How to configure JumpCloud + SAML for your Thinfinity RDP Server

This is a quick tutorial to integrate and configure JumpCloud with SAML for your Thinfinity Remote Workspace (insert link) deployment.

1) Enter your Jumpcloud MTP dashboard and enter the ‘Organizations’ tab on top and click ‘Launch’ in your organization below to enter the MTP portal.
Then, on the side panel, click on “SSO” and the plus icon afterward.

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 01

 

Click on “Create custom App” button:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 02

 

Create a Label for your app login:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 03

 

Click on SSO tab, and you will be able to set the SAML parameters:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 04


IDP Entity ID : https://sso.jumpcloud.com/saml2/saml2

 

  • SP Entity ID : https://MyThinfinityIP:[Port]/

ACS URL : https://MyThinfinityIP:[Port]/SAMLAssertionConsumerService


You can also customize the IDP url further below in that same screen, make sure you set the same URL in IDP Entity ID if you choose to do so:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 05

 

Click ‘Activate’ afterward.
2) In your ‘Thinfinity Workspace/VirtualUI’ manager, go to the ‘Authentication’ tab and add a SAML authentication method:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 06

 

You will need to fill the fields with the information matching the settings we set previously in Jumpcloud, remember the ‘Service Certificate File’ is created automatically in the route you choose (In our case “C:\temp\sp.pfx) and the ‘Partner Certificate File’ we need to download from the SAML provider, Jumpcloud in this case. 

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 07

 

3) Back in your Jumpcloud portal, go to SSO in the side panel and click your, now created, ‘App login’:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 08

 

Click on SSO and on the left panel you will be able to download the previously mentioned ‘Partner Certificate’:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 09

 

Make sure to save it and then declare it properly in your ‘Thinfinity Workspace/VirtualUI’ Manager:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 10

 

Now we need to create the user(s) in Jumpcloud that are able to access the app, go to ‘Users Group’ and click the + button:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 11

 

Create a user group with any name you wish, then go to the ‘Users’ tab and add whichever users you want to the group:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 12

 

Now, click the ‘Applications’ tab and select the ‘App’ access we just created to link it to the user group:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 13

 

5) Back on the ‘Thinfinity Workspace/VirtualUI’ Manager, click on the ‘Mappings’ tab, and press the first ‘Add’:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 14

 

The ‘Authentication ID Mask’ must match the user sent from JumpCloud, for example:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 15

 

Click ‘Ok’. You should now see the user in the ‘Authentication ID Mask’ list. Below, you’ll find different examples of how you can integrate it:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 16

 

Click on the user you added, and press on the second ‘Add’. The ‘Select Users or Group’ window will be displayed.

Here, you will map the ‘External’ user (the JumpCloud credentials) to an ‘Internal’ user (Windows user) , so that Thinfinity can specify which ‘Access Profile’ will be displayed to each ‘external’ user. (‘Permissions’ tab in the ‘Access Profile Editor’):

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 17

 

Click ‘Apply’.


6) Navigate to the Thinfinity URL, and you should see the new authentication method:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 18

 

If JumpCloud SAML is the only authentication method, then Thinfinity will redirect you directly to the JumpCloud login page:

 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 19

 

Have any questions?

Book a call today to learn more about how Thinfinity can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

Recent posts

Leave a comment

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.