![How to remove office 365 account from windows 10 registry](https://cdn2.cdnme.se/5447227/9-3/18_64e61dfc9606ee7f722fb462.png)
![vmware horizon view 8 vmware horizon view 8](https://www.vmadmin.co.uk/images/stories/vmadmin/ViewHTMLAccess/4.jpg)
![vmware horizon view 8 vmware horizon view 8](https://geoscripting-wur.github.io/Intro2Linux/figs/vmware-horizon-config.png)
In the Setup Type page, select Enterprise CA.After role installation, click the flag icon and then click the link to Configure Active Directory Certificate Services.
![vmware horizon view 8 vmware horizon view 8](https://www.storagereview.com/wp-content/uploads/2020/08/StorageReview-VMware-Horizon-8.jpg)
The Microsoft Certificate Authority must be an Enterprise CA. The only Role Service needed for True SSO is Certification Authority.Select Active Directory Certificate Services.Install Microsoft Certificate Authority from Server Manager > Manage > Add Roles and Features.If you have two Enrollment Servers, then install Microsoft Certificate Authority on both of the servers. Or you can install Microsoft Certificate Authority on the Horizon Enrollment Servers. Horizon Enrollment Servers can use a Microsoft Certificate Authority that already exists. If the user locks the desktop then the user will need to know the local Active Directory password to unlock it.After sign-in, the browser will then prompt the user to open VMware Horizon Client.If the user is already signed in then the user won’t see any sign-in prompt. It opens the default browser and prompts the user to sign into your SAML Identity Provider.When you use Horizon Client to connect to a UAG that is SAML-enabled: For High Availability you can build two Horizon Enrollment Servers.The Horizon Enrollment Server software must be installed on standalone servers (no other Horizon components).This is an identity operation and thus the Horizon Enrollment Servers should be treated like Domain Controllers. Horizon Enrollment Servers ask Microsoft Certificate Authority servers to generate the SSO certificates for each user. To eliminate the second logon on the Horizon Agent machine, implement True SSO, which generates certificates for each user and then uses those certificates to automatically sign into the Horizon Agent machine.This usually means the user has to login twice. SAML does not provide the user’s password to Horizon, which means that Horizon cannot perform single sign-on to the Horizon Agent machine and thus the Horizon Agent machine will prompt the user to login again.For Windows 10 version 2004, deploy Horizon 2103 (8.2) or newer.
![vmware horizon view 8 vmware horizon view 8](https://techzone.vmware.com/sites/default/files/imported-images/node_3171_0105-152031/Quick-Start-Tutorial-for-VMware-Horizon-8-Jan2021-FINAL/Quick-Start-Tutorial-for-VMware-Horizon-8-Jan2021-FINAL.034.png)
To configure SAML on Unified Access Gateway (UAG), you must have the following versions:
![How to remove office 365 account from windows 10 registry](https://cdn2.cdnme.se/5447227/9-3/18_64e61dfc9606ee7f722fb462.png)