VMware Cloud Community
baber
Expert
Expert
‎06-15-2019 09:43 PM
Jump to solution

how can join vcsa 6.7 to active directory after vcsa installation

Dear all

Hi

i have installed my vcsa 6.7 with dns (without active directory) but today i want join it to windows active directory

I did these steps :

Administration/ Configuration / Active Directory domain tab  and finally click on join AD

but in the new windows i can see attach pic where do i had to insert IP address of active directory server ?

BR

Please mark helpful or correct if my answer resolved your issue.
24 Replies
daphnissov
Immortal
Immortal
‎06-16-2019 12:12 PM
Jump to solution

So did you go read the official product documentation? Or try it out yourself as an experiment? Anything to attempt to answer your questions?

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
IRIX201110141
Champion
Champion
‎06-16-2019 01:43 PM
Jump to solution

Primary URL  should be  ldap://20.20.20.50:389

If you only have one Windows Domain Controller just leave secondary url empty.  You need a LDAP connect user so i suggest to create a special AD account not not using the Windows AD Administrator.

Regards

Joerg

0 Kudos
baber
Expert
Expert
‎06-16-2019 10:06 PM
Jump to solution

thanks

but could not find any straightforward document about LDAP configuration in vcsa such as :

Name

Base distinguished name for users

Base distinguished name for groups

would you please say what do i had to set these parameters ?

My active directory server ip address is 20.20.20.50

and my domain name is salam.com

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
0 Kudos
HassanAlKak88
Expert
Expert
‎06-16-2019 10:42 PM
Jump to solution

For LDAP, try to follow the below:

pastedImage_1.png


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
IRIX201110141
Champion
Champion
‎06-16-2019 11:01 PM
Jump to solution

A distinguished name (DN) is something like a Path and represent the way how your directory service looks like and where a given element is located. The DN is used to reduce the number of location and speed up the search when VCSA is try to fetch the User/Group Informations. So when only providing the root DN your entire Windows AD the search take some longer time. Think about a company with 100k user and remote offices around the planet.

Your root DN most likely looks like "dc=salem, dc=com" and the rest depends how you have named the Windows AD OU where you have your AD User and Groups placed into.  The windows GUI can display the distinguished name if you enable "Adv. features" first and than take a look to the properties of the OU (you will get an extra tab than).

Btw. thats not vSphere specifc knowledge... its simple LDAP know how.

Regards

Joerg

0 Kudos