Information Technology Reference
In-Depth Information
at the same time. This is especially helpful in situations with split operational roles as in out-
sourced IT environments. Adding the local OS is very similar to adding Active Directory; how-
ever, you may i nd that it's already coni gured by the SSO installer. In the event that you need to
coni gure it manually, simply follow these steps:
1.
Log on to the vCenter Web Client as the SSO administrator. Unless you have created
another account, the username is
administrator@vsphere.local.
2.
Click Administration in the Navigator pane.
3.
Under the Single Sign-On section, click Coni guration.
4.
Select the middle tab, labeled Identity Sources.
5.
Click the green plus icon to add a new identity source.
6.
Select the Local OS radio button.
7.
Type in a name for this identity source and click OK.
As we already mentioned, the local OS identity source is added by default as part of the SSO
installation. This source can be removed in the Identity Sources tab. Simply highlight the source
and click the red cross icon to delete it. The only identity source you cannot delete (or edit) is the
vsphere.local (or SSO built-in) source.
In the next section, we'll cover how to coni gure the vCenter Server virtual appliance for use
with Active Directory.
Configuring the vCenter Server Virtual Appliance for Active
Directory
Two steps are required to leverage Active Directory with the Linux-based vCenter Server virtual
appliance:
1.
Enable Active Directory integration on the virtual appliance itself.
2.
Add appropriate permissions to the vCenter Server hierarchy to allow Active Directory
accounts to log in and manage the inventory objects.
Let's look at each of these steps.
Enabling Active Directory Integration on the Virtual Appliance
To enable the Active Directory integration of the virtual appliance, use the management inter-
face of the virtual appliance. The vCenter Server virtual appliance offers a web-based manage-
ment interface accessible on port 5480 of the IP address assigned to the virtual appliance. For
example, if you assigned the IP address 10.1.1.100 to the virtual appliance, you could access
the web-based management interface at
https://10.1.1.100:5480.
At this point, you'll be
prompted to log into the virtual appliance. The default login credentials are username root and
password vmware.
Perform these steps to enable Active Directory integration after you've logged into the man-
agement interface:
1.
From the main web-based management screen, click the Authentication tab.
2.
Select Active Directory.
