To allow the LDAP users to log into VMware Aria Operations for Networks, you must configure the LDAP service in the VMware Aria Operations for Networks platform.

Note: VMware Aria Operations for Networks supports the LDAP and LDAPS protocols.

Prerequisites

You must have the Administrator privilege.

Procedure

  1. Log in to VMware Aria Operations for Networks and click Settings.
  2. Under Identity & Access Management, select LDAP.
  3. Click Configure.
  4. Provide the following information.
    Field Description
    Domain Enter the domain name. This is typically the last part of the user email address after the '@' sign. Example: For a user logging in as [email protected], this field is example.com
    LDAP Host URLs Enter the host name. You can specify multiple LDAP Host URLs separated by commas. The URLs can be of type IPv4, IPv6, or FQDN.
    Examples:
    • IPv4: (ldap://192.168.1.1:389)
    • IPv6: (ldap://[fc00:192:168:20::e]:389)
    • FQDN: (ldap://host:port/ldaps://host:port)
    Group based access control Select this option to configure a group and provide a role to the members of that group.
    1. UnderBase DN, type the Base DN, the point from which the server starts searching for users.
    2. Provide the search attribute.
    3. Under Group DN, select the role of the user for each group.

      If you select the administrator role for a particular group, then all the members of that group have the administrator privilege. Similarly, if you select the member role for a particular group, then all the members of that group have the member privilege. If this option is not selected, then the group setting is used to assign the privileges. But other valid LDAP users who do not belong to the groups that you have added can log in to the product.

    4. Click Add more to add groups in the inclusion list.
    5. Select the Restrict access to members of the above groups only option to allow access to the users only from the LDAP groups (direct or inherited membership) that you have added.
    Username User with the necessary rights to log in using the settings provided.
    Password Password of the user.

  5. Click SUBMIT.
    After configuration, you see the LDAP details you have configured.