Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync
As vRA installation and initial configuration is completed in previous posts. Will configure local vra admin accounts, integrate vra with ad and configure ad users as admin for vra in this post.
Please find the links for all the posts in this series below.
- Introduction and Design : Installing and Configuring vRealize Automation (vRA) 7.5
- Part 1: Deploying vRealize Automation (vRA) 7.5 Appliance
- Part 2: Installing SQL for vRealize Automation (vRA) 7.5
- Part 3: vRealize Automation (vRA) 7.5 Installation and IIS server Configuration
- Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync
- Part 5: vRA 7.5 Sub tenant Creation and Branding
- Part 6: vRA 7.5 Custom Groups, End points and Reservation Configuration
- Part 7: vRA 7.5 Infrastructure and XaaS Blue Prints Creation
- Part 8: vRA 7.5 Approvals, Catalog Management and Testing Blue Prints
- Part 9: vRA 7.5 fixing installation errors and configuration issues
Contents of the Post
Create local vRA admin account
Open https://vra.sslab.com or the vra url, click on vRealize automation console
Login as administrator and password used while configuring vra
Click on tenant – default tenant ( vsphere.local)
Select New to create new admin account.
provide details for the local admin account with password.
Click on the search bar – provide the name created earlier (vra ) and search – Click on the account.
Add this account similarly as tenant admin and Iaas Admin
Review that its been added and click finish.
Now log out to test login with new account.
Active Directory Integration with Sub tenant
Now as we are using the local accounts we need to integrate with active directory.
Note: for integrating with active directory for sub-tenant first the default tenant vsphere.local needs to be integrated.
Login to vra default tenant with vra-admin local account created earlier.
Click on administration – directories – add Active directory over LDAP
Provide the ad details as shown below, select samaccount name
provide the base DN and service account DN with password, test connection
make sure the username is mapped to samaccountname – next
provide the DB for AD Groups if you give root it will fetch all in my case 53 groups. select all to import
review and click sync directory
As my ad is small it took few seconds , if your domain in large with lots of users wait for 5-10 mins for sync to finish.
Adding domain account as vRA admins
Now log back in to vra console using administrator account to add domain accounts as vra and iaas admins like before.
search for vraadmin@sslab.com , domain account and add as tenant and Iaas admin
review that its added and click finish.
Testing AD admin access to vRA
Now login back to vra and select the domain of AD as shown below and next
Notice that now our domain account is a vra admin.
With this Part 4 Default tenant config is completed and AD integration is done. next will move on to creation of sub-tenant (part5)
Note: never configure or use default tenant as those settings or global. always use a subtenant.
Please find the links for all the posts in this series below. Click on the link below for the next post in this series.
- Introduction and Design : Installing and Configuring vRealize Automation (vRA) 7.5
- Part 1: Deploying vRealize Automation (vRA) 7.5 Appliance
- Part 2: Installing SQL for vRealize Automation (vRA) 7.5
- Part 3: vRealize Automation (vRA) 7.5 Installation and IIS server Configuration
- Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync
- Part 5: vRA 7.5 Sub tenant Creation and Branding
- Part 6: vRA 7.5 Custom Groups, End points and Reservation Configuration
- Part 7: vRA 7.5 Infrastructure and XaaS Blue Prints Creation
- Part 8: vRA 7.5 Approvals, Catalog Management and Testing Blue Prints
- Part 9: vRA 7.5 fixing installation errors and configuration issues
Hope this post is useful, please leave your comments below.