Setup vCenter Server Appliance (VCSA) 5.1 with SSO Active Directory
- Install VCSA (assume IP is fixed IP of 192.168.1.2)
- Assume your MS Domain Controller has enable LDAP.
- Create a new AD user for the LDAP query. e.g. vcenter@mydomain.com
- Enter web client: https://192.168.1.2:9443/vsphere-client
- click the Home button to go to VCSA if you are not at home yet.
- At the left navigation bar, click "Administration"
- At the left navigation bar, click "Configuration" under Sign-On and Discovery"
- click the "+" plus sign to add a new domain
- enter your domain name in Name.
- enter "ldap://mydc.mydomain.com" at Primary URL
- enter domain name: mydomain.com
- [Important]enter alias: mydomain (should be equal to your NetBIOS name)
- Alias cannot be changed after saved. If you haven't enter, just delete the entry and reenter.
- select "Password" in Authentication Type
- enter username and password
- click Test Connection to test the Primary URL, username and password.
- You should see a successful message
- Press "OK" to save the setting
- Please wait for about half minute for the server to verify the setting. If there is any error in the parameter, message will be prompted.
- To further filter out unnecessary users, we can allow only IT people to user vCenter :
- enter "base DN for groups" in X.400 format according to your situation. Here's mine: "ou=it team, ou=Management, ou=staff, ou=users, ou=mydomain, dc=mydomain,dc=com"
Reference (VCSA connection troubeshooting on VMWare KB)
Comments