The vCloud Usage Meter appliance ships with a local LDAP name service daemon. To provide identity management and authentication services through an external Active Directory service, you edit the /etc/nslcd.conf file with the Active Directory connection configuration and additional properties. To provide authentication through both Active Directory and local user account, you then configure the local Naming Service Switch.

You configure the /etc/nslcd.conf based on the configuration of you Active Directory server. The provided settings are reference values, reconfigure these settings according to your environment.

Procedure

  1. Login to the vCloud Usage Meter console as usagemeter.
  2. Reconfigure the local LDAP name service daemon.
    1. Navigate to the /etc folder. 
      cd /etc
    2. Open the nslcd.conf file for editing. 
      sudo vi nslcd.conf
    3. Add the Active Directory connection properties. 
      uri ldap://ldap.acme.com
base dc=acme,dc=com
binddn <your username>@acme.com
bindpw <your AD password>
    4. Configure the Active Directory mappings. 
      # Mappings for Active Directory
referrals off
idle_timelimit 800
filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))
map    passwd uid              cn
    5. Save the /etc/nslcd.conf file. 
      :wq!
    6. Restart the nslcd service. 
      sudo systemctl restart nslcd
  3. Enable Active Directory as a Name Service Switch source.
    1. Open the /etc/nsswitch.conf file for editing. 
      sudo vi nsswitch.conf
    2. Add LDAP as a source after local lookups for at least the passwd, group, and shadow types. 
      passwd:     files ldap
group:      files ldap
shadow:     files ldap
    3. Save the /etc/nsswitch.conf file. 
      :wq!