Deploy a proxy agent and worker in a different dom...

rchaubey · ‎07-30-2018

Hello expert ,

I have two domains one is my "A" and the other one my "B". In my "A" domain i have install the vra with two appliances two IAAS components servers. In my A environment every works perfect. Now I want to deploy a proxy agent and a worker in my "B" environment and connect it to my vra 7.3, is this possible without a trust of the domains? Does someone have a best practice guide for this or is it unsupported?

We i am trying to install getting below error message .

daphnissov · ‎07-30-2018

You can do this, but you must have a trust established. If you don't trust the other domain and vice versa, you can't login.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

rchaubey · ‎07-30-2018

Thank you for your update .....

I am Looking for multi tenant . I have same domain for VRA and IWS and IMS ( manage from ) and different domain for proxy agent agent and Dem worker (manage to). Manage to Domain manage by user and does not have trust other domain and vice versa.

do we have any option to resolve or shall i ask user to have trust between manage from and manage to domain and vice versa...

Please assist me on this request

Regards,

Randhir

GayathriS · ‎07-30-2018

Hi

Its one of the pre-requisites to have the agent on one of the domain trusted by the domain where we have our IAAS components installed.

This is been available in VRA 7.4 documentation if you are on VRA 7.4

Prerequisites

Verify that the machine where you install the agent is on a domain trusted by the domain where the IaaS components are installed.

rchaubey · ‎07-30-2018

thank you Gayathri,

I have vra 7.3 and on boarding multi tenant .

Regards,

Randhir

daphnissov · ‎07-30-2018

It has been a requirement forever, not just since 7.4. You need to have 2-way trust in order for that to be installed, otherwise there's no way for the components to be authenticated against the IaaS Manager/Web.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

rchaubey · ‎07-30-2018

Thank you so much for helping me ......

User ask me if do we have any KB or document for the same . Still I am searching it if i can get it .

Regards,

Randhir

daphnissov · ‎07-30-2018

From the 7.4 installation guide (yes, I know you're not on 7.4, but it's the same requirement):

Install the IaaS Components in a Distributed Configuration
The system administrator installs the IaaS components after the appliances are deployed and fully
configured. The IaaS components provide access to vRealize Automation Infrastructure features.
All components must run under the same service account user, which must be a domain account that has
privileges on each distributed IaaS server. Do not use local system accounts.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

rchaubey · ‎07-30-2018

I have one question here .

I am going to on board 5 different tenant and they have their own active directory. so My Manage from (vra Infra) Domain have to trust between manage to domain and vice versa for all 5 Doamin .

Please assist me if I am correct or not

daphnissov · ‎07-30-2018

At the very least you need to have a trust from the domain where you vRA café/IaaS are installed over to the service account running the DEM-W and vSphere Agent portions. So if your IaaS stack is running in DOMA and you have tenant s in DOMB, DOMC, and DOMD, then DOMA must trust DOMB, C, and D.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

rchaubey · ‎07-30-2018

thank you for your all help.

i will check with Ad team tomorrow and update you

All

Deploy a proxy agent and worker in a different domain

Prerequisites