When you import user account information that resides on another machine, you must define the criteria used to import the user accounts from the source machine.
Where You Add or Edit Authentication Sources
- To add authentication sources, from the left menu, click Administration, and then click the Authentication Sources tile.
- Click Add.
- To edit authentication sources, click Edit.
Option | Description |
---|---|
Source Display Name | Name that you assign to the authentication source. |
Source Type
Note: The option you select in the
Source Type drop-down box, determines the options available in this dialog box.
|
Indicates the type of directory services access technology to access the source machine where the database of user accounts resides. There are two types of databases: LDAP and single sign-on. Options include:
|
Name | Description |
---|---|
Host | Name or IP address of the host machine where the single sign-on user server resides. |
Port | The single sign-on listening port. By default this is set to 443. |
User Name | Name of the user account that can log in to the single sign-on host machine. |
Password | Password of the user account that can log in to the single sign-on host machine. |
Grant administrator role to vRealize Operations for future configuration? | When you create a single sign-on source, a new vRealize Operations user account is created on the single sign-on server.
|
Automatically redirect to vRealize Operations single sign-on URL? | After you have configured a single sign-on source, users are redirected to the vCenter SSO server.
|
Import single sign-on user groups after adding the current source? | When you have set up a single sign-on source, you import users and user groups into vRealize Operations so that single sign-on users can access the system with their single sign-on permissions.
|
Advanced | If your system uses a load balancer, enter the IP address of the load balancer. |
Test | Tests whether the host machine can be reached with the credentials provided. |
Option | Description |
---|---|
Integration Mode Basic settings |
Applies basic settings to integrate the LDAP import source with the instance of vRealize Operations. Use Basic integration mode to have vRealize Operations discover the host machine where the LDAP database resides, and set the base distinguished name (Base DN) used to search for users. You provide the name of the domain and the subdomain, which vRealize Operations uses to populate the Host and Base DN details, and the name and password of the user who can log in to the LDAP host machine. In Basic mode, attempts to fetch the host and port from the DNS server, and obtain the Global Catalog and domain controllers for the domain, with preference given to SSL/TLS-enabled servers.
|
Integration Mode Advanced settings |
Applies advanced settings to integrate the LDAP import source with the instance of vRealize Operations. Use Advanced integration mode to manually provide the host name and base distinguished name (Base DN) to have vRealize Operations import users. You provide the name and password of the user who can log in to the LDAP host machine.
|
Search Criteria |
Displays the search criteria settings. Although vRealize Operations populates part of the search criteria, an Administrator must verify the settings to ensure that the settings are correct according to the properties of the LDAP type.
|
Test |
Tests whether the host machine can be reached, with the credentials provided. Although a test of the connection is successful, users who use the search feature must have read permissions in the LDAP source. This test does not verify the accuracy of the Base DN or Common Name entries. |
Option | Description |
---|---|
Host | Name or IP address of the VMware Identity Manager machine where the single sign-on user server resides. |
Port | The single sign-on listening port. By default this is set to 443. |
Tenant | This is an optional field. |
User name | VMware Identity Manager system-domain tenant administrator user name. |
Password | Password of the VMware Identity Manager system-domain tenant administrator. |
Redirect IP/ FQDN | This is the IP address of vRealize Operations node where a user is redirected after a successful authentication from VMware Identity Manager. By default, this is the IP address of the vRealize Operations primary node.
Note: When the primary replica becomes the primary node on
vRealize Operations, then
vRealize Operations administrator has to manually edit the IP address and set it to the IP address of the current primary node.
|
Test | Tests whether the VMware Identity Manager machine can be reached, with the credentials provided. |