1.0
Table Of Contents
- Cloud Director Administrator's Guide
- Contents
- About This Book
- Getting Started with Cloud Director
- Adding Resources to Cloud Director
- Adding vSphere Resources
- Adding Cloud Resources
- Provider Virtual Datacenters
- Create a Provider Virtual Datacenter
- External Networks
- Add an External Network
- Network Pools
- Add a Network Pool That Is Backed by VLAN IDs
- Add a Network Pool That Is Backed by Cloud Isolated Networks
- Add a Network Pool That Is Backed by vSphere Port Groups
- Set the MTU for a Network Pool Backed by Cloud Isolated Networks
- Creating and Provisioning Organizations
- Creating a Published Catalog
- Managing Cloud Resources
- Managing Provider vDCs
- Enable or Disable a Provider vDC
- Delete a Provider vDC
- Modify a Provider vDC Name and Description
- Enable or Disable a Provider vDC Host
- Prepare or Unprepare a Provider vDC Host
- Upgrade an ESX/ESXi Host Agent for a Provider vDC Host
- Repair a Provider vDC ESX/ESXi Host
- Enable or Disable a Provider vDC Datastore
- Add Storage Capacity to a Provider vDC
- Configure Low Disk Space Warnings for a Provider vDC Datastore
- Send an Email Notification to Provider vDC Users
- Managing Organization vDCs
- Managing External Networks
- Managing Organization Networks
- Creating Organization Networks
- Configuring Network Services
- Reset an Organization Network
- Delete an Organization Network
- View IP Usage for an Organization Network
- Add IP Addresses to an Organization Network IP Pool
- Modify an Organization Network Name and Description
- Modify an Organization Network DNS Settings
- Managing Network Pools
- Managing Cloud Cells
- Managing Provider vDCs
- Managing vSphere Resources
- Managing Organizations
- Enable or Disable an Organization
- Delete an Organization
- Modify an Organization Name
- Modify an Organization Full Name and Description
- Modify Organization LDAP Options
- Modify Organization Catalog Publishing Policy
- Modify Organization Email Preferences
- Modify Organization Lease, Quota, and Limit Settings
- Add a Catalog to an Organization
- Managing Organization Resources
- Managing Organization Users and Groups
- Managing Organization vApps
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import an LDAP Group
- Delete an LDAP Group
- Change an LDAP Group Description
- Roles and Rights
- Create a Role
- Copy a Role
- Edit a Role
- Delete a Role
- Managing System Settings
- Monitoring Cloud Director
- Roles and Rights
- Index
Table 9-2. Supported Combinations of Operating System, LDAP Server, and Authentication Method
(Continued)
Operating System LDAP Server Authentication Method
Windows 7 (2008 R2) Active Directory Kerberos SSL
Linux OpenLDAP Simple
Linux OpenLDAP Simple SSL
Configure an LDAP Connection
You can configure an LDAP connection to provide Cloud Director and its organizations with access to users
and groups on the LDAP server.
Prerequisites
In order to use Kerberos as your authentication method, you must add a realm. See “Add a Kerberos Realm,”
on page 87.
Procedure
1 Click the Administration tab and click LDAP in the left pane.
2 Type the host name or IP address of the LDAP server.
For Kerberos authentication, use the fully qualified domain name (FQDN).
3 Type a port number.
For LDAP, the default port number is 389. For LDAP over SSL (LDAPS), the default port number is 636.
4 Type the base distinguished name (DN).
The base DN is the location in the LDAP directory where Cloud Director connects. VMware recommends
connecting at the root. Type the domain components only, for example, DC=example, DC=com.
To connect to a node in the tree, type the distinguished name for that node, for example,
OU=ServiceDirector, DC=example, DC=com. Connecting to a node limits the scope of the directory available
to Cloud Director.
5 Select the SSL check box to use LDAPS and choose one of the certificate options.
Option Action
Accept all certificates
Select the check box.
SSL Certificate
Click Browse to locate the SSL certificate.
SSL Keystore
Click Browse to locate the SSL keystore. Type and confirm the keystore
password.
6 Select an authentication method.
Option Description
Simple
Simple authentication consists of sending the LDAP server the user's DN and
password. If you are using LDAP, the LDAP password is sent over the
network in clear text.
Kerberos
Kerberos issues authentication tickets to prove a user's identity. If you select
Kerberos, you must select a realm.
Cloud Director Administrator's Guide
86 VMware, Inc.