<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: LDAP SSL for vRealize Operations in VMware Aria Operations  Discussions</title>
    <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961468#M19339</link>
    <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;issue is when auto is used for host, if I chose server from dropdown it is offer me to accept cert. But with manual selection you are connected to only one DC, what happens if this DC does not work? How can it connect to second DC, do I need to add additional source? Why does it needs server cert and not root cert, which has longer life time? What happens when server cert expires?&lt;/P&gt;&lt;P&gt;Regards, Rok&lt;/P&gt;</description>
    <pubDate>Wed, 29 Mar 2023 06:41:05 GMT</pubDate>
    <dc:creator>Rok_P</dc:creator>
    <dc:date>2023-03-29T06:41:05Z</dc:date>
    <item>
      <title>LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961337#M19336</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;I would like to configure secure LDAP connection, but when SSL is checked, I get:&lt;BR /&gt;Test unsuccessful for ldap: dc01.&amp;lt;domain&amp;gt; Reason: Certificate is missing or invalid. Importing CA certificate may resolve the issue.&lt;BR /&gt;Test unsuccessful for ldap: dc02.&amp;lt;domain&amp;gt; Reason: Certificate is missing or invalid. Importing CA certificate may resolve the issue.&lt;BR /&gt;Test unsuccessful for ldap: dc03.&amp;lt;domain&amp;gt; Host Unreachable. Reason: SocketTimeoutException: connect timed out&lt;/P&gt;&lt;P&gt;LDAP without SSL is working.&lt;/P&gt;&lt;P&gt;In manual is said: You do not need to install the SSL/TLS certificate. Instead, vRealize Operations prompts you to view and verify the thumbprint, and accept the LDAP server certificate - but this never happens&lt;BR /&gt;&lt;A href="https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.config.doc/GUID-B978F4AB-91D8-4993-8B8E-E5426687C2C7.html" target="_blank"&gt;https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.config.doc/GUID-B978F4AB-91D8-4993-8B8E-E5426687C2C7.html&lt;/A&gt;&lt;/P&gt;&lt;P&gt;I have configured HTTPS and hoped when root certificate from signed CA will be in keystore it will help, but issue is still persistent. I have not found any way I could import CA certificate using GUI or in SSH session. Can you please advice how to forwards.&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Tue, 28 Mar 2023 12:55:46 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961337#M19336</guid>
      <dc:creator>Rok_P</dc:creator>
      <dc:date>2023-03-28T12:55:46Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961339#M19337</link>
      <description>&lt;P&gt;&lt;a href="https://communities.vmware.com/t5/user/viewprofilepage/user-id/5616266"&gt;@Rok_P&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;I believe this issue is related to the Domain Controllers not having the proper LDAPs configuration set and the dc03 is actually failing to connect. You need to check that your certificate includes the domain controllers in it.&lt;/P&gt;</description>
      <pubDate>Tue, 28 Mar 2023 13:00:04 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961339#M19337</guid>
      <dc:creator>Lalegre</dc:creator>
      <dc:date>2023-03-28T13:00:04Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961386#M19338</link>
      <description>&lt;P&gt;Hello,&lt;BR /&gt;&lt;BR /&gt;Please follow the below articles, I hope this will help. Thanks.&lt;BR /&gt;&lt;BR /&gt;&lt;A href="https://thesleepyadmins.com/2021/02/14/install-and-configure-vrealize-operations-manager-8-2-part-3-ad-authentication/" target="_blank" rel="noopener"&gt;https://thesleepyadmins.com/2021/02/14/install-and-configure-vrealize-operations-manager-8-2-part-3-ad-authentication/&lt;/A&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;A href="https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.core.doc/GUID-5B5BC860-128C-4A87-9BEA-2711FB68412C.html#:~:text=Enter%20the%20vRealize%20Operations%20Manager%20local%20administrator%20password%20and%20click,button%20to%20activate%20the%20setting" target="_blank" rel="noopener"&gt;https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.core.doc/GUID-5B5BC860-128C-4A87-9BEA-2711FB68412C.html#:~:text=Enter%20the%20vRealize%20Operations%20Manager%20local%20administrator%20password%20and%20click,button%20to%20activate%20the%20setting&lt;/A&gt;.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;&lt;SPAN class=""&gt;Regards,&lt;BR /&gt;Jayendra&amp;nbsp;&lt;BR /&gt;&lt;BR /&gt;Note:&amp;nbsp;I have recently started my blogs please review and give your feedback so that I can improve&lt;BR /&gt;Link:&amp;nbsp; &lt;A class="" title="https://www.vrealizeworld.net/" href="https://www.vrealizeworld.net/" target="_blank" rel="noreferrer noopener"&gt;https://www.vrealizeworld.net/&lt;/A&gt;&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 28 Mar 2023 16:25:25 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961386#M19338</guid>
      <dc:creator>ramajay12345</dc:creator>
      <dc:date>2023-03-28T16:25:25Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961468#M19339</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;issue is when auto is used for host, if I chose server from dropdown it is offer me to accept cert. But with manual selection you are connected to only one DC, what happens if this DC does not work? How can it connect to second DC, do I need to add additional source? Why does it needs server cert and not root cert, which has longer life time? What happens when server cert expires?&lt;/P&gt;&lt;P&gt;Regards, Rok&lt;/P&gt;</description>
      <pubDate>Wed, 29 Mar 2023 06:41:05 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961468#M19339</guid>
      <dc:creator>Rok_P</dc:creator>
      <dc:date>2023-03-29T06:41:05Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961608#M19340</link>
      <description>&lt;P&gt;&lt;a href="https://communities.vmware.com/t5/user/viewprofilepage/user-id/5616266"&gt;@Rok_P&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;This manual selection works with all the DCs?&lt;/P&gt;</description>
      <pubDate>Wed, 29 Mar 2023 18:14:55 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961608#M19340</guid>
      <dc:creator>Lalegre</dc:creator>
      <dc:date>2023-03-29T18:14:55Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961685#M19341</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;It does not work for dc3 - will need to review, but whole concept is strange, based on the last post I wrote.&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Thu, 30 Mar 2023 06:25:10 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961685#M19341</guid>
      <dc:creator>Rok_P</dc:creator>
      <dc:date>2023-03-30T06:25:10Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961993#M19349</link>
      <description>&lt;P&gt;&lt;a href="https://communities.vmware.com/t5/user/viewprofilepage/user-id/5616266"&gt;@Rok_P&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;As mentioned before by&amp;nbsp;&lt;a href="https://communities.vmware.com/t5/user/viewprofilepage/user-id/3690803"&gt;@ramajay12345&lt;/a&gt;, follow the steps here:&amp;nbsp;&lt;A href="https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.core.doc/GUID-5B5BC860-128C-4A87-9BEA-2711FB68412C.html#:~:text=Enter%20the%20vRealize%20Operations%20Manager%20local%20administrator%20password%20and%20click,button%20to%20activate%20the%20setting" target="_blank"&gt;https://docs.vmware.com/en/vRealize-Operations/8.6/com.vmware.vcom.core.doc/GUID-5B5BC860-128C-4A87-9BEA-2711FB68412C.html#:~:text=Enter%20the%20vRealize%20Operations%20Manager%20local%20administrator%20password%20and%20click,button%20to%20activate%20the%20setting&lt;/A&gt;&lt;/P&gt;&lt;P&gt;If you check on Step 10, it mentions importing the SSL Certificate, and that the PEM certificate can be modified to have not only the ROOT but each of the DCs. Essentially if you are load-balancing LDAPs authentication it should work automatically.&lt;/P&gt;</description>
      <pubDate>Fri, 31 Mar 2023 14:54:17 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2961993#M19349</guid>
      <dc:creator>Lalegre</dc:creator>
      <dc:date>2023-03-31T14:54:17Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962034#M19351</link>
      <description>&lt;P&gt;Do you have the .pem CA chain certs that vrops and the dc use imported into certificates?&amp;nbsp; That way it will auto-accept certs when the dc changes or any other adapters that use the same chain.&lt;/P&gt;&lt;P&gt;E.g. vROps has cluster cert of &lt;A href="https://vrops.local.net" target="_blank"&gt;https://vrops.local.net&lt;/A&gt;&lt;/P&gt;&lt;P&gt;local.net CA chain:&lt;/P&gt;&lt;P&gt;root ca&lt;/P&gt;&lt;P&gt;intermediate ca&lt;/P&gt;&lt;P&gt;issuing ca&lt;/P&gt;&lt;P&gt;Import root, intermediate and issuing CA .pem certs.&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="FredGSanford_0-1680284591822.png" style="width: 400px;"&gt;&lt;img src="https://communities.vmware.com/t5/image/serverpage/image-id/100827i42C1F3A61A30EC5D/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="FredGSanford_0-1680284591822.png" alt="FredGSanford_0-1680284591822.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Fri, 31 Mar 2023 17:47:25 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962034#M19351</guid>
      <dc:creator>FredGSanford</dc:creator>
      <dc:date>2023-03-31T17:47:25Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962175#M19352</link>
      <description>&lt;P&gt;Hi.&lt;BR /&gt;&lt;BR /&gt;- Apologies for the delay in response.&lt;/P&gt;&lt;P&gt;- Based on my experience we can add a DC and if the DC is not working then we need to manually update the new DC details, accept the thumbprint and save.&lt;/P&gt;&lt;P&gt;- Suggestion: - I would suggest enable VIDM authentication.&lt;/P&gt;</description>
      <pubDate>Mon, 03 Apr 2023 04:57:26 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962175#M19352</guid>
      <dc:creator>ramajay12345</dc:creator>
      <dc:date>2023-04-03T04:57:26Z</dc:date>
    </item>
    <item>
      <title>Re: LDAP SSL for vRealize Operations</title>
      <link>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962176#M19353</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;Blog: &lt;A href="https://thesleepyadmins.com/2021/02/14/install-and-configure-vrealize-operations-manager-8-2-part-3-ad-authentication/" target="_blank"&gt;https://thesleepyadmins.com/2021/02/14/install-and-configure-vrealize-operations-manager-8-2-part-3-ad-authentication/&lt;/A&gt;&lt;/P&gt;&lt;P&gt;Once you accept the thumbprint automatically the Certificate will appear in /Administration/Certificates section.&lt;/P&gt;&lt;P&gt;We don't need to import the certificate manually.&lt;/P&gt;</description>
      <pubDate>Mon, 03 Apr 2023 04:55:24 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Aria-Operations/LDAP-SSL-for-vRealize-Operations/m-p/2962176#M19353</guid>
      <dc:creator>ramajay12345</dc:creator>
      <dc:date>2023-04-03T04:55:24Z</dc:date>
    </item>
  </channel>
</rss>

