VMware Cloud Community
ferexderta
Enthusiast
Enthusiast

vcenter ldaps

I use vcenter 6.7 U3. Our windows admin has posted an announcement. LDAPS will become mandatory with new updates on Windows servers. Therefore, all systems must be transitioned to LDAPS. I have no idea how to configure it and how can I do it. Can you tell the advantages and disadvantages? how did you do it when you switched to ldpas structure. I added the picture of the current vcenter configuration

 

Reply
0 Kudos
6 Replies
sjesse
Leadership
Leadership

Once its configured you really shouldn't see any difference, watch the video here for help. Basically you need to get AD certificate thats being used from ldaps, and then just configure the indentiy source.

 

 

https://kb.vmware.com/s/article/2041378

Reply
0 Kudos
ferexderta
Enthusiast
Enthusiast

The domain controller update is not done at this time. Do I do before the update or later. Is it important?

thanks 

Reply
0 Kudos
sjesse
Leadership
Leadership

All thats important is the ports are open and you have the certificate. If you don't provide the certificate it won't let you configure ldaps, you'll get an error

Reply
0 Kudos
jburen
Expert
Expert

I wrote a blog post about that: https://configmgr.nl/index.php/2020/10/12/using-ldaps-with-vcenter-and-ad/

You only have to create the certificate for your Domain Controller(s) if they don't have one already.

But you could continue using IWA. That still works and IWA doesn't use LDAP.

 

Consider giving Kudos if you think my response helped you in any way.
Reply
0 Kudos
sjesse
Leadership
Leadership

I'm  not sure I'd enable IWA if your looking at this now, IWA is deprecated in future versions, so I'd configure it correctly now if you can.

 

https://kb.vmware.com/s/article/78506

Reply
0 Kudos
jburen
Expert
Expert

I would not start using IWA either, but at the moment the OP is already using it...

Consider giving Kudos if you think my response helped you in any way.
Reply
0 Kudos