Hi there,
after I successfully attach the vCenter 5.5 (VCLA) to our LDAP I need help regarding the permission and group configuration.
One problem is that all users there are in the base DN container can successful connect to the vCenter.
But we need that only users there are in a special LDAP-usergroup(vCenter-Admins) can connect to the vCenter.
Q1: Where I can configure that ?
Another Problem is that I can not browse the users in the -Single Sign On / Users and Groups / Domain (LDAP)
-->Error: Invalid principal:
Q2: Where can I configure the principal ? It must be the special LDAP-usergroup(vCenter-Admins)
Thnaks a lot !
How did you connect the vCenter to an LDAP group. Did you use MS AD version of LDAP or Linux ?
Hi,
we are using Novell eDirectory and we configured OpenLDAP in vSphere 5.5
Greetings
*T
So you need some flavor of windows, you cant integrate vCenter 5.5 with like Open source LDAP, can you ?
Shafay2000,
"So you need some flavor of windows, you cant integrate vCenter 5.5 with like Open source LDAP, can you ?"
Yes. The instructions say you can.
when you add a source, it's the default "source type"
tbbochum
I got the same thing. I'm going to look at setting up ldap as it's a sles box at it's heart. Is this something you've tried ?
Phiney
ok, i've learn't something important.
all users in your ldap search container(s) need a uniqueID. even serveradmin and OESCommonProxy_server users
I think each affected user comes up on the web console or just tailf /storage/log/vsphere-client/logs/vsphere_client_virgo.log.
I also have it "seeing" the edirectory users by turning on SLES ldap settings (yast ldap). So i'm going to check if i can get one of them to work. the normal openldap identity source should be the one of choice though
phiney.
FYI,
using the openLDAP configuration of the user source and ldaps// works.
p
