Orchestrator requires an authentication method to work properly and manage user permissions.
Orchestrator supports two types of authentication.
Orchestrator connects to a working LDAP server.
vCenter Single Sign-On authentication
Orchestrator authenticates through vCenter Single Sign-On.
Depending on the type of installation, Orchestrator is preconfigured to work with either an embedded LDAP server or vCenter Single Sign-On.
When you install Orchestrator standalone, the Orchestrator server is preconfigured to work with an embedded LDAP server.
When you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to work with the vCenter Single Sign-On server with which the installed vCenter Server instance is registered.
When you download and deploy the Orchestrator Appliance, the Orchestrator server is preconfigured to work with the OpenLDAP directory service embedded in the appliance.
If you want to use Orchestrator through the vSphere Web Client for managing vSphere inventory objects, you must configure Orchestrator to work with the same vCenter Single Sign-On instance to which both vCenter Server and vSphere Web Client are pointing.