You may need to join the VMware Identity Manager connector to a domain in some cases. For Active Directory over LDAP directories, you can join a domain after creating the directory. For directories of type Active Directory (Integrated Windows Authentication), the connector is joined to the domain automatically when you create the directory. In both scenarios, you are prompted for credentials.

To join a domain, you need Active Directory credentials that have the privilege to "join computer to AD domain". This is configured in Active Directory with the following rights:

  • Create Computer Objects

  • Delete Computer Objects

When you join a domain, a computer object is created in the default location in Active Directory, unless you specify a custom OU.

If you do not have the rights to join a domain, follow these steps to join the domain.

  1. Ask your Active Directory administrator to create the computer object in Active Directory, in a location determined by your company policy. Provide the host name of the connector. Ensure that you provide the fully-qualified domain name, for example, server.example.com.

    Tip:

    You can see the host name in the Host Name column on the Connectors page in the administration console. Click Identity & Access Management > Setup > Connectors to view the Connectors page.

  2. After the computer object is created, join the domain using any domain user account in the VMware Identity Manager administration console.

The Join Domain command is available on the Connectors page, accessed by clicking Identity & Access Management > Setup > Connectors.

Option

Description

Domain

Select or enter the Active Directory domain to join. Ensure that you enter the fully-qualified domain name. For example, server.example.com.

Domain User

The username of an Active Directory user who has the rights to join systems to the Active Directory domain.

Domain Password

The password of the user.

Organizational unit (OU)

(Optional) The organizational unit (OU) of the computer object. This option creates a computer object in the specified OU instead of the default Computers OU.

For example, ou=testou,dc=test,dc=example,dc=com.