VMware VS4-ENT-PL-A Setup Guide - Page 89
Active Directory LDAP Server and OpenLDAP Server Identity Source Settings
View all VMware VS4-ENT-PL-A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 89 highlights
Chapter 4 Installing vCenter Server Table 4‑1. Add Identity Source Settings (Continued) Field Description User Principal Name Name of a user who can authenticate with this identity source. Use the email address format, for example, [email protected]. You can verify the User Principal Name with the Active Directory Service Interfaces Editor (ADSI Edit). Password Password for the user who is used to authenticate with this identity source, which is the user who is specified in User Principal Name. Include the domain name, for example, [email protected]. Active Directory LDAP Server and OpenLDAP Server Identity Source Settings The Active Directory as an LDAP Server identity source is available for backward compatibility. Use the Active Directory (Integrated Windows Authentication) option for a setup that requires less input. The OpenLDAP Server identity source is available for environments that use OpenLDAP. Table 4‑2. Active Directory as an LDAP Server and OpenLDAP Settings Field Description Name Base DN for users Domain name Domain alias Base DN for groups Primary Server URL Secondary server URL Username Password Name of the identity source. (Optional) Base domain name for users. FDQN of the domain, for example, example.com. Do not provide an IP address in this field. The domain's NetBIOS name. Add the NetBIOS name of the Active Directory domain as an alias of the identity source if you are using SSPI authentications. (Optional) The base domain name for groups. Primary domain controller LDAP server for the domain. Use the format ldap://hostname:port or ldaps://hostname:port. The port is typically 389 for ldap: connections and 636 for ldaps: connections. For Active Directory multi-domain controller deployments, the port is typically 3268 for ldap: connections and 3269 for ldaps: connections. A certificate that establishes trust for the LDAPS endpoint of the Active Directory server is required when you use ldaps:// in the primary or secondary LDAP URL. (Optional) Address of a secondary domain controller LDAP server that is used for failover. ID of a user in the domain who has a minimum of readonly access to Base DN for users and groups. Password of the user who is specified by Username. Assign Permissions in the vSphere Web Client After you create users and groups and define roles, you must assign the users and groups and their roles to the relevant inventory objects. You can assign the same permissions at one time on multiple objects by moving the objects to a folder and setting the permissions on the folder. Prerequisites Permissions.Modify permission on the parent object of the object whose permissions you want to modify. VMware, Inc. 89