You must have the following to set up IWA:
An Active Directory server.
A DNS server for the DNS domain of Active Directory.
For information about setting up the DNS server, see Planning for and Administering Avaya Workplace Client for Android, iOS, Mac, and Windows.
A Windows client on the Active Directory domain.
An Avaya Aura® Web Gateway server that is resolvable by the DNS.
A domain user that is mapped to the Service Principal Name (SPN) of the Avaya Aura® Web Gateway server.
Domain users for all individual users.
The sAMAccountName attribute must match the user name part of the userPrincipalName attribute.
For example, if the sAMAccountName is jdoe, then the userPrincipalName must use the following format: jdoe@<domain.name>.
To log in to a computer, the user must enter the user name part of the userPrincipalName configured for that user. The domain must also match the domain part of that user userPrincipalName. The user login name format is <domain>\<user name>.
For example, if the user has the jdoe@avaya.com
userPrincipalName, where avaya
is the domain and jdoe
is the user name; then the user logs in to a computer using the avaya\jdoe
account.
Important:
Do not change the userPrincipalName attribute configured for the user. If you change the userPrincipalName after IWA is configured, IWA will not work.
The Active Directory, Windows client, and Avaya Aura® Web Gateway server must resolve each other FQDNs. However, they do not need to use the same DNS server or belong to the same zone.
