To replace the Workspace ONE Access authentication provider with Active Directory over LDAP in VMware Aria Operations for Logs, you must remove the existing Active Directory Group assignments before adding them again using the Active Directory over LDAP authentication provider.

UI Procedure

  1. Log in to VMware Aria Operations for Logs at https://<aria_operations_for_logs_fqdn> as admin.
  2. In the left navigation pane, click Management > Access control.

  3. On the Access control page, click the Users and groups tab.

  4. In the Directory groups section, select the check boxes for all existing groups and click Delete.

PowerShell Procedure

  1. Start PowerShell.

  2. Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.

    $sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
    $sddcManagerUser = "[email protected]"
    $sddcManagerPass = "VMw@re1!"
    
    $domainFqdn = "sfo.rainpole.io"
    $logsAdminGroup = "gg-vrli-admins"
    $logsUserGroup = "gg-vrli-users"
    $logsViewerGroup = "gg-vrli-viewers"
  3. Perform the configuration by running the command in the PowerShell console.

    Undo-vRLIAuthenticationGroup -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $domainFqdn -group $logsAdminGroup -authProvider vidm
    
    Undo-vRLIAuthenticationGroup -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $domainFqdn -group $logsUserGroup -authProvider vidm
    
    Undo-vRLIAuthenticationGroup -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $domainFqdn -group $logsViewerGroup -authProvider vidm
  4. Repeat this procedure for each VMware Aria Operations for Logs instance.