1.1.0
Table Of Contents
- Lifecycle Manager Installation and Configuration Guide
- Contents
- Updated Information
- About This Book
- Understanding LCM
- LCM Installation Process
- Installing and Configuring Orchestrator
- Orchestrator System Requirements
- Install Orchestrator
- Orchestrator Components Setup Guidelines
- Configuring Orchestrator
- Check Configuration Readiness
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Configure the Network Connection
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Change the Web View SSL Certificate
- Define the Server Log Level
- Maintenance and Recovery
- Controlling Orchestrator Access
- Installing and Configuring LCM
- Installing LCM
- Migrating to LCM 1.1
- Configuring LCM
- Check Configuration Readiness
- Initial Configuration of Lifecycle Manager
- Configure the LCM Web View
- Set Approval Requirements
- Configure Archiving Settings
- Change Authorization Groups
- Change the Naming Convention for Virtual Machines
- Enable Email Notifications
- Configure Email Notification Content
- Configure Currency and Date Formats
- Uninstall LCM and Orchestrator
- Index
Example 6-1. Example Values and Resulting LDAP Connection URL Addresses
n
LDAP host: DomainController
n
Port: 389
n
Root: ou=employees,dc=company,dc=org
Connection URL: ldap://DomainController:389/ou=employees,dc=company,dc=org
n
LDAP host using Global Catalog: 10.23.90.130
n
Port: 3268
n
Root: dc=company,dc=org
Connection URL: ldap://10.23.90.130:3268/dc=company,dc=org
What to do next
Assign credentials to Orchestrator to ensure its access to the LDAP server.
For more details, see “Specify the Browsing Credentials,” on page 31.
Specify the Browsing Credentials
Orchestrator must read your LDAP structure to inherit its properties. You can specify the credentials that
Orchestrator uses to connect to an LDAP server.
Prerequisites
You must have a working LDAP service on your infrastructure and have generated the LDAP connection URL.
Procedure
1 In the LDAP tab of the Orchestrator configuration interface, enter a valid user name (LDAP string) in the
User name text box for a user on your LDAP who has browsing permissions.
The possible formats in which you can specify the user name in Active Directory are as follows:
n
Bare user name format, for example user.
n
Distinguished name format: cn=user,ou=employees,dc=company,dc=org.
Use this format with OpenLDAP, Sun, and eDirectory. No spaces between the comma and the next
identifier.
n
Principle name format: user@company.org.
n
NetBEUI format: COMPANY\user.
2 In the Password text box, enter the valid password for the user name you entered in Step 1.
Orchestrator uses these credentials to connect to the LDAP server.
What to do next
Define the LDAP containers for Orchestrator to look up users and groups.
Define the LDAP Lookup Paths
You can define the users and groups lookup information.
Two global roles are identified in Orchestrator: Developers and Administrators. The users in the Developers
role have editing privileges on all elements. The users in the Administrators role have unrestricted privileges.
Administrators can manage permissions, or discharge administration duties on a selected set of elements to
any other group or user. These two groups must be contained in the Group lookup base.
Chapter 6 Configuring Orchestrator
VMware, Inc. 31