To provide propagation of roles to VMware Aria Operations for Logs, configure the integration with Active Directory over LDAP.

UI Procedure

  1. Log in to VMware Aria Operations for Logs at https://<aria_operations_for_logs_fqdn> as admin.
  2. In the navigation pane, click Configuration > Authentication.

  3. On the Authentication configuration page, click the Active Directory tab.

  4. On the Active Directorty page, configure the following setting.

    Setting

    Value

    Enable Active Directory support

    Enabled

  5. On the Active Directorty page, configure the following settings, configure the remaining settings according to your VMware Cloud Foundation Planning and Preparation Workbook.

    Setting

    Value

    Connection type

    Custom

    Require SSL

    Selected

  6. To validate the connection, click Test connection.

  7. In the Untrusted SSL certificate dialog box, click Accept.

  8. On the Authentication configuration page, verify the validation is successful and click Save.

PowerShell Procedure

  1. Start PowerShell.

  2. Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.

    $sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
    $sddcManagerUser = "administrator@vsphere.local"
    $sddcManagerPass = "VMw@re1!"
    
    $domainFqdn = "sfo.rainpole.io"
    $domainBindUser = "svc-logs-ad"
    $domainBindPass = "VMw@re1!"
    $domainServers = "sfo-ad01.sfo.rainpole.io"
  3. Perform the configuration by running the command in the PowerShell console.

    Add-vRLIAuthenticationAD -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $domainFqdn -domainBindUser $domainBindUser -domainBindPass $domainBindPass -domainServers $domainServers