vCOps Custom UI Active Directory Integration

BlocksLast week I had a talk around the fact that integrating vCOps Custom UI with Active Directory is not that of an intuitive process, let’s try simplify it.

 

 

 

Under the Admin tab go to Security. Click the “Import from LDAP” button located under “User Accounts”

01. Import from LDAP
Make sure your UI VM able to resolve your Domain Controller hostname. For me, the easiest way to get my vCOps UI VM resolve my Domain Controller hostname is to edit the /etc/hosts file. You will need to provide root credential to do this.

Click the “Add” button and enter your environment parameters. You can fill up each filed but I’m trying to keep it simple here so I’ve only added the mandatory fields. More details on this can be found in the VMware vCenter Operations Manager Administration Guide. Now, my recommendation to you is to try limit your import boundaries. Don’t use your DC root Base DN because if you have tons of attributes in your Active Directory this can take long time to query and can possibly result time-out. In my DC I have pre populated OU named “Security Groups” with 3 security groups, each security group contain one user respectively.

02. Security Groups
Following to my previous advice, I’m limiting my import boundaries the my OU Base DN OU=Security Groups,DC=vcomic,DC=local”
03. Manage LDAP Host
Once you select the “Auto Sync” option and click on the “Add Group” you will notice that my 3 security groups are available for selection. I use this option only to verify that my LDAP connection is working, you would think that assigning the security group to vCOps role will do the trick but that’s not the case.

04. Add Group
In order to add users to the right account group, click the “Lookup” button, notice that each of my security groups contains one user account. In order to add users to a user group just select the relevant group from the dropdown menu, If you have more than one user account in a security group you can select only the accounts you want to add to the user group.

05. Add Users

Verify that the user accounts has been added according to your selection

06. Users Added
Login to vCOps Custom UI using user@domain. For example, ops-admin@vcomic.local

07. Login01
08. Login02

6 Comments

  1. That was great… I was getting time outs because I was pointing DN to the domain.
    Your comments and screenshot helped a lot.. Thanks

  2. but it only work for custom UI authentication. but what if i want to authenticate for vcops-vsphere with active directory

Leave a Reply