You register the vRealize Orchestrator server with a vCenter Single Sign-On server by using the vSphere authentication mode. Use vCenter Single Sign-On authentication with vCenter 6.0 and later.
Prerequisites
- Download and deploy the latest version of the vRealize Orchestrator Appliance. See Download and Deploy the vRealize Orchestrator Appliance.
- Install and configure a vCenter with vCenter Single Sign-On running. See the vSphere documentation.
If you plan to create a cluster:
- Set up a load balancer to distribute traffic among multiple instances of vRealize Orchestrator. See VMware vRealize Orchestrator 8.x Load Balancing Guide.
Procedure
- Access the Control Center to start the configuration wizard.
- Navigate to https://your_orchestrator_FQDN/vco-controlcenter.
- Log in as root with the password you entered during OVA deployment.
- Configure the authentication provider.
- On the Configure Authentication Provider page, select vSphere from the Authentication mode drop-down menu.
- In the Host address text box, enter the fully qualified domain name or IP address of the Platform Services Controller instance that contains the vCenter Single Sign-On and click Connect.
Note: If you use an external Platform Services Controller or multiple Platform Services Controller instances behind a load balancer, you must manually import the certificates of all Platform Services Controllers that share a vCenter Single Sign-On domain.Note: To integrate a different vSphere Client with your configured vRealize Orchestrator environment, you must configure vSphere to use the same Platform Services Controller registered to vRealize Orchestrator. For High Availability vRealize Orchestrator environments, you must replicate the PCS instances behind the vRealize Orchestrator load balancer server.
- Review the certificate information of the authentication provider and click Accept Certificate.
- Enter the credentials of the local administrator account for the vCenter Single Sign-On domain. Click REGISTER.
By default, this account is [email protected] and the name of the default tenant is vsphere.local.
- In the Admin group text box, enter the name of an administrators group and click SEARCH.
For example, vsphere.local\vcoadmins
- Select the administration group you want to use.
- Click SAVE CHANGES.
A message indicates that your configuration is saved successfully.
Results
You have successfully finished the vRealize Orchestrator server configuration.
What to do next
- Verify that CIS is the configured license provider at the Licensing page.
- Verify that the node is configured properly at the Validate Configuration page.
Note: Following the configuration of the authentication provider, the vRealize Orchestrator server restarts automatically after 2 minutes. Verifying the configuration immediately after authentication can return an invalid configuration status.