You can authenticate users through Active Directory. This simplifies the log in process for users by letting them use a common password for multiple purposes.
Verify that you are logged in to the vRealize Log Insight web user interface as a user with the Edit Admin permission. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.
- Click the configuration drop-down menu icon and select Administration.
- Under Configuration, click Authentication.
- Select Enable Active Directory support.
- In the Default Domain text box, type a domain name.
For example, company-name.com.Note:
You cannot list multiple domains in the default domain text box. If the default domain that you specify is trusted by other domains, vRealize Log Insight uses the default domain and the binding user to verify AD users and groups in the trusting domains.
If you switch to a different domain that already includes users and groups, the authentication will fail for the existing users and groups, and data saved by the existing users will be lost.
- If you have geo-located or security-restricted domain controllers, manually specify the domain controllers closest to this vRealize Log Insight instance.
Load-balanced Active Directory authorization servers are not supported.
- Enter the credentials of a binding user that belongs to the default domain.
vRealize Log Insight uses the default domain and the binding user to verify AD users and groups in the default domain, and in domains that trust the default domain.
- Specify values for the connection type.
This connection is used for Active Directory authentication.
- Click Save.
What to do next
Give permissions to AD users and groups to access the current instance of vRealize Log Insight.