Configure vRealize Orchestrator to use the Rainpole local tenant in vRealize Automation for authentication. By associating vRealize Orchestrator authentication to a non-default tenant, vRealize Orchestrator executes workflows with end-user permissions. If vRealize Orchestrator authenticates using the default tenant, Orchestrator users will always have administrative rights.
Procedure
- Log in to the vRealize Orchestrator Control Center.
- Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
- Log in using the following credentials.
Setting |
Value |
User name |
root |
Password |
vra_appA_root_password |
- Configure vRealize Automation as a vRealize Orchestrator authentication provider.
- On the Home page, under Manage, click Configure Authentication Provider.
- In the Default Tenant text box, click the Change button, enter rainpole, and click Apply.
- In the Admin group text box, enter ug-vRO and click Search.
- From the drop-down menu, select rainpole.local\ug-vROAdmins and click Save Changes.
The control center logs you out.
- Verify that you can successfully log in as svc-vra.
- Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
- Log in using the following credentials.
Setting |
Value |
Domain |
rainpole.local |
User name |
svc-vra |
Password |
svc-vra_password |
- Log out of control center.
- Open an SSH connection to both vRealize Automation appliances vra01svr01a.rainpole.local and vra01svr01b.rainpole.local, and run the following commands to restart the vRealize Orchestrator services.
service vco-server restart
service vco-configurator restart
- Log back in to control center as the svc-vra user.
Note:
The log in process might be delayed due to the vRealize Orchestrator services restarting.
- Open a Web browser and go to https://vra01svr01.rainpole.local:8283/vco-controlcenter.
- Log in using the following credentials.
Setting |
Value |
Domain |
rainpole.local |
User name |
svc-vra |
Password |
svc-vra_password |