Online Help

SafeNet Trusted Access for Parallels Remote Application Server (RAS)

Overview

The application template provides the ability to enable single sign-on for users accessing the Parallels Remote Application Server (RAS) application through SafeNet Trusted Access.

The following use cases can be configured for Parallels RAS:

SP-initiated SSO

IdP-initiated SSO

Single Logout

Configuring SafeNet Trusted Access for Parallels RAS is a three-step process:

1.Parallels RAS setup

2.SafeNet Trusted Access setup

3.Verify authentication

Parallels RAS Setup

As a prerequisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking the Download metadata file button. You will need this metadata URL in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your identity provider in Parallels RAS:

1.Log in to Parallels RAS as an administrator using the https://workspaceus.parallelsras.net/ URL.

2.On the Parallels RAS dashboard, double-click the Parallels Remote Application icon.

3.If prompted, please enter your login credentials and click Connect.

4.If a notification to update an agent is received, click No.

5.On the Parallels Remote Application Server Console, in the left pane, click Connection.

6.In the right pane, click the SAML tab, and click on the + icon.

7.Add Identity Provider window is displayed. Perform the following steps:

a.In the Name field, enter a name (for example, SafenetIDP) for identification.

b.In the Use with Theme field, select a theme that you have configured for the IdP.

c.Select the Import IdP metadata from file option and click on the icon to search and select the IdP metadata that you downloaded earlier from the SafeNet Trusted Access console.

d.Click Next.

8.Click Finish.

9.Double-click on the the Identity provider (for example, SafenetIDP) that your created in step 7.

10.On the Add Identity Provider window, click on the SP tab, and perform the following steps:

a.Click on the Export SP metadata to file link. The Parallels RAS metadata will be automatically downloaded, save it on your local machine with the .xml extension (for example, metadata.xml).

b.In the Logon URL field, click to copy the Logon URL that will be used while configuring Parallels RAS in Safenet Trusted Access.

11.Click the Attributes tab and perform the following steps:

a.Under Name, clear the UserPrincipalName attribute checkbox and select the Custom attribute checkbox.

b.Under SAML attribute, click on the pencil icon available before the Email attribute, and enter UPN.

c.Under AD attribute, ensure that Mail attribute is listed.

15. Click OK.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in Parallels RAS, the second step is to activate the Parallels RAS application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, the Parallels RAS application you added earlier is in the inactive state by default. To configure and activate this application, click the application (for example, Parallels RAS) and proceed to the next step.

1.Under STA Setup, click Upload Parallels RAS Metadata.

2.On the metadata upload window, click Browse to search and select the Parallels RAS metadata that you downloaded earlier in step 10 (a) of Parallels RAS Setup.

Under Account Details, the service provider metadata information is displayed.

3.Under Advanced Settings, if your application requires a unique relay state, then in the IDP INITIATED SSO RELAY STATE field, past the URL that you copied earlier in step 10 (b) of Parallels RAS Setup.

4. In rest of the fields, modify the default values as per your preferred configuration.

5.Click Save Configuration to save the details and activate the Parallels RAS application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the Parallels RAS login URL, https://workspaceus.parallelsras.net/<Identity Provider>, where <Identity Provider> is the name of identity provider (for example, SafenetIDP) that you created earlier in step 7 (a) of Parallels RAS Setup.

You will be redirected to your SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Parallels RAS portal after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click the Parallels RAS application icon. You should be successfully logged in to the Parallels RAS portal after authentication.

 

© 2019 SafeNet Trusted Access. Various trademarks are held by their respective owners.