Configure vRealize Orchestrator to use the Rainpole local tenant in vRealize Automation for authentication. By associating vRealize Orchestrator authentication to a non-default tenant, vRealize Orchestrator executes workflows with end-user permissions. If vRealize Orchestrator authenticates using the default tenant, Orchestrator users will always have administrative rights.

Procedure

  1. Log in to the vRealize Orchestrator Control Center.
    1. Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      root

      Password

      vra_appA_root_password

  2. Configure vRealize Automation as a vRealize Orchestrator authentication provider.
    1. On the Home page, under Manage, click Configure Authentication Provider.
    2. In the Default Tenant text box, click the Change button, enter rainpole, and click Apply.
    3. In the Admin group text box, enter ug-vRO and click Search.
    4. From the drop-down menu, select rainpole.local\ug-vROAdmins and click Save Changes.

      The control center logs you out.

  3. Verify that you can successfully log in as svc-vra.
    1. Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
    2. Log in using the following credentials.

      Setting

      Value

      Domain

      rainpole.local

      User name

      svc-vra

      Password

      svc-vra_password

  4. Log out of control center.
  5. Open an SSH connection to both vRealize Automation appliances vra01svr01a.rainpole.local and vra01svr01b.rainpole.local, and run the following commands to restart the vRealize Orchestrator services.
    service vco-server restart
    service vco-configurator restart
  6. Log back in to control center as the svc-vra user.
    Note:

    The log in process might be delayed due to the vRealize Orchestrator services restarting.

    1. Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
    2. Log in using the following credentials.

      Setting

      Value

      Domain

      rainpole.local

      User name

      svc-vra

      Password

      svc-vra_password