You can register the Orchestrator server with a vCenter Single Sign-On server by using the advanced mode registration form in the Orchestrator configuration interface. In the advanced mode you manually type the token service URL, the administration service URL, and they are not automatically generated for you.

Before you begin

Install and configure vCenter Single Sign-On and verify that your vCenter Single Sign-On server is running.

Procedure

  1. Log in to the Orchestrator configuration interface as vmware.
  2. Click Authentication.
  3. Select SSO Authentication from the Authentication mode drop-down menu.
  4. Click the Advanced settings link.
  5. In the Token service URL text box, type the URL for the vCenter Single Sign-On token service interface.

    https://your_vcenter_single_sign_on_server:7444/ims/STSService/vsphere.local

    Note:

    If you want to configure Orchestrator to authenticate through the vCenter Single Sign-On in the vCenter Server Appliance, you must set the port to 443.

  6. In the Admin service URL text box, type the URL for the vCenter Single Sign-On administration service interface.

    https://your_vcenter_single_sign_on_server:7444/sso-adminserver/sdk/vsphere.local

    Note:

    If you want to configure Orchestrator to authenticate through the vCenter Single Sign-On in the vCenter Server Appliance, you must set the port to 443.

  7. In the Admin user name and Admin password text boxes, type the credentials of the vCenter Single Sign-On admin.

    The account is temporarily used only for registering or removing Orchestrator as a solution.

  8. Click Register Orchestrator.
  9. Complete the vCenter Single Sign-On configuration.
    1. (Optional) : Filter the list of available groups by typing search criteria in the Groups filter text box and pressing Enter.
    2. Select an Orchestrator administrator domain and group from the drop-down menu.
    3. (Optional) : Modify the value for the time difference between a client clock and a domain controller clock.

      The default clock tolerance value is 300 seconds.

  10. Click Accept Orchestrator Configuration.

Results

You successfully registered Orchestrator with vCenter Single Sign-On.