You can configure identity stores for OpenLDAP or Active Directory in mixed mode without joining your Active Directory domain to the Identity Appliance.

Prerequisites

Install vRealize Automation 6.1, including IaaS components. Depending on your deployment type, see Minimal Deployment or Distributed Deployment.

Procedure

  1. Log in to the vRealize Automation console as the system administrator of the default tenant.
    1. Navigate to the vRealize Automation console.

      Option

      Description

      If you are using a load balancer

      https://vrealize-appliance-load-balancer-hostname.domain.name/vcac

      With no load balancer

      https://vrealize-appliance-hostname.domain.name/vcac

    2. Log in with the user name administrator@vsphere.local and the password you defined for this user when you configured SSO.
  2. Select Administration > Tenants.
  3. Click the name of the default tenant, vsphere.local.
  4. Click the Identity Stores tab.
  5. Click the Add icon (Add).
  6. Enter a name in the Name text box.
  7. Select OpenLDAP or Active Directory from the Type drop-down menu.
  8. Enter the URL for the identity store in the URL text box.

    For example, ldap://ldap.mycompany.com:389 .

  9. Enter the domain for the identity store in the Domain text box.
  10. (Optional) : Enter the domain alias in the Domain Alias text box.

    The alias allows users to log in by using userid@domain-alias rather than userid@identity-store-domain as a user name.

  11. Enter the Distinguished Name for the login user in the Login User DN text box.

    Use the display format of the user name, which can include spaces and is not required to be identical to the user ID.

    For example, cn=Demo Admin,ou=demo,dc=dev,dc=mycompany,dc=com.

  12. Enter the password for the identity store login user in the Password text box.
  13. Enter the group search base Distinguished Name in the Group Search Base DN text box.

    For example, ou=demo,dc=dev,dc=mycompany,dc=com.

  14. (Optional) : Enter the user search base Distinguished Name in the User Search Base DN text box.

    For example, ou=demo,dc=dev,dc=mycompany,dc=com.

  15. Click Test Connection.
  16. Click Add.
  17. (Optional) : Repeat this procedure to configure additional identity stores.
  18. Click Next.
  19. Click Update.

What to do next

Appoint Administrators.