Identity Manager is an Identity as a Service (IDaaS) offering, providing application provisioning, self-service catalog, conditional access controls and Single Sign-On (SSO) for SaaS, web, cloud and native mobile applications.
Simplify business mobility with included identity provider (IDP) or integrate with existing on-premises identity providers so you can aggregate SaaS and Native Mobile and Windows 10 apps into a single catalog.
Establishes trust between users, devices and the hybrid cloud for a seamless user experience and powerful conditional access controls leveraging AirWatch device enrollment and SSO adaptors.
Build a branded self-service app store so employees can subscribe to applications across devices with automated or manual provisioning.
Identity Manager leverages the same identity management solution as vCloud Air and the vCloud Suite, used in the most advanced data centers and private clouds.
Identity Manager is a service that extends your on-premises directory infrastructure to provide a seamless Single Sign-On (SSO) experience to web, mobile, SaaS, and legacy applications.
Enable users with single sign on while saving on service desk calls and protecting against data leakage. Aggregate SSO apps into one convenient catalog and launcher across any device type through the included identity provider or token generator or integration with an existing identity provider.
Support a wide range of web, virtual desktops, published applications, Windows packaged apps, and native mobile apps, all from one place.
VMware works with a range of enterprise SaaS vendors leveraging the SAML standard to provide pre-defined integrations including automated user provisioning.
Manage the complete user lifecycle across the hybrid cloud complete with a custom brandable launcher and app store application provisioning, and user analytics to monitor and manage resources.
Employees can simply search and select applications that they want to subscribe to and kick-off automated or manual provisioning as required.
Support anydevice through a responsive and skinable web app that includes simple sorting by category and favorites.
Easy to use analytics help you understand usage trends, capacity planning and licensing management powered with rich and detailed information.
Identity Manager customization tool allows you to transform the self-service app store and launcher with your colors, logos, backgrounds, textures and design elements.
Once a new application is placed in the app catalog, administrators may auto-provision to users by group, or enable self-subscription. Permit subscription events to kickoff approval workflows through existing partners like Remedy.
Identity Manager leverages the same core identity management solution that may be seen powering VMware vCloud Air and the vCloud Suite in the world’s most advanced datacenters and enterprise-class infrastructure clouds.
Apply conditional access policies by user security group, network, and authentication strength.
Distinguish between managed and unmanaged devices to allow broad access to low risk apps and then enforce device management with encryption and wipe controls for apps that contain sensitive data.
Adding AirWatch EMM integrates subscribed applications into the AirWatch catalog where they can be “installed” directly onto the native springboard as just another application icon, ready for use.
Beyond app usage analytics, device analytics supplied through AirWatch enrolled devices permit IT to understand the intersection of apps and devices to make intelligent decisions about capacity planning and new service development.
Identity Manager was designed for the mobile cloud world for AirWatch enrolled devices providing a seamless consumer-grade user experience.
Supports multiple Active Directory domains, multiple forests and different trust configurations offering extreme flexibility for integrating with existing environments.
Identity Manager is built from a single multi-tenant code base whether deployed on premises, or in the cloud. Cloud-based and on-premises instances of Identity Manager may federate for added flexibility.
VMware Identity Manager is available as part of VMware Workspace ONE Standard, Advanced and Enterprise Editions. It provides secured access to corporate applications across all devices and platforms, and a single sign-on experience to cloud apps, single portal access for employee work applications, and conditional access control to apps based on device, network, and user.
Activation
To begin deployment and configuration of VMware Identity Manager, make sure you have the URL, Username, Password, and Activation Code included in your activation email. Your activation code is used to establish communication between your tenant and your connector instance. The VMware Identity Manager Connector virtual appliance OVA will be required for set up (download Connector OVA).
Deploy the Connector OVA and use the Setup wizard to activate your tenant. Once completed, you will use the administration console to configure your Active Directory information and setup your authentication methods.
*VMware vSphere server virtualization platform and vSphere client is required to deploy the OVA file. For more information please see the Installation guide. To know more about vSphere, and how to make a purchase, click here or contact your VMware or AirWatch account manager.
Catalog
The catalog is the repository for all resources that you can entitle to users. In the catalog tab, you can add web applications from the cloud application catalog, create a new application, group applications into categories, and access information about each resource.
Integrating with LDAP
VMware Identity Manager uses your Active Directory infrastructure for user authentication and management. Using the administration console, configure the information to connect to your Active Directory. You can select users and groups to sync with the VMware Identity Manager directory. This will enable you to provide SSO to all SAML compliant apps creating a seamless end user experience.
The Active Directory connection can use Active Directory over LDAP, or Active Directory Integrated Windows Authentication. Active Directory over LDAP connection supports DNS service location lookup by default. With Active Directory Integrated Windows Authentication, you configure the domain to join.
Identity & Access Management
The Identity & Access Management tab contains the manage and setup screens.
The Manage screen allows you to set up your directory connection to Active Directory and sync users and groups to the directory. You can also configure a third-party identity provider, recover passwords for users, enable/manage authentication methods and set policies.
Use the Setup screen to setup the connector service, apply customer branding, define user attributes, and define network ranges.
Console Management
The VMware Identity Manager administration console provides the management interface for your tenant. You can use the administration console to configure your directory sync to Active Directory, managing users and groups, add resources to the catalog, and set up and manage authentication and access policies. The tasks in the administration console are organized by tabs.
Dashboard - The user engagement dashboard can be used to monitor user and resource usage. This dashboard displays information about who signed in, which applications are being used, and how often they are being used. You can create reports to track users and groups activities and resource usage.