Configure and register an Active Directory domain. You can assign applications to users, computers, groups, and organizational units (OUs) using Active Directory.
- If you want to connect securely from App Volumes Manager to Active Directory using a LDAPS or LDAP over TLS connection, while also validating the certificate, you must have downloaded a CA domain certificate. See Connecting Securely to Active Directory and Configure CA Certificates in App Volumes Manager.
- You can also choose to connect securely using Secure LDAPS or LDAP over TLS without validating the certificate.
- From App Volumes Manager, go to .
- Click Register Domain.
- Enter the Active Directory information on the Register Active Directory Domain page.
Parameter Description Active Directory Domain Name A fully qualified domain name of the Active Directory domain where users and target computers are residing, for example corp.example.com.Note: When the domain name is configured to use the NETBIOS name while logging into App Volumes Manager, ensure that the NETBIOS name does not contain a period
Domain Controller Hosts (Optional)
IP address (10.98.87.67) or FQDN (dc01.corp.example.com). You can also provide the virtual IP address of a load balancer that is used as the front-end server of the domain controller. This option provides High Availability (HA) capability for connections to Active Directory.Note: Do not include any non-ASCII characters in the domain controller name.
You can add multiple domain controller hosts; use commas to separate the names of the hosts.Important: If you do not add a domain controller host, the system detects the hosts that are available and connect to the nearest domain controller.
LDAP Base (Optional)
Distinct name of the Active Directory container or organizational unit that stores required entities (if you want to limit the scope of enumeration). By default, App Volumes Manager enumerates all users, groups, OUs, and computer objects within Active Directory.
Example: OU=Engineering, DC=corp, DC=vmware, DC=com
The user name of the service account that has access to the target Active Directory domain. For example, admin-1. The user can be an administrator with read-only permissions.
The password for the service account. Ensure that domain policies do not enforce password expiration for the service account.
SecuritySelect one of the following options from the drop-down menu to configure the LDAP connection:
- Secure LDAP (LDAPS) - Select this option if you want to connect to Active Directory over SSL.
LDAP over TLS - Connect to Active Directory over LDAP using TLS. You must have installed a trusted certificate from a certificate authority.
- (Optional) Disable certificate validation (insecure) - Displayed only if you choose LDAPS or LDAP over TLS. Check the box to connect securely without validating the certificate using the root CA certificate.
LDAP (insecure) - Connect to Active Directory without using a secure connection.
Port (Optional) A port number other than the default. The default port is used if this text box is left blank.
- Click Register.