2.5
Table Of Contents
- vCenter Chargeback Manager User’s Guide
- Contents
- About the User's Guide
- Introduction to vCenter Chargeback Manager
- Configuring Administration Settings
- Authenticating and Managing Users, Roles, and Permissions
- Resource Based Authorization in vCenter Chargeback Manager
- Permissions Defined in vCenter Chargeback Manager
- Managing Roles
- Managing Users
- vCenter Chargeback Manager User Authentication
- Managing Chargeback Hierarchies
- Creating a Chargeback Hierarchy
- Managing a Chargeback Hierarchy
- View a Chargeback Hierarchy
- Add a vCenter Chargeback Manager Entity
- Add a vCenter Server Entity
- Rename a Chargeback Hierarchy or a Chargeback Entity
- Delete an Entity from the Hierarchy
- Delete a Chargeback Hierarchy
- Assign Attributes
- Move Entities Within a Hierarchy
- Allocate Computing Resource Units for a Chargeback Entity
- Share Virtual Machine Cost
- Backdate a Chargeback Hierarchy
- View Properties of a vCenter Server Entity
- Managing and Configuring vCenter Chargeback Manager Cost Elements
- Generating Reports
- Monitoring System Health
- Administration Utilities
- Index
What to do next
You can now add the Windows Active Directory users and groups to vCenter Chargeback Manager so that
they can access the application using their Windows Active Directory login credentials. To know more about
adding LDAP users and groups to the application, see “Creating Users,” on page 47.
Edit the LDAP Server Setting
After you have configured an LDAP server in the application, you can modify its details any time, provided
you have the required privileges. For instance, if the LDAP user account password is changed on the LDAP
server, you must also reflect this change in vCenter Chargeback Manager.
If the SSL certificate on the LDAP server is changed, you must modify the LDAP server setting in vCenter
Chargeback Manager to obtain the modified SSL certificate. Else, communication with the LDAP server fails.
To perform this task, you must have the Super User role or the Administrator role. If you have the
Administrator role, you can only edit those LDAP server settings that you have configured.
CAUTION Changes to the LDAP server settings might impact the corresponding LDAP users and groups that
are already added to the application. If you change the BaseDN to the DN of an entity that is lower in the LDAP
hierarchy compared to the currently set DN, then LDAP users that exist above the new DN will not be able to
log in to vCenter Chargeback Manager, and the resources created by them in the application, such as
hierarchies, pricing model, and reports, might get orphaned and become unusable.
If you modify the LDAP server setting to provide details of a Windows Server 2008 Active Directory read-only
domain controller, then you must ensure that all the LDAP users and groups currently added to vCenter
Chargeback Manager are also listed in the read-only domain controller. If not, the users that do not have an
entry on the read-only domain controller cannot access vCenter Chargeback Manager.
Procedure
1 In the Settings tab, click LDAP Servers.
2 Select the required LDAP server from the table displayed on the page.
3 Click Edit.
The Manage LDAP Server screen is displayed.
4 Modify the required LDAP server setting.
Option Description
Server Name
A user-defined name to uniquely identify the LDAP server. You can provide
a full name or a short code to identify the LDAP server.
Server Address
Static IP address of the LDAP server. If the sever does not have a static IP
address, ensure that you provide the fully-qualified domain name (FQDN).
User Name
The LDAP account to authenticate in to the LDAP server. The user name can
be of the formats user_name@domain_name or domain_name\user_name.
Preferably, use the User Principal Name (UPN).
Password
Password for the user name provided.
BaseDN
The distinguished name (DN) of the entity in the LDAP hierarchy from which
groups and users can be added to the application. If not specified, vCenter
Chargeback Manager automatically fetches the root base dn and uses this
value.
Port
Port on which the LDAP service is listening. The default port is 389. If you
select the Enable LDAPS option, ensure that you change this to a secure port,
say 636.
Chapter 2 Configuring Administration Settings
VMware, Inc. 17