As most of you properly know, the architecture for the Workspace ONE Access connector was fully redesigned. What does that mean?
The Workspace ONE Access connector is completely rebuilt from scratch and is now based on Microservices. As mentioned in my blog post regarding the upgrade of the connector there is a lot to be aware of before upgrading (Workspace ONE Access connector support). There is an upgrade script available on the VMware website as well.
The new “design” of the Workspace ONE Access connector is a modular configuration. That has big advantages compared to the old style. The reason is, you have only services for each function instead of ONE big connector. Why is that an advantage you may ask. Well, you have a simple service instead of several connectors. The services are differentiated and can be deployed to one machine or separated, which makes it easier to understand, deploy and of course troubleshooting. The other reason is, not all customers wants or have to have all services and can choose which one they want.
Which services are available:
- Directory synchronization
- Synchronization of user into Workspace ONE Access
- Doesn´t need to be domain joined in case of IWA Directory sync
- Microsoft Active Directory and LDAP supported
- User authentication
- Active Directory username and password
- RSA secureID
- Use the built-in provider
- Active Directory Kerberos authentication
- direct communication of users with the connector
- Requires domain join
The Microsoft AD synchronization will be quicker and more robust.
The modular configuration:
- Start deploying the directory sync service
- In the Workspace ONE Access console you specify the AD sync settings
- Tie the AD sync service to the settings