We used the following ones,
Summary:-
Identity provider:- AD only. ADFS is not required. We just need to create users in AD with email I’d.
Service provider;- vcloud director 9.5.0
DAG;- This is linux Duo access gateway enables two factor authentication. Here authentication source has been set as AD.By default, it will provide xml file, we just need to download this xml file and need import in vcloud director saml federation. Also you need to import JSON file here(This will be taken from duo admin console)
Duo admin console;-we need to create a new service provider in which service provider name,SAML entity name,ACS, SSO login, logout should be defined. Here in the DUO admin console,the saml response mentioned as "Email Address". After providing this information, you need to save the service provider configuration also you can get JSON file.
Note:-
vCloud director provider portal and tenant portal customization:-
As you are aware,there are two portals available for both provider and tenant(flash and HTML).
VCD provider portal:- No much options customized yet(for VCD 9.5.0 SP) from provider portal(HTML)"https://VCD url/provider" but still can able to change the SAML entity id using HTML.At the same time,there is no option available to change the SAML entity id using Flash.
In AD user properties, we need to set the email I’d and also in vcloud director user section(import SAML users), we need to import user with the given email id(Saml) as “rr@example.com”.
This setup will work very well.
Happy learning!
Cheers,
Manivel RR