You can update and change the configuration information for a registered Active Directory.
Procedure
- From App Volumes Manager, go to CONFIGURATION > AD Domains.
A list of configured domains is displayed.
- Select a domain from the list and click Edit.
- Update the information on the Edit Active Directory Domain page.
Parameter Description Active Directory Domain Name A fully qualified domain name of the Active Directory domain where users and target computers are residing, for example corp.example.com.
Domain Controller Hosts (Optional) IP address (10.98.87.67) or FQDN (dc01.corp.example.com). You can also provide the virtual IP address of a load balancer that is used as the front-end server of the domain controller. This option provides High Availability (HA) capability for connections to Active Directory.
You can add multiple domain controller hosts; use commas to separate the names of the hosts.
Important: If you do not add a domain controller host, the system detects the hosts that are available and connect to the nearest domain controller.LDAP Base (Optional) Distinct name of the Active Directory container or organizational unit that stores required entities (if you want to limit the scope of enumeration). By default, App Volumes Manager enumerates all users, groups, OUs, and computer objects within Active Directory.
Example: OU=Engineering, DC=corp, DC=vmware, DC=com
Username The user name of the service account that has access to the target Active Directory domain. For example, admin-1. The user can be an administrator with read-only permissions.
Password The password for the service account. Ensure that domain policies do not enforce password expiration for the service account.
Security Ensure that you are aware of what security options are supported with LDAP channel binding and understand when LDAP insecure can be used. See Connecting Securely to Active Directory.
Select one of the following options from the drop-down menu to configure the LDAP connection:- Secure LDAP (LDAPS) - Select this option if you want to connect to Active Directory over SSL.
-
LDAP over TLS - Connect to Active Directory over LDAP using TLS. You must have installed a trusted certificate from a certificate authority.
- (Optional) Disable certificate validation (insecure) - Displayed only if you select LDAPS or LDAP over TLS. Select the box to connect securely without validating the certificate using the root CA certificate.
-
LDAP (insecure) - Connect to Active Directory without using a secure connection.
Port (Optional) A port number other than the default. The default port is used if this text box is left blank. - Click Update.