SSO can be enabled within the Carbon Black Cloud console to allow administrators to sign on through existing Azure AD configurations.
VMware Carbon Black Cloud leverages a service provider (SP) initiated login for SSO. Before starting SSO configuration, ensure that you have access to Azure as an Application Administrator, and VMware Carbon Black Cloud as a System Administrator or an administrator with permissions to modify the SAML configuration.
Figure 1: (English Only) Expand Settings
Figure 2: (English Only) Select Users
Figure 3: (English Only) SAML Config
Figure 4: (English Only) Go to Enterprise Applications
Figure 5: (English Only) Click New application
Figure 6: (English Only) Select Create your own application
Figure 7: (English Only) Select Integrate any other application you don't find in the gallery (Non-gallery)
Figure 8: (English Only) Select Single sign-on
Figure 9: (English Only) Select SAML
Figure 10: (English Only) Click Edit
Figure 11: (English Only) Paste the Audience URL into Identifier (Entity ID) field
Figure 12: (English Only) Paste the ACS (Consumer) URL into the Reply URL (Assertion Consumer Service URL)
Figure 13: (English Only) Click Save
Figure 14: (English Only) Click Edit
user.surname
, user.userprincipalname
, user.givenname
and delete those options. This leaves user.mail
as the only claim in the Additional Claims section.
Figure 15: (English Only) Delete the Additional claims for user.surname
, user.userprincipalname
, and user.givenname
Figure 16: (English Only) User Mail is left
user.userprincipalname
to user.mail
.
Figure 17: (English Only) Modify the Source Attribute from user.userprincipalname
to user.mail
Figure 18: (English Only) Expand Choose name identifier format
Figure 18: (English Only) Modify the Name identifier format to Default
Figure 19: (English Only) Select Claim Name
INVALID_ASSERTION
failures.INVALID_ASSERTION
failures.
Figure 20: (English Only) Clear Namespace
Figure 21: (English Only) Save Certificate (Base64) file
Figure 22: (English Only) Copy Login URL
Figure 23: (English Only) Select Users and groups
Figure 24: (English Only) Select Add user/group
Figure 25: (English Only) click None Selected
Figure 26: (English Only) Click Select
Figure 27: (English Only) Add Users
Figure 28: (English Only) Click Assign
Have the SAML Signing Certificate and the Login URL available from the steps within the Azure Configuration section.
Figure 29: (English Only) Expand Settings
Figure 30: (English Only) Select Users
Figure 31: (English Only) Paste the Login URL into Single sign-on URL (HTTP-redirect binding)
Open with…
.
Figure 32: (English Only) Select Open with...
Figure 33: (English Only) Select Notepad
Figure 34: (English Only) Copy content of certificate file
Figure 35: (English Only) Paste into X509 certificate field
Figure 36: (English Only) Field automatically truncates line-returns
Figure 37: (English Only) Click Save
Figure 38: (English Only) SAML configuration updated
Figure 39: (English Only) Carbon Black Cloud Sign in
Figure 40: (English Only) Sign in with SSO
Figure 41: (English Only) Accept the End User Agreement
The VMware Carbon Black Cloud loads as expected.
Figure 42: (English Only) VMware Carbon Black Cloud dashboard
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.