Whenever we installed a new vCenter the activity always included integration with Active Directory and normally IWA (Integrated Windows Authentication) was used. Since vSphere 7.0 version this possibility has been deprecated so it is good to start with the integration of the vCenter with Active Directory via LDAP. In our case, we will use LDAPS which uses a certificate
For first the step we need to create the certificate:
Copy the certificate output with —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–
Past on Notepad and save with .crt extension
Now we will go to configure the Identity Sources on vCenter:
Login as Single Sign-On Administrator to vCenter
Navigate to Menu > Administration > Single Sign-On > Configuration
In the Identity Provider tab, open Identity Sources
Click ADD
Select Active Directory over LDAP or OpenLDAP, depending on your directory type.
Fill out the remaining fields as follows: Identity Source Name: Label Base DN for users: The Distinguished Name (DN) of the starting point for directory server searches. Example: “DC=pollaio,DC=lan”. Base DN for groups: The Distinguished Name (DN) of the starting point for directory server searches. Domain name: Your domain name. Example: “pollaio.lan” Domain alias: Your NetBIOS name. Example: “pollaio.lan” Username: Domain user with at least browse privileges. Example: “pollaio\administrator”. Connect to: “ldaps://<DC FQDN>”.
Click Browse next to SSL Certificate
Select the .cer file created in before step
If you want check the correct use of SSL certificate on the authentication to Active Directory with LDAP connection check the websso.log:
VMware has had a product for a while now called VMware Skyline that provides proactive monitoring, analysis, and support for your VMware environment. It monitors your VMware installation and will notify you when issues arise.
Skyline Advisor will be available to customers and partners with active Production and Premier Support, VMware Success 360 and vRealize Cloud Universal subscriptions at no additional cost.
Create a Cloud Services Organization
Login with My VMware account associate to Production and Premier Support on the site:
After clicking Get Started, a new web browser page, or tab, will open. You will be asked to sign-in
with your VMware account. If you have an existing My VMware account, you can use those same
account details (email address/password) to sign in to Cloud Services.
If you are existing VMware Cloud Services customer, you can choose an existing Cloud Services
Organization for Skyline. If you have never used VMware Cloud Services, click Create New
Organization.
Enter a Organization Name.
Name your Organization something meaningful, that can be easily
referenced by both you, and VMware. For example, name your Organization after you Company, or
Business name. You can also append a line-of-business, division, or team, to the end of your
Company or Business name.
The following are example Organization Names:
The company, LOB, Company LOB, Company-vSphere, Company-Desktop
Enter an Address for your Organization.
Click Add Address. You can also choose an existing
address if one was found for your account. If you choose an existing address, skip to substep f.
During the creation of your Cloud Services Organization, your country currency, and Tax ID, may be
displayed. The displaying of this information is a construct of Cloud Services. Skyline is available at
no additional cost, and you will not be required to enter any payment details while adopting Skyline.
Select a Country from the drop-down menu.
Enter your street address on Address Line 1, and Address Line 2 (optional).
Enter your City.
Enter your State/Province.
Enter your Zip/Postal Code.
Review the Cloud Services Terms of Service. Click the checkbox to agree to the Terms of Service.
Click Continue.
Now on service, we have Skyline Advisor, click on this service
Link the Entitlement
Now, after clicking on LINK, we have the correct status LINKED
Copy and paste the token on Skyline Connect and register it.
Add source Data to Skyline Advisor
After complete the step 5 and 6 (I suggest to enable the auto-upgrade), we can access to skyline collector to configure the connection to vCenter (or multiple vCenter)
With the release of VMware vSphere 7 Update 3, this also means there is a new version of vSAN as well. VMware vSAN has been trailblazing in the world of HCI for several years now and with over 30,000 customers and many releases behind it, the solution has certainly grown, matured, and become […]