Mappings

With Thinfinity® Workspace, you are able to configure various authentication methods to login securely to a single platform and to also provide granularity by segregating permissions with users/profiles.

In the Mappings sub-tab of the Thinfinity Workspace Configuration Manager's Authentication tab, you will link your authentication users to either Local Windows or Active Directory users or groups. This way, you tell Thinfinity® Workspace that users that authenticate with any given authentication method can in fact login and are going to be shown certain profiles they are linked with, and you have configured in advance.

The Mappings tab can be organized in two different ways. By pressing the Switch base button, you select whether you want to see a list of Remote Usernames ID Mask above, that you will map with the Associated User(s)/Group(s) Access below; or a list of Associated User(s)/Group(s) Access that you will map with the Remote Usernames ID Mask list below. This is solely for convenience and doesn't change the way it works, only the way it is shown. 

You might want to think that a certain authentication username has several Local or Active Directory groups that it's associated with and thus choose to see the remote users above. Or you might prefer to see, for example, a list of Active Directory users and link each of them with several remote users ID Mask. Switching the base doesn't change the users and their mapping.

How to Map Users Using Thinfinity Configuration Manager

In this example, you can review how to map a Google user (OAuth) authentication method to a Local/Domain Windows User. This assumes you already have the authentication method configured in your environment. For more information on this check our documentation. 

1. Open Thinfinity Configuration Manager on your Primary Broker: Go to the Authentication tab/Mappings tab and click on Add.

1. Associated Permissions: Here you can Add/Search and Remove a Local or Domain Windows user and associate it with the Remote user’s ID Mask that you configured above. This will tell Workspace which permissions are set for a given authenticated user, and show the profiles accordingly. Normally you would assign each ID Mask its own user, but in certain scenarios you might see a different scheme.
   
2. Credentials: In this tab, you can store valid Local or Domain Windows user credentials to be used whenever you connect to a profile that has the “Use Authenticated Credentials” option enabled.