You integrate your Active Directory with Workspace ONE Access and configure attributes to synchronize users and groups to enable identity and access management in the SDDC.

Procedure

  1. In a Web browser, log in to the region-specific Workspace ONE Access instance in Region A by using the administration interface.
    Setting Value
    URL https://sfo01wsa01.sfo01.rainpole.local/admin
    User name admin
    Password sfo01wsa01_admin_password
    Domain System Domain
  2. On the main navigation bar, click Identity and access management.
  3. Click the Directories tab, and from the Add directory drop-down menu, select Add Active Directory over LDAP/IWA.

    The Add directory wizard opens.

  4. On the Add directory page, configure these settings and click Save and next.

    Setting

    Value

    Directory name

    rainpole.local

    Active Directory (Integrated Windows authentication)

    Selected

    Sync connector

    sfo01wsa01.sfo01.rainpole.local

    Do you want this connector also perform authentication

    Yes

    Directory search attribute

    sAMAccountName

    Domain name

    sfo01.rainpole.local

    Domain admin user name

    svc-domain-join

    Domain admin password

    svc-domain-join_password

    Bind user name

    svc-wsa-ad

    Bind user password

    svc-wsa-ad_password

  5. On the Select the domains page, configure these settings and click Next.

    Setting

    Value

    Selected

    rainpole.local (RAINPOLE)

    Selected

    sfo01.rainpole.local (SFO01)

  6. On the Map user attributes page, review the attribute mappings and click Next.
  7. On the Select the groups you want to sync page, configure the settings and click Find groups.

    Setting

    Value

    Sync nested group members

    Selected

    Specify the group DN

    Click the plus icon and enter OU=Security Groups,DC=rainpole,DC=local

  8. For each group DN, click Select, select the group to use by the region-specific Workspace ONE Access instance in Region A, click Save, and click Next.

    Product

    Value

    NSX Data Center

    ug-nsx-enterprise-admins

    Workspace One Access

    ug-wsa-admins

    ug-wsa-directory-admins

    ug-wsa-read-only

    vRealize Log Insight

    ug-vrli-admins

    ug-vrli-users

    ug-vrli-viewers

  9. On the Select the users you want to sync page, configure these settings and click Next.

    Setting

    Value

    Specify the user DN

    Click the plus icon and enter OU=Security Users,DC=rainpole,DC=local

  10. On the Review page, click Edit, from the Sync frequency drop-down menu, select Every 15 minutes, and click Save.
  11. To initialize the directory import, click Sync directory.

    This process might take a some time to complete.