4.2
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Download the vCenter Server Installer
- Install vCenter Server and Orchestrator
- Install Orchestrator Standalone
- Install the Orchestrator Client on a 32-Bit Machine
- Upgrade vCenter Server 4.1 and Orchestrator
- Upgrade Orchestrator 4.1.x Standalone
- Upgrading Orchestrator 4.0.x Running on a 64-Bit Machine
- Upgrading Orchestrator 4.0.x and Migrating the Configuration Data
- Uninstall Orchestrator
- Initial Configuration of the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Configure the Orchestrator Configuration Interface for Remote Connection
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Configuring LDAP Settings
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Further Configuration Options
- Revert to the Default Password for Orchestrator Configuration
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Unwanted Server Restarts
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Changing SSL Certificates
- Define the Server Log Level
- Where to Go From Here
- Index
1 Generate the LDAP Connection URL on page 43
The LDAP service provider uses a URL to configure the connection to the directory server. To generate
the LDAP connection URL, you must specify the LDAP host, port, and root.
2 Import the LDAP Server SSL Certificate on page 44
If your LDAP server uses SSL, you can import the SSL certificate file to the Orchestrator configuration
interface and activate secure connection between Orchestrator and LDAP.
3 Specify the Browsing Credentials on page 45
Orchestrator must read your LDAP structure to inherit its properties. You can specify the credentials
that Orchestrator uses to connect to an LDAP server.
4 Define the LDAP User and Group Lookup Paths on page 46
You can define the users and groups lookup information.
5 Define the LDAP Search Options on page 47
You can customize the LDAP search queries and make searching in LDAP more effective.
6 Common Active Directory LDAP Errors on page 47
When you encounter the LDAP:error code 49 error message and experience problems connecting to your
LDAP authentication server, you can check which LDAP function is causing the problem.
Generate the LDAP Connection URL
The LDAP service provider uses a URL to configure the connection to the directory server. To generate the
LDAP connection URL, you must specify the LDAP host, port, and root.
The supported directory service types are Active Directory, eDirectory, and Sun Java System Directory Server.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click LDAP.
3 From the LDAP client drop-down menu, select the directory server type that you are using as the LDAP
server.
NOTE If you change the LDAP server or type after you set permissions on Orchestrator objects (such as
access rights on workflows or actions), you must reset these permissions.
If you change the LDAP settings after configuring custom applications that capture and store user
information, the LDAP authentication records created in the database become invalid when used against
the new LDAP database.
4 In the Primary LDAP host text box, type the IP address or the DNS name of the host on which your primary
LDAP service runs.
This is the first host on which the Orchestrator configuration interface verifies user credentials.
5 (Optional) In the Secondary LDAP host text box, type the IP address or the DNS name of the host on
which your secondary LDAP service runs.
If the primary LDAP host becomes unavailable, Orchestrator verifies user credentials on the secondary
host.
6 In the Port text box, type the value for the lookup port of your LDAP server.
NOTE Orchestrator supports the Active Directory hierarchical domains structure. If your domain
controller is configured to use Global Catalog, you must use port 3268. You cannot use the default port
389 to connect to the Global Catalog server.
Chapter 5 Initial Configuration of the Orchestrator Server
VMware, Inc. 43