After you have successfully installed the Platform Services Controller instances, you must add the appliances to your Active Directory domain. After that, add the Active Directory domain as an identity source to vCenter Single Sign-On. When you do, users in the Active Directory domain are visible to vCenter Single Sign-On and can be assigned permissions to view or manage SDDC components. This procedure will be done for the Platform Services Controllers for the management cluster and the shared edge and compute cluster.

About this task

Repeat this procedure twice, once for the of the management cluster and again for the shared edge and compute cluster.

Platform Services Controller

URL

Platform Services Controller for the management cluster

https://sfo01m01psc01.sfo01.rainpole.local

Platform Services Controller for the shared edge and compute cluster

https://sfo01w01psc01.sfo01.rainpole.local

Procedure

  1. Log in to the administration interface of the Platform Services Controller for the management cluster.
    1. Open a Web browser and go to https://sfo01m01psc01.sfo01.rainpole.local.
    2. Click the link for Platform Services Controller web interface.
    3. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. Add the management Platform Services Controller instance to the Active Directory domain.
    1. In the Navigator, click Appliance Settings,  click the Manage tab, and click Join.
    2. In the Join Active Directory Domain dialog box, enter the following settings and click OK.

      Setting

      Value

      Domain

      sfo01.rainpole.local

      User name

      ad_admin_acct@sfo01.rainpole.local

      Password

      ad_admin_password

  3. Reboot the Platform Services Controller instance to apply the changes.
    1. Click the Appliance settings tab, and click the VMware Platform Services Appliance link.
    2. Log in to the VMware vSphere Appliance Management interface with the following credentials.

      Setting

      Value

      User name

      root

      Password

      psc_root_password

    3. On the Summary page, click Reboot.
    4. In the System Reboot dialog box, click Yes.
    5. Wait for the reboot process to finish.
  4. After the reboot process completes, log in to https://sfo01m01psc01.sfo01.rainpole.local again using the following credentials.

    Setting

    Value

    User name

    administrator@vsphere.local

    Password

    vsphere_admin_password

  5. Verify that the Platform Services Controller has successfully joined the domain, click Appliance Settings and click the Manage tab.
  6. Repeat steps 1 through 5 of this procedure for the Platform Services Controller for the shared edge and compute cluster.
  7. Add Active Directory as a vCenter Single Sign-On identity source for the management cluster.
    Note:

    This step should only be performed on the Platform Services Controller for the management cluster. Do not repeat this step when joining the shared edge and compute Platform Services Controller to Active Directory.

    1. In the Navigator, click Configuration and click the Identity Sources tab.
    2. Click the Add icon to add a new identity source.
    3. In the Add Identity Source dialog box, select the following settings and click OK

      Setting

      Value

      Identity source type

      Active Directory (Integrated Windows Authentication)

      Domain name

      SFO01.RAINPOLE.LOCAL

      Use machine account

      Selected

    4. Under Identity Sources, select the rainpole.local identity source and click Set as Default Domain to make rainpole.local the default domain.
    5. In the confirmation dialog box, click Yes.