1.1.0
Table Of Contents
- Lifecycle Manager Installation and Configuration Guide
- Contents
- Updated Information
- About This Book
- Understanding LCM
- LCM Installation Process
- Installing and Configuring Orchestrator
- Orchestrator System Requirements
- Install Orchestrator
- Orchestrator Components Setup Guidelines
- Configuring Orchestrator
- Check Configuration Readiness
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Configure the Network Connection
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Change the Web View SSL Certificate
- Define the Server Log Level
- Maintenance and Recovery
- Controlling Orchestrator Access
- Installing and Configuring LCM
- Installing LCM
- Migrating to LCM 1.1
- Configuring LCM
- Check Configuration Readiness
- Initial Configuration of Lifecycle Manager
- Configure the LCM Web View
- Set Approval Requirements
- Configure Archiving Settings
- Change Authorization Groups
- Change the Naming Convention for Virtual Machines
- Enable Email Notifications
- Configure Email Notification Content
- Configure Currency and Date Formats
- Uninstall LCM and Orchestrator
- Index
Prerequisites
You must have a working LDAP service on your infrastructure.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click LDAP.
3 Define the User lookup base.
This is the LDAP container (the top level domain name) where Orchestrator searches for potential users.
a Click Search and enter the top-level domain name.
Searching for company returns dc=company,dc=org and other common names containing the search
term. If you enter dc=company,dc=org as a search term, no results are found.
b Click the LDAP connection string for the discovered branch to insert it in the User lookup base text
box.
If no matches are found, check your LDAP connection string in the main LDAP page.
NOTE You can connect to the Global Catalog Server through port 389. It issues LDAP referrals which
Orchestrator follows to find the account or group in a subdomain.
4 Define the Group lookup base.
This is the LDAP container where Orchestrator looks up groups.
a Click Search and enter the top-level domain name.
b Click the LDAP string for the discovered branch to insert it in the Group lookup base text box.
5 Define the vCO Admin group.
This must be an LDAP group (like Domain Users) to which you grant administrative privileges for
Orchestrator.
a Click Search and enter the top-level domain name.
b Click the LDAP string for the discovered branch to insert it in the vCO Admin group text box.
IMPORTANT In eDirectory installations, only the eDirectory administrator can see users or user groups that
have administration rights. If you are using an eDirectory LDAP server, and you log into Orchestrator as
a member of the vCO Admin group but you are not the eDirectory administrator, you can create users or
user groups with administration rights, but you cannot see those users using their own rights and
permissions. This issue does not apply to other LDAP servers.
6 Click the Test Login tab and enter credentials for a user to test whether they can access the Orchestrator
smart client.
After a successful login, the system checks if the user is in the Orchestrator Administrator group.
What to do next
Define the LDAP search options and apply your changes.
Lifecycle Manager Installation and Configuration Guide
32 VMware, Inc.