How to setup Google SSO without using webStore or SAML
Problem: You do not want to deploy Google Apps SSO with SAML or using webStore tiles. The below solution will show how to manually make SSO definitions, so you can change the default input values to LDAP attributes or allow you to have tiles outside the webStore/MyTiles.
Prerequisite(s):
- Unified Workspace version 6.4.5.13 or higher
- webPass installed in Chrome/IE/Firefox
- General knowledge of creating link, lockbox and form objects
- Make sure to delete any My Tiles Google tiles
Solution(s): Manually create links, lockboxes and webPass forms. There are two forms because there are two different login pages for Google - 1. For someone who has never logged into Google or 2. For anyone who has logged in before it will show a list of users that have logged in before. Since the login pages for all Google Services is relatively the same, we use a wildcard .* so we only need 2 SSO forms for all tiles.
If you are not using LDAP attributes, then create Google Apps lockboxes:
- Go to webAdmin then Applications Admin
- Create a Google User ID lockbox
- Create a Google Password lockbox
Create Google Drive link:
- Go to webAdmin then Link-Menu Admin
- Create a new link under your desired menu
- Standard URL = https://drive.google.com/ (or equivalent Google service)
- Enter URL of image on Options tab - /images/appselector/Lenovo_GoogleDrive150x150.png
- Disable the webPass Credential Prompt on the Options tab
- Disable Cleanup Window on the Options tab
Create Google Sign-in form (default):
- Go to webAdmin then Application Admin
- Create a new form object
- Form Type as "webPass"
- Login URL = https://drive.google.com/ (or equivalent Google service)
- Trigger URL = https://accounts.google.com/signin.*
- Login Page Launch = Enabled
- Form Identifier = 0
- Enter 2 form inputs called "identifier" and "password", which should equal the lockbox or LDAP attributes
- Enter Script
- function pageOne(){ document.getElementById("identifierId").value = "@@enc:REPLACE ME@@"; document.getElementById("identifierNext").click();}
- function pageTwo(){ document.getElementsByName("password")[0].value = "@@enc:REPLACE ME@@"; document.getElementById("passwordNext").click();}
- if(document.getElementById("identifierNext")){ pageOne();setTimeout(pageTwo, 1000);} else {setInterval(pageTwo, 1000);}
10. Assign users
11. Click Save button
Create Google Choose Account form:
- Go to webAdmin then Application Admin
- Create a new form object
- Form Type as "webPass"
- Login URL = https://drive.google.com/ (or equivalent Google service)
- Trigger URL = https://accounts.google.com/Service.*
- Login Page Launch = Enabled
- Form Identifier = 0
- Enter 2 form inputs called "identifier" and "password", which should equal the lockbox or LDAP attributes
- Enter Script:
- function pageTwo(){document.getElementsByName("password")[0].value = "@@enc:REPLACE ME@@";document.getElementById("passwordNext").click();} setInterval(pageTwo, 1000);
10. Assign users
11. Click Save Button
Can't find the KB
Unable to find the KB to address your issue ?
Recent Articles
Lenovo Unified Workspace End-of-Life Questions and Answers
Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...
How do I determine my Unified Workspace license expiration date?
The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...
Lenovo Unified Workspace 7.0.2.13 Released
Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...
LanSchool Documentation Guides
LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...
Lenovo Unified Workspace 7.0.1.41 Released
Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...
Related Articles
SAML SP - OneLogin
General Setup Go to OneLogin administrator page (/admin) Click on "Apps" Click "Company Apps" Click "Add App" Search for "SAML" Select "SAML Test Connector (Advanced)" Recommended to add "LUW" into Display Name Click "SAVE" button Click ...
SAML SP - Office365
General Setup Go to Azure AD (https://aad.portal.azure.com/) Click on "Enterprise applications" Click "New Application" Click "Non-gallery application" IMPORTANT - Office365 requires Azure AD and premium subscription, you may see an alternate screen ...
SSO methods explained
Rundown of SSO Methods: Server Side webPass SSO - This is only available for Virtual web Applications. Uses webPass SSO engine / wizard to build an SSO form which is passed by modifying the form information as it passes through the webNetwork ...
webStore SSO requires the webPass browser extension or use of a webAgent
In order to utilize the SSO capability of webStore tiles, the client device is required to have one of our webPass browser extensions installed, or be using one of our webAgents. The currently supported webAgents and webPass Extensions can be ...
SAML Service Provider
Issue How can I use a 3rd Party service (such as ADFS, Office365, or OneLogin) to SSO into UW? Solution The SAML Service Provider (SP) features allows another Identity Provider (IDP) to single sign-on into Unified Workspace using SAML for a seamless ...