Workspace ONE and Azure AD: Part 1

Opening Often times when working with customers, I get the impression that there is a strong sense of confusion when discussing the integration of a platform such as Microsoft 365 with 3rd party ecosystems. After all, an investment in M365 comes with many features and functions, so where do platforms like Workspace ONE fit in? My friends, welcome to my day job and one true passion in life. Remember the saying, “do what you love and you’ll never work a day in your life.” This mini-series is aimed at breaking down the often encountered silos so that you can articulate and deliver a best-in-class end user experience using the analogous functions from two best-in-class platforms: Workspace ONE and Azure AD. We’ll briefly cover the major use cases of stitching these two ecosystems together, and why this fabric is critical to adoption and value realization. Note to reader: The scope of this mini-series will be limited to what you are capable of doing with these platforms today. The partnership announcement will most certainly have a positive impact on the below, and […]

#HomeLab Networking

Preamble I mentioned in my inaugural post that attempting to cover the network design for the #homelab in one post wasn’t going to cut it. Alas, here we are; I’ve successfully migrated to NSX-T 2.4 Policy Manager (the Corfu structure) and made a few tweaks to the underlay, so it’s time to dive deep. Be prepared, this is a lengthy post and stands to evidence my previous statement about “being sensitive to security architecture”. I don’t claim to be a networking expert, and much of what I’ve picked up outside of NSX has been self taught using the wonderful #homelab. Overview Truer words have never been spoken than the image above. What started in the beginning as one layer 2 boundary has now become various layer 3 zones all peered over a mix of eBGP and iBGP. Before I go into the gory details of rails, uplinks and overlays, a quick view at what we’re building up to: The top half of this view shows physical uplinks and VLAN rails within the physical boundaries, while the lower half shows the […]

#VMworld 2019

EDIT [8/9/19]: See https://blogs.vmware.com/euc/2019/08/vmworld-workspace-one.html for ‘Can’t Miss’ sessions to register for! It’s that time of year again; #VMworld 2019 is less than 3 weeks away, but the content catalog is live for you to book your conference schedule. A few sessions you might be interested in checking out: Workspace ONE and Azure AD Integration: Deep Dive from the Trenches [DEE2023BU] – Ryan Costello and I will dive deep on how to deliver a rich end-user experience with your investments in Workspace ONE and Azure AD/Office 365. This is 300 level configuration with live demos, so bring your tablets and notebooks! If you’re a fan of my recent post on the WS1 UEM SCIM Adapter fling, come checkout Joe and I give a LIVE DEMO in the Solution Exchange on Wednesday from 10:00AM-12:30PM PST, booth #949. Look for the “Innovation Accelerating Transformation” headline above the kiosks. Sneak peek! Stay tuned here for information on an additional session not yet posted. Session #1 is almost full, so hurry and schedule today! Look forward to seeing you in San Francisco!

WS1 UEM SCIM Adapter

Today is an exciting day. It’s my first experience developing a VMware Fling, and it’s is the GA release of what Joe Rainone and I put hours of laborious love into. Identity is not only our day job, but also an area that we are both very passionate about. Our belief is that this Fling, while unsupported, answers a question that many of our customers ask when designing production Workspace ONE deployments. Take a look, play around, and please provide feedback here! What is the Fling about? The SCIM protocol is quickly modeling after what SAML brought to identity management almost 15 years ago: a common way to establish resource identity in a service-to-service architecture. Gone are the days where LDAP and Active Directory are the primary systems of record. This concept is particularly enhanced as EUC platforms like Microsoft Azure, VMware Workspace ONE, and others provide native directory services while maintaining a common identity among themselves and their relying parties. Furthermore, the burden of maintaining ‘connector’-like infrastructure for the sole purpose of identity synchronization not only diminishes the value […]

My #HomeLab

Preamble The time has finally come for an inaugural VP blog post, and what better way to kick this off than covering the #homelab? This quintessential tool has been the topic of many conversations (go checkout thevpad.com if that isn’t already obvious) and is, in my opinion, table stakes to a successful career in this industry. I started out with a humble 2 node ROBO vSAN cluster on whitebox chassis. Growing pains led me to what I have today, but rest assured that everyone has a starting point and there’s no shame in that fact. Consider yourself “ahead of the crowd” just by taking the first step; initiative and persistence are key to mastering this industry. Some believe that this tool should be subsidized; I fundamentally disagree. Your career requires constant maintenance and investment in order to provide fruits of your labor. If you have arrived at this post, I assume you concur. Enough of the opinion column, let’s jump into the real reason why you are. Overview Covering the #homelab build in one post isn’t going to cut it. […]