User`s guide
Table Of Contents
- VMware vCenter Configuration ManagerInstallation and Getting Started Guide
- About This Book
- Preparing for Installation
- Installation Manager
- Installation Configurations
- Tools Installation
- General Prerequisites to Install VCM
- Verify Hardware and Software Requirements
- Verify Administration Rights
- Set the Default Network Authority Account
- Specify the Collector Services Account
- Change the Collector Services Account Password in the Services Management Con...
- Change the Collector Services Account Password in the Component Services DCOM...
- Verify the VMware Application Services Account
- Determine the VCM Remote Virtual Directory
- Use Secure Communications Certificates
- Understand Server Authentication
- Verify the Foundation Checker System Checks
- Install UNIX Patch for HP-UX 11.11
- VCM Uses FIPS Cryptography
- Installing VCM
- Installing, Configuring, and Upgrading the OS Provisioning Server and Components
- Upgrading or Migrating VCM
- Upgrades
- Migrations
- Prerequisites to Migrate VCM
- Back Up Your Databases
- Back up Your Files
- Export and Back up Your Certificates
- Migrating VCM
- Migrate Only Your Database
- Replace Your Existing 32-Bit Environment with a Supported 64-bit Environment
- Migrate a 32-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a 64-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a Split Installation of VCM 5.3 or Earlier to a Single-Server Install...
- How to Recover Your Collector Machine if the Migration is not Successful
- Upgrading VCM and Components
- Maintaining VCM After Installation
- Getting Started with VCM Components and Tools
- Getting Started with VCM
- Discover, License, and Install Windows Machines
- Discover, License, and Install Windows Machines
- Verify Available Domains
- Check the Network Authority
- Assign Network Authority Accounts
- Discover Windows Machines
- License Windows Machines
- Disable User Account Control for VCM Agent Installation
- Install the VCM Windows Agent on Your Windows Machines
- Enable UAC After VCM Agent Installation
- Collect Windows Data
- Windows Collection Results
- Getting Started with Windows Custom Information
- Discover, License, and Install UNIX/Linux Machines
- Discover, License, and Install Mac OS X Machines
- Discover, Configure, and Collect Oracle Data from UNIX Machines
- Customize VCM for your Environment
- How to Set Up and Use VCM Auditing
- Discover, License, and Install Windows Machines
- Getting Started with VCM for Virtualization
- Getting Started with VCM Remote
- Getting Started with VCM Patching
- Getting Started with Operating System Provisioning
- Getting Started with Software Provisioning
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Getting Started with VCM Management Extensions for Assets
- Getting Started with VCM Service Desk Integration
- Getting Started with VCM for Active Directory
- Installing and Getting Started with VCM Tools
- Index
Verify the VMware Application Services Account
Verify that the VMware Application Services Account is a domain user. This account has full administrative
authority for the CSI_Domain database.
IMPORTANT Never use this account as a VCM login or for any other purpose.
Determine the VCM Remote Virtual Directory
You specify the VCM Remote Virtual Directory during VCM installation. You can change the account later
using the IIS Management console.
IMPORTANT When you specify the VCM Remote Virtual Directory, to minimize security risks to your
accounts, always use an account that differs from the account used for your Default Network Authority
Account or your Services Account.
Use Secure Communications Certificates
VCM uses Transport Layer Security (TLS) to secure all HTTP communication with all Windows Agents and
UNIX Agents in HTTP mode. TLS uses certificates to authenticate the Collector and Agents to each other.
During VCM installation, you must specify the Collector and Enterprise certificates. If you use your own
certificates, you must familiarize yourself with the certificate names in advance so that you can select them
during installation.
A valid Collector certificate must be:
n
Located in the local machine personal certificate store.
n
Valid for Server Authentication. If any Enhanced Key Usage extension or property is present, it must
include the Server Authentication OID 1.3.6.1.5.5.7.3.1. If the Key Usage extension is present, it
must include DIGITAL_SIGNATURE.
n
Active, and not expired.
If you do not want to use your own certificates, you can have Installation Manager generate the Collector
and Enterprise certificates for you, select the Generate option during the installation.
If you install more than one Collector that will communicate with the same Agent(s), or if you plan to
replace or renew your certificates later, you must follow the special considerations to generate and select
certificates in VCM Installation Manager. See the Transport Layer Security Implementation for VCM white
paper on the Download VMware vCenter Configuration Manager Web site.
Understand Server Authentication
VCM supports Server Authentication, which is a method to authenticate the server to the client. In VCM
environments where TLS is used, VCM Agents verify the identity of the Collectors by using and verifying
certificates over HTTP.
The server typically authenticates a client or user by requiring information such as a user name and
password. When Server Authentication is used, the client or user verifies that the server is valid. To
accomplish this verification, the server provides a certificate issued by a trusted authority, such as Verisign.
If your client Web browser has the Verisign Certified Authority certificate in its trusted store, the Web
browser can trust that the server is actually the Web site you access.
vCenter Configuration Manager Installation and Getting Started Guide
14 VMware, Inc.