Well, this procedure is in the documentation, but I put it here so I can access it more quickly.
You need to do this when you have to use SmartCard or Certificate through UAG as an example.
Procedure
- Start the ADSI Edit utility on your Connection Server host.
- In the console tree, select Connect to.
- In the Select or type a Distinguished Name or Naming Context text box, type the distinguished name DC=vdi, DC=vmware, DC=int.
- In the Computer pane, select or type localhost:389 or the fully qualified domain name (FQDN) of the Connection Server host followed by port 389.For example: localhost:389 or mycomputer.example.com:389
- Expand the ADSI Edit tree, expand OU=Properties, select OU=Global, and double-click CN=Common in the right pane.
- In the Properties dialog box, edit the pae-NameValuePair attribute to add the following values:.
- cs-samlencryptionkeyvaliditydays=number-of-days
- cs-samlsigningkeyvaliditydays=number-of-days
In this example, number-of-days is the number of days that can elapse before a remote Connection Server stops accepting SAML assertions. After this period of time, the process of exchanging SAML metadata must be repeated
Recent Comments