Orchestrator requires an authentication method to work properly and manage user permissions.

Orchestrator supports two types of authentication.

LDAP authentication

Orchestrator connects to a working LDAP server.

vCenter Single Sign-On authentication

Orchestrator authenticates through vCenter Single Sign-On.

Depending on the type of installation, Orchestrator is preconfigured to work with either an embedded LDAP server or vCenter Single Sign-On.

  • When you install Orchestrator standalone, the Orchestrator server is preconfigured to work with an embedded LDAP server.

  • When you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to work with the vCenter Single Sign-On server with which the installed vCenter Server instance is registered.

  • When you download and deploy the Orchestrator Appliance, the Orchestrator server is preconfigured to work with the OpenLDAP directory service embedded in the appliance.

Important:

If you want to use Orchestrator through the vSphere Web Client for managing vSphere inventory objects, you must configure Orchestrator to work with the same vCenter Single Sign-On instance to which both vCenter Server and vSphere Web Client are pointing.