To manage vCloud Director instances by using the vRealize Orchestrator Plug-in for vCloud Director, you must configure the connection parameters for each instance.
- Using the Certificates tab of the Orchestrator Control Center, import the SSL certificate for the vCloud Director instance that you want to connect.
- Verify that vCloud Director SSL certificate is imported in the VMware vRealize Orchestrator client.
- Verify that the VMware vRealize Orchestrator server, the vCloud Director server and Single Sign On server are synchronized with the NTP server. To synchronize the time, see Synchronize the Time by Using the vSphere Client.
- Log in to the vRealize Orchestrator client as an administrator.
- Click the Workflows view in left pane of the Orchestrator client.
- In the search box, enter Add a connection and press Enter.
- Click the Add a connection workflow and click Input Form.
- In the Host text box, type the IP address or the DNS name of the vCloud Director instance.
- In the Port text box, type the port number.
The default port is 443.
- Select whether to enable the new connection.
- In the Max. Connections text box, type the maximum number of concurrent connections to the vCloud Director instance.
- In the Connection timeout (ms) text box, type the timeout interval in milliseconds.
- In the Cache timeout (s) text box, type the cache timeout interval in seconds.
- From the drop-down menu, select the API version that your vCloud Director supports.
- If you want the new connection to be federated, select the Federated check box.
By federating a connection, you can manage multiple vCloud Director entities with associated organizations in vRealize Orchestrator Plug-in for vCloud Director.
- Select whether to load the complete entity in the inventory view.
- Click Save.
- Click the Authentication tab.
- In the Session mode text box, start typing and select the authentication method for managing user access on the vCloud Director instance.
Option Description Per User Session
Select this option if your vCloud Director is in an Active Directory domain. Make sure that the user has the necessary permissions to perform the required operations.Caution: Each user who logs in to Orchestrator creates a session to the vCloud Director instance. Multiple sessions can rapidly strain CPU, memory, and bandwidth.
Shared Session Select this option to allow Orchestrator to create only one connection to the vCloud Director instance. Type the credentials of a user who is a vCloud Director administrator.Note: If the authentication data comes from LDAP or Single Sign On, make sure the vCloud Directororganization is configured with the same LDAP or Single Sign On instance and the user is imported in this organization.
- Select whether to use SAML authentication and provide the needed details.
Option Description No Provides basic authentication Yes Provides SAML authentication
- In the Organization text box, type the name of the organization that users can access, and click Submit.
- Type System if you want administrators to be able to run User API, Admin API, and Admin Extensions API operations in all organizations on the vCloud Director instance.
- Type the name of a specific organization if you want to enable administrators to run only User API and Admin API operations in the specified organization.
- Repeat Step 4 through Step 18 for each vCloud Director instance.