vCD 5.1.X series – user and access mgmt

On a first place or one of the first you should register vCloud director to vCenter SSO and to central user directory such as OpenLDAP or Active Directory.

Registering vCloud Director in Single Sign-On
  • Log in to vCloud director as Administrator
  • Go to Administration –> system settings –>Federation –> Register
  • Type required information:
    • Lookup Service url
    • SSO admin User Name: admin@system-Domain
    • SSO admin password – the one which was set during SSO installation
    • vCloud director URL
registering into SSO

registering into SSO

[box type=”info”] NOTE: if you marked Use vSphere Single SignOn, before use SSO users you have to configure vCD to use SAML.[/box]

Connecting vCloud Director to Active Directory

To make user management easier you can connect vCloud director to LDAP server such as OpenLDAP or Active Directory.

  • Log in to vCloud Director as Administrator
  • Administration –> system settings –> LDAP

[box type=”info”] NOTE: I will configure connection over 389 port, if you want to use SSL and Kerberos authentication refer to VMware vCloud Director documentation.[/box]

  • Type the host name or IP for LDAP server – in this example will be AD domain controller
  • Type the port number – For LDAP, the default port number is 389. For LDAP over SSL (LDAPS), the default port number is 636
  • Type the base distinguished name (DN) – in my example is DC=lab,DC=local which refer to lab.local domain
  • Choose authentication method – Simple
  • Type a user name and password to connect to the LDAP server. Type the full LDAP DN:

CN=vCAC app user,CN=Users,DC=lab,DC=local

configure connection to LDAP

configure connection to LDAP

  • Apply and test connectivity to LDAP server
Test connection to LDAP server

Test connection to LDAP server

Add LDAP users or groups to vCloud Director
  • Log in to vCloud Director as Administrator
  • Administration –> system administrator and roles –> Users or groups –> Import Users
  • choose source – LDAP and type user or groups name –> click on ADD button

 

add LDAP user to vCD

add LDAP user to vCD

User or group will appear on summary page for selected objects

 

Artur Krzywdzinski

Artur is Consulting Architect at Nutanix. He has been using, designing and deploying VMware based solutions since 2005 and Microsoft since 2012. He specialize in designing and implementing private and hybrid cloud solution based on VMware and Microsoft software stacks, datacenter migrations and transformation, disaster avoidance. Artur has been in IT industry since 1999 and consulting since 2008. Artur holds VMware Certified Design Expert certification (VCDX #077).