When you import user account information that resides on another machine, you must define the criteria used to import the user accounts from the source machine.
Where You Add or Edit Authentication Sources
- To add authentication sources, from the left menu, click Authentication Sources tile. , and then click the
- Click Add.
- To edit authentication sources, click Edit.
Option | Description |
---|---|
Source Display Name | Name that you assign to the authentication source. |
Source Type
Note: The option you select in the
Source Type drop-down box, determines the options available in this dialog box.
|
Indicates the type of directory services access technology to access the source machine where the database of user accounts resides. There are two types of databases: LDAP and single sign-on. Options include:
|
Name | Description |
---|---|
Host | Name or IP address of the host machine where the single sign-on user server resides. |
Port | The single sign-on listening port. By default this is set to 443. |
User Name | Name of the user account that can log in to the single sign-on host machine. |
Password | Password of the user account that can log in to the single sign-on host machine. |
Grant administrator role to VMware Aria Operations for future configuration? | When you create a single sign-on source, a new VMware Aria Operations user account is created on the single sign-on server.
|
Automatically redirect to VMware Aria Operations single sign-on URL? | After you have configured a single sign-on source, users are redirected to the vCenter SSO server.
|
Import single sign-on user groups after adding the current source? | When you have set up a single sign-on source, you import users and user groups into VMware Aria Operations so that single sign-on users can access the system with their single sign-on permissions.
|
Advanced | If your system uses a load balancer, enter the IP address of the load balancer. |
Test | Tests whether the host machine can be reached with the credentials provided. |
Name | Description |
---|---|
Host | Name or IP address of the vCenter Server host machine on which VMware SSO has been configured. |
Port | The single sign-on listening port. By default this is set to 443. |
Tenant | |
Username | Name of the vCenter Server user account that can log in to the VMware SSO host machine.
Note: The user must have the
VcIdentityProviders.Manage permission assigned.
|
Password | Password of the vCenter Server user account that can log in to the VMware SSO host machine. |
Option | Description |
---|---|
Integration Mode Basic settings |
Applies basic settings to integrate the LDAP import source with the instance of VMware Aria Operations. Use Basic integration mode to have VMware Aria Operations discover the host machine where the LDAP database resides, and set the base distinguished name (Base DN) used to search for users. You provide the name of the domain and the subdomain, which VMware Aria Operations uses to populate the Host and Base DN details, and the name and password of the user who can log in to the LDAP host machine. In Basic mode, attempts to fetch the host and port from the DNS server, and obtain the Global Catalog and domain controllers for the domain, with preference given to SSL/TLS-activated servers.
|
Integration Mode Advanced settings |
Applies advanced settings to integrate the LDAP import source with the instance of VMware Aria Operations. Use Advanced integration mode to manually provide the host name and base distinguished name (Base DN) to have VMware Aria Operations import users. You provide the name and password of the user who can log in to the LDAP host machine.
|
Search Criteria |
Displays the search criteria settings. Although VMware Aria Operations populates part of the search criteria, an Administrator must verify the settings to ensure that the settings are correct according to the properties of the LDAP type.
|
Test |
Tests whether the host machine can be reached, with the credentials provided. Although a test of the connection is successful, users who use the search feature must have read permissions in the LDAP source. This test does not verify the accuracy of the Base DN or Common Name entries. |
Option | Description |
---|---|
Host | Name or IP address of the VMware Identity Manager machine where the single sign-on user server resides. |
Port | The single sign-on listening port. By default this is set to 443. |
Tenant | This is an optional field. |
User name | VMware Identity Manager system-domain tenant administrator user name. |
Password | Password of the VMware Identity Manager system-domain tenant administrator. |
Redirect IP/ FQDN | This is the IP address of VMware Aria Operations node where a user is redirected after a successful authentication from VMware Identity Manager. By default, this is the IP address of the VMware Aria Operations primary node.
Note: When the primary replica becomes the primary node on
VMware Aria Operations, then
VMware Aria Operations administrator has to manually edit the IP address and set it to the IP address of the current primary node.
|
Test | Tests whether the VMware Identity Manager machine can be reached, with the credentials provided. |