Import Users into Egnyte
1. Log into Egnyte through the Web UI. Navigate to "Settings" --> "Users & Groups" --> "Power Users".
2. Click the "Import" button.
3. In the import dialog, click on "Download Sample File" to download the sample user provisioning CSV file.
4. Open the downloaded CSV file in Microsoft Excel and fill out the columns with the following values:
Here's an example of how it will look in Microsoft Excel:
Note: Periods, underscores, and hyphens can be placed in usernames; however, usernames cannot begin with these symbols nor can a username end with a period.
5. Save the file in CSV format.
6. Upload the File to Egnyte by clicking on "Choose File" in the "Import Users" dialog and selecting the file you just saved.
7. If you are using the spreadsheet to create new employee accounts in Egnyte, select the checkbox "Allow the creation of new users". If your employees already have accounts in Egnyte and you are now allowing them to have SSO access, select "Allow updating of existing users". When updating existing employees, you will only need to complete the Username, AuthType, and ldpUserID columns; the rest can be left blank.
8. Click "Import" and wait for the confirmation email that indicates your user import has completed.
9. Test the setup by logging out of your Egnyte account. You should now see a different login page that now includes a single sign-on option on the right. Click "Login" and you should be redirected to your SSO provider. Log in. You should be redirected to your Egnyte domain.