Using IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop
This section describes examples of how to use IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop.
To use IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop, there is a need to synchronize the following Active Directory user attributes with the IIJ ID.
- objectGUID
- objectSid
- userPrincipalName
In this sample configuration, the above Active Directory user attributes are assigned to the entitlements attribute to synchronize with this service. In addition, a value such as "cid_mail" is assigned to type of entitlements for easier handling on IIJ ID Console.
[ Reference ]
The following configuration files are provided as reference examples. Configure actual settings in accordance with your environment.
config.yml sample
log:
loglevel: info
ad:
ldap:
server:
addresses:
- 127.0.0.1
user: 'CN=administrator,CN=Users,DC=example,DC=jp'
base_dn: 'DC=example,DC=jp'
filter:
user: 'memberOf:1.2.840.113556.1.4.1941:=CN=IID_IDaaS user group,OU=IID_Groups,DC=example,DC=jp'
group: 'memberOf:1.2.840.113556.1.4.1941:=CN=IID_IDaaS user group,OU=IID_Groups,DC=example,DC=jp'
iid:
scim:
http:
proxy:
use: true
address: proxy.example.jp
port: 8080
user: iij-taro
attribute:
user:
default:
emails:
- primary: true
entitlements:
- primary: false
type: cip_email
- primary: false
type: cip_oid
- primary: false
type: cip_sid
- primary: false
type: cip_upn
ad_bind:
externalId: userPrincipalName
userName: userPrincipalName
active:
- userAccountControl
- accountExpires
emails:
- value: mail
entitlements:
- value: mail
- value: objectGUID
- value: objectSid
- value: userPrincipalName
group:
ad_bind:
externalId: objectGUID
displayName: name
email: mail
secret.yml sample
ad:
ldap:
server:
password: ldap_password
iid:
scim:
token: scim_token
http:
proxy:
password: proxy_password