Federation

vCloud Director and SAML Federation

I had a few issues getting vCloud Director and SAML federation playing nicely. By issues, I mean there wasn’t an explicit how-to in VMware’s doco. The big issues were group-based authentication and authenticating against a user's email address instead of their UPN. Using the following article from pablovirtualization I was able to get vCloud Director federated to an ADFS SAML endpoint. https://pablovirtualization.wordpress.com/2015/01/13/vcloud-director-and-microsoft-ad-fs-active-director-federation-service-authentication/ This allowed users to login using their UPN. That’s all well and good until you need users to log into their account using their email address which may differ from their UPN.