Setup vCenter Server Appliance (VCSA) 5.1 with SSO Active Directory


  1. Install VCSA (assume IP is fixed IP of 192.168.1.2)
  2. Assume your MS Domain Controller has enable LDAP.
  3. Create a new AD user for the LDAP query.  e.g. vcenter@mydomain.com
  4. Enter web client: https://192.168.1.2:9443/vsphere-client
  5. click the Home button to go to VCSA if you are not at home yet.
  6. At the left navigation bar, click "Administration"
  7. At the left navigation bar, click "Configuration" under Sign-On and Discovery"
  8. click the "+" plus sign to add a new domain
  9. enter your domain name in Name.
  10. enter "ldap://mydc.mydomain.com" at Primary URL
  11. enter domain name: mydomain.com
  12. [Important]enter alias: mydomain (should be equal to your NetBIOS name)
    1. Alias cannot be changed after saved.  If you haven't enter, just delete the entry and reenter.
  13. select "Password" in Authentication Type
  14. enter username and password
  15. click Test Connection to test the Primary URL, username and password.
  16. You should see a successful message
  17. Press "OK" to save the setting
  18. Please wait for about half minute for the server to verify the setting.  If there is any error in the parameter, message will be prompted.

  1. To further filter out unnecessary users, we can allow only IT people to user vCenter :
    1. enter "base DN for groups" in X.400 format according to your situation.  Here's mine: "ou=it team, ou=Management, ou=staff, ou=users, ou=mydomain, dc=mydomain,dc=com"

Reference 1 (SSO setup)
Reference 2 (VCSA installation)

Reference (VCSA connection troubeshooting on VMWare KB)

Comments

Popular Posts