VMware Cloud Community
vmproteau
Enthusiast
Enthusiast

How does the initial SSO identity source browse the Active Directory Tree

I understand that the orginal identity source is automatically configured to use "Authentication type" reuse session. When I add additional identity sources it seems I need to use password.

Just trying to determine specfically what account is being used to browse the tree for the original identify source. I think I read somewhewre it uses the machine account but, I wanted to verify and perhaps get more detail on that specific process.

Reply
0 Kudos
2 Replies
JCMorrissey
Expert
Expert

Hi,

So not sure if its the admin account you used on first configuration of SSO

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=204137...

If you unsure of what the master password is for that account take a look at the link enclosed in the thread below

Did you see http://communities.vmware.com/message/2205417 

Many tx

Please consider marking as "helpful", if you find this post useful. Thanks!... http://johncmorrissey.wordpress.com/
vmproteau
Enthusiast
Enthusiast

Thanks for the links. I suspect it's the machine account that is used to create the initial AD identity source. I just haven't found documentation confirming it.

With respect to creating a 2nd Secure LDAP identity source, does anyone know if the certificate exported from the primary Domain Controller sufficient to cover the whole Domain (i.e. will the LDAPS identity source still function properly with the secondary Domain Controller while the primary is down).

Reply
0 Kudos