To enable authentication for Active Directory accounts and local accounts, you configure the Pluggable Authentication Module on the vCloud Usage Meter appliance.

You edit several configuration files under the /etc/pam.d directory based on your environment. The provided configuration contains the minimal required settings.

Procedure

  1. Login to the vCloud Usage Meter console as usagemeter.
  2. Configure the common authentication providers in the /etc/pam.d/system-auth configuration file.
    1. Open the /etc/pam.d/system-auth file for editing. 
      sudo vi /etc/pam.d/system-auth
    2. Add the following line to the file. 
      auth      sufficient  pam_ldap.so
auth      required    pam_unix.so
    3. Save the /etc/pam.d/system-auth file. 
      :wq!
  3. Configure the common account settings in the /etc/pam.d/system-account configuration file.
    1. Open the /etc/pam.d/system-account file for editing. 
      sudo vi /etc/pam.d/system-account
    2. Add the following lines to the file. 
      account   sufficient  pam_ldap.so
account   required    pam_unix.so
account   required    pam_permit.so
    3. Save the /etc/pam.d/system-account file. 
      :wq!
  4. Configure the common passwords settings in the /etc/pam.d/system-password configuration file.
    1. Open the /etc/pam.d/system-password file for editing. 
      sudo vi /etc/pam.d/system-password
    2. Add the following lines to the file. 
      password  sufficient  pam_ldap.so try_first_pass
password  requisite   pam_cracklib.so
password  required    pam_unix.so       sha512 shadow try_first_pass
    3. Save the /etc/pam.d/system-password file. 
      :wq!
  5. Configure the common session settings in the /etc/pam.d/system-session configuration file.
    1. Open the /etc/pam.d/system-session file for editing. 
      sudo vi /etc/pam.d/system-session
    2. Add the following lines to the file. 
      session   required    pam_unix.so
session   required    pam_limits.so
session   optional    pam_systemd.so
session   optional    pam_loginuid.so
session   optional    pam_ldap.so
    3. Save the /etc/pam.d/system-session file. 
      :wq!
  6. Configure the common authentication and account settings for the vCloud Usage Meter appliance.
    1. Open the /etc/pam.d/vmware-um-pam file for editing. 
      sudo vi /etc/pam.d/vmware-um-pam
    2. Add the following lines to the file. 
      auth       sufficient /lib64/security/pam_ldap.so
auth       required   /lib64/security/pam_unix_auth.so
account    sufficient /lib64/security/pam_ldap.so
account    required   /lib64/security/pam_unix_acct.so
    3. Save the /etc/pam.d/vmware-um-pam file. 
      :wq!