Using IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop
This section describes examples of how to use IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop.
To use IIJ Virtual Desktop Service/Citrix Cloud for Azure Virtual Desktop, there is a need to synchronize the following Active Directory user attributes with the IIJ ID.
- objectGUID
- objectSid
- userPrincipalName
In this sample configuration, the above Active Directory user attributes are assigned to the entitlements attribute to synchronize with this service. In addition, a value such as "cid_mail" is assigned to type of entitlements for easier handling on IIJ ID Console.
[ Reference ]
The following configuration files are provided as reference examples. Configure actual settings in accordance with your environment.
| config.yml sample |
|---|
log: |
loglevel: info |
ad: |
ldap: |
server: |
addresses: |
- 127.0.0.1 |
user: 'CN=administrator,CN=Users,DC=example,DC=jp' |
base_dn: 'DC=example,DC=jp' |
filter: |
user: 'memberOf:1.2.840.113556.1.4.1941:=CN=IID_IDaaS user group,OU=IID_Groups,DC=example,DC=jp' |
group: 'memberOf:1.2.840.113556.1.4.1941:=CN=IID_IDaaS user group,OU=IID_Groups,DC=example,DC=jp' |
iid: |
scim: |
http: |
proxy: |
use: true |
address: proxy.example.jp |
port: 8080 |
user: iij-taro |
attribute: |
user: |
default: |
emails: |
- primary: true |
entitlements: |
- primary: false |
type: cip_email |
- primary: false |
type: cip_oid |
- primary: false |
type: cip_sid |
- primary: false |
type: cip_upn |
ad_bind: |
externalId: userPrincipalName |
userName: userPrincipalName |
active: |
- userAccountControl |
- accountExpires |
emails: |
- value: mail |
entitlements: |
- value: mail |
- value: objectGUID |
- value: objectSid |
- value: userPrincipalName |
group: |
ad_bind: |
externalId: objectGUID |
displayName: name |
email: mail |
| secret.yml sample |
|---|
ad: |
ldap: |
server: |
password: ldap_password |
iid: |
scim: |
token: scim_token |
http: |
proxy: |
password: proxy_password |