Discussions specific to the VMware vSphere hypervisor
Post Reply
OliverH
Novice
Posts: 3
Liked: never
Joined: May 11, 2022 9:00 am
Full Name: Oliver Heusel
Contact:

Feature Request: SAML with vCloud Director and Enterprise Manager

Post by OliverH »

Hello.

Some of our customers use their own SAML provider in vCloud Director (10.3.x) as identity provider. Unfortunately, in this case the SSO between vCloud Director and Veeam Enterprise Manager self service portal does not work anymore.

In Enterprise Manager it is possible to store a SAML provider, but this configuration is not client capable.

It would be nice if a solution could be found here, preferably via the Veeam plugin in vCD or a multi-client capability in the SAML configuration in Veeam Enterprise Manager.

Greetings
Oliver

veremin
Product Manager
Posts: 19876
Liked: 2151 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by veremin »

Could you elaborate on your request, cause it's not completely clear what you are after - are you using some SAML provider inside Cloud Director (SSO) and willing to have EM accept such configuration?

OliverH
Novice
Posts: 3
Liked: never
Joined: May 11, 2022 9:00 am
Full Name: Oliver Heusel
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by OliverH »

Right. Some customers use their own SAML provider for their vCloud Director organization. And when they do this, the SSO between vCloud Director and Enterprise Manager no longer works because the users are now authenticated via the customer's SAML provider.

veremin
Product Manager
Posts: 19876
Liked: 2151 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by veremin »

Got it, we will discuss this configuration internally and see where problem might be. I will update the thread, once I have more information. Thanks!

veremin
Product Manager
Posts: 19876
Liked: 2151 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by veremin »

If possible, can you share with us details regarding Identity Provider used and its configuration? Having this information will help us to review the said scenario more accurately. Thanks!

ChrisNaisbitt
Service Provider
Posts: 2
Liked: 1 time
Joined: Sep 22, 2020 10:03 am
Full Name: Chris Naisbitt
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by ChrisNaisbitt »

Hi,

I second this request.

The issue is the SAML implementation in the Veeam Enterprise manager portal assumes a single SAML iDP whereas vCloud director allows configuration of the SAML iDP at the Organisation (i.e. tenant) level. I see where the thinking probably came from, the Dev team assumed a non-service provider use case where the enterprise would use their own iDP to authenticate users however this isn't how VMware built vCD and how the system works when multi-tenanted by an MSP.

We have customers using Azure AD and others using Duo as their SAML iDP. The ability to configure their org within the Veeam Enterprise Portal to refer to their own iDP would be fantastic.

Thanks!

veremin
Product Manager
Posts: 19876
Liked: 2151 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by veremin »

Thanks, Chris, for additional information - we will discuss these details internally and see what can be potentially done for this matter.

OliverH
Novice
Posts: 3
Liked: never
Joined: May 11, 2022 9:00 am
Full Name: Oliver Heusel
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by OliverH »

Hello,

many of our customers use Keycloak as SAML iDP. But there are certainly other iDPs in use as well.

veremin
Product Manager
Posts: 19876
Liked: 2151 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request: SAML with vCloud Director and Enterprise Manager

Post by veremin »

Do you mind naming fews? This should help us to configure and verify the exact setup. Thanks!

Post Reply

Who is online

Users browsing this forum: No registered users and 12 guests