Horizon SAML Health Test

SAML provides Single Sign-On (SSO) and identity federation within an Omnissa Horizon Cluster/Pod. By integrating with SAML-based identity providers, Horizon enables users to authenticate once and access virtual desktops and applications seamlessly. Proper configuration of both the SAML IdP and Horizon connection servers is essential to ensure smooth and secure authentication experience. If the SAML IdP is error prone, then, user authentication may fail. If the issue persists, then users may be frustrated and the user experience may degrade drastically. Therefore, it is necessary to keep track on the configuration of SAML IdP in the target Omnissa Horizon Cluster/Pod environment round the clock. The Horizon SAML Health test helps administrators perform this check.

This test auto-discovers the SAML IdPs configured on the target Omnissa Horizon Cluster/Pod and for each SAML IdP, reports the current status and also reports whether/not the thumbprint of its SSL certificate is accepted. Using this test, administrators can identify error-prone SAML IdP s with ease.

Target of the test : An Omnissa Horizon Cluster/Pod

Agent deploying the test : A remote agent

Outputs of the test : One set of results for each SAML IdP:Omnissa Horizon Connection Server configured on the Omnissa Horizon Cluster/Pod being monitored

Configurable parameters for the test
Parameter	Description
Test Period	How often should the test be executed.
Host	The host for which the test is to be configured.
Port	Refers to the port used by the target Omnissa Horizon Cluster/Pod. By default, this is set to NULL.
Connection Server Name	By default, this test connects to every Horizon Connection Server configured in the Omnissa Horizon Cluster/Pod remotely and collects the required metrics. For this, it is necessary to specify valid credentials of the Horizon Connection Servers. To help administrators provide these credentials quickly and easily, the eG administrative interface embeds a special configuration page. To access this page, simply click on the encircled '+' icon that appears alongside this parameter in the test configuration page. To know how to use this special page, refer to Configuring the Omnissa Horizon Connection Servers for Monitoring.
User Name, Password and Confirm Password	By default, this test uses Omnissa Restful APIs to collect the required metrics from the target Omnissa Horizon Cluster/Pod. For this, the eG agent should be configured with read-only user privileges that will allow the agent to communicate with the Horizon Connection Server in a particular domain and extract statistics. Therefore, specify the credentials of the user who is authorized to access the Horizon Connection Server against the User Name, Password and Confirm Password text boxes.
Domain Name	Specify the name of the domain to which the Horizon Connection Server belongs to.
DD Frequency	Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD Frequency.
Detailed Diagnosis	To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled: The eG manager license should allow the detailed diagnosis capability Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.

Measurements made by the test

Measurement

Description

Measurement Unit

Interpretation

Status

Indicates the current status of this SAML IdP connected to the Omnissa Horizon Connection server.

The values that this measure can take and its corresponding numeric values are discussed in the table below:

Measure Value	Numeric Value
Ok	1
Warning	2
Error	3
Unknown	4

Note:

By default, this measure reports the above-mentioned Measure Values to indicate the current status of each SAML IdP. However, the graph of this measure will represent the same using the numeric equivalents only i.e., 1 to 4.

The detailed diagnosis of this measure lists the Metadata URL, Administrator URL and error message of the SAML IdP.

Is thumbprint accepted?

Indicates whether/not the thumbprint is accepted by this SAML IdP.

The values that this measure can take and its corresponding numeric values are discussed in the table below:

Measure Value	Numeric Value
Yes	1
No	0

Note:

By default, this measure reports the above-mentioned Measure Values to indicate whether/not the thumbprint is accepted by this SAML IdP. However, the graph of this measure will represent the same using the numeric equivalents only i.e., 0 or 1.