We have a new cloud deployment of Workspace One Access and I'm having trouble connecting it to our on-prem Horizon Environment.
Things I've done:
I have added the Active Directory Ldap directory and the users do sync from the connector thats onsite.
I have added the Virtual App collection and this does Sync the View pools and assign them to users that got imported.
In the Virtual App Collection, under the network range, I modified the client access FQDN to the External DNS of the UAG.
In View, I have modified the Connection servers for the SAML provider in the Horizon Admin console and added the Workspace One IDM url (which I got from the Catalog Settings page)
It' is enabled for all Connection servers.
Now, when a user logs into Workspace, select's the View Desktop launch a pop-up appears and says "Password Request" and no matter what I put in, it rejects the username/password.
Note: Accessing a desktop from the UAG without Workspace, works fine if I disable SAML.
There are plenty of guides that cover IDM and Horizon, but I can't find any that talk about config changes I need to make on the UAG thats in front of Horizon. I'm not looking to setup content or reverse proxys.
Any hints? I have tried adding the Workspace as a SAML provider in the UAG, and also tried leaving the authentication as "passthrough". When I look at the connect server logs, I don't see any failed auth attempts so I'm guessing that the UAG is not passing it down.