The VMware Adapter for SAP Landscape Management creates a separate authentication realm to connect the SAP Landscape Management and the vSphere infrastructure. By default, this realm is not tied to the vSphere SSO service or other external authentication services but uses its own authentication mechanism, local to the VLA. To configure central authentication services please contact our support team for assistance.

The user you create in the next steps will be used to connect the SAP Landscape Management to the VLA and to authenticate to the VLA appliance’s web user interface. Only one VLA Service user can exist per appliance. If you reset the VLA Service user and password, you will have to update the virtualization adapter configuration in SAP Landscape Management.

The VLA Service password must be greater than 8 characters and contain a letter, number and symbol.

To set the LaMa Service user and password:

Procedure

  1. Connect to the VLA either via console window or SSH session.
  2. First login only: you will be requested to change the temporary console user password used during upload. This is a security measure to keep your production passwords safe. The new password length must be at least 8 characters and the password itself has to contain a digit, an upper case character, a lower case character, and a special symbol.
  3. After logging into the appliance, the first step is to gain administrative access. On the command line execute the sudo command to get administrative access. When password is requested, enter the console user password that was provided during the VLA deployment (See Deploy VLA)

    sudo -s

  4. Type the following command to create the VLA Service user:

    vla_user -S LOCAL_USER –a vla-server -u <vla-service-user-name>

    where <vla-service-user-name> is the name of the user you wish to create for the VLA server.

    For example:

    # vla_user -S LOCAL_USER –a vla-server –u vla

    Note: The Tomcat server for the VLA Appliance also uses this user to authenticate access to the VLA REST API used by the VLA Adapter running in the LaMa system.
  5. When prompted, enter the password. You are required to enter the password twice.
  6. Open a new browser window or tab.
  7. Type the URL of the VLA Server Dashboard on the Tomcat instance

    https://<vla_hostname_or_IP>:8443/vla/dashboard, where <vla_hostname_or IP> is the FQDN of the VLA or its IP address — for example:

    https://vla-host:8443/vla/dashboard

  8. If there is a prompt with a certificate warning, check certificates and accept/add them if they are okay. A few examples can be found in Add Trusted Certificates in a Browser, for more information, please read the browser documentation and policy.
  9. You are required to authenticate. Enter the VLA Service username and password combination that use used in step 3. The browser displays a page similar to the following:
    Figure 1. VLA Server Dashboard
  10. Do not close the window for the dashboard. It displays the status and some basic statistics of the VMware VLA service which you use to confirm the health of the VLA service in later steps.
  11. Validate that the secure datastore is created and that the service can access it by entering the following command:

    vla_credentials -l

    The command should complete without error and show no entries in the database.

What to do next

In the next set of steps, you connect the VLA Service to the VMware vRealize Orchestrator and vCenter Server.