Table 4
‑
1.
Add Identity Source Settings (Continued)
Field
Description
User Principal Name
Name of a user who can authenticate with this identity
source. Use the email address format, for example,
[email protected]. You can verify the User Principal
Name with the Active Directory Service Interfaces Editor
(ADSI Edit).
Password
Password for the user who is used to authenticate with this
identity source, which is the user who is specified in User
Principal Name. Include the domain name, for example,
Active Directory LDAP Server and OpenLDAP Server Identity Source Settings
The Active Directory as an LDAP Server identity source is available for backward compatibility. Use the
Active Directory (Integrated Windows Authentication) option for a setup that requires less input. The
OpenLDAP Server identity source is available for environments that use OpenLDAP.
Table 4
‑
2.
Active Directory as an LDAP Server and OpenLDAP Settings
Field
Description
Name
Name of the identity source.
Base DN for users
(Optional) Base domain name for users.
Domain name
FDQN of the domain, for example, example.com. Do not
provide an IP address in this field.
Domain alias
The domain's NetBIOS name. Add the NetBIOS name of
the Active Directory domain as an alias of the identity
source if you are using SSPI authentications.
Base DN for groups
(Optional) The base domain name for groups.
Primary Server URL
Primary domain controller LDAP server for the domain.
Use the format ldap://hostname:port or
ldaps://hostname:port. The port is typically 389 for ldap:
connections and 636 for ldaps: connections. For Active
Directory multi-domain controller deployments, the port is
typically 3268 for ldap: connections and 3269 for ldaps:
connections.
A certificate that establishes trust for the LDAPS endpoint
of the Active Directory server is required when you use
ldaps:// in the primary or secondary LDAP URL.
Secondary server URL
(Optional) Address of a secondary domain controller
LDAP server that is used for failover.
Username
ID of a user in the domain who has a minimum of read-
only access to Base DN for users and groups.
Password
Password of the user who is specified by Username.
Assign Permissions in the vSphere Web Client
After you create users and groups and define roles, you must assign the users and groups and their roles to
the relevant inventory objects. You can assign the same permissions at one time on multiple objects by
moving the objects to a folder and setting the permissions on the folder.
Prerequisites
Permissions.Modify permission on the parent object of the object whose permissions you want to modify.
Chapter 4 Installing vCenter Server
VMware, Inc.
89
Summary of Contents for VS4-ENT-PL-A - vSphere Enterprise Plus
Page 6: ...vSphere Installation and Setup 6 VMware Inc ...
Page 8: ...vSphere Installation and Setup 8 VMware Inc ...
Page 10: ...vSphere Installation and Setup 10 VMware Inc ...
Page 28: ...vSphere Installation and Setup 28 VMware Inc ...
Page 70: ...vSphere Installation and Setup 70 VMware Inc ...
Page 100: ...vSphere Installation and Setup 100 VMware Inc ...
Page 122: ...vSphere Installation and Setup 122 VMware Inc ...
Page 138: ...vSphere Installation and Setup 138 VMware Inc ...