1.2.0
Table Of Contents
- Lifecycle Manager Installation and Configuration Guide
- Contents
- About This Book
- Introducing LCM
- Installing and Configuring Orchestrator
- Orchestrator Components Setup Guidelines
- Install Orchestrator
- Configuring Orchestrator
- Check Configuration Readiness
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Revert to the Default Password for Orchestrator Configuration
- Configure the Network Connection
- Change the Default Configuration Ports on the Orchestrator Client Side
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Change the Web View SSL Certificate
- Define the Server Log Level
- Maintenance and Recovery
- Controlling Orchestrator Access
- Installing and Configuring LCM
- Installing LCM
- Configuring LCM
- Check Configuration Readiness
- Initial Configuration of Lifecycle Manager
- Configure the LCM Web View
- Set Approval Requirements
- Configure Archiving Settings
- Change Authorization Groups
- Change the Naming Convention for Virtual Machines
- Enable Email Notifications
- Configure Email Notification Content
- Configure Currency and Date Formats
- Upgrading Orchestrator and LCM
- Uninstall LCM and Orchestrator
- Index
9 (Optional) Select the Use SSL check box to activate encrypted certification for the connection between
Orchestrator and LDAP.
If your LDAP uses SSL, you must first import the SSL certificate and restart the Orchestrator Configuration
service. See “Import the LDAP Server SSL Certificate,” on page 35.
10 (Optional) Select the Use Global Catalog check box to allow LDAP referrals when the LDAP client is
Active Directory.
The LDAP server look up port number changes to 3268. Orchestrator follows the LDAP referrals to find
users and groups in a subdomain that is part of the Active Directory tree to which Orchestrator is
connected. You can add permissions on any groups that can be accessed from your Global Catalog.
Example 6-1. Example Values and Resulting LDAP Connection URL Addresses
n
LDAP host: DomainController
n
Port: 389
n
Root: ou=employees,dc=company,dc=org
Connection URL: ldap://DomainController:389/ou=employees,dc=company,dc=org
n
LDAP host using Global Catalog: 10.23.90.130
n
Port: 3268
n
Root: dc=company,dc=org
Connection URL: ldap://10.23.90.130:3268/dc=company,dc=org
What to do next
Assign credentials to Orchestrator to ensure its access to the LDAP server. See “Specify the Browsing
Credentials,” on page 36.
Import the LDAP Server SSL Certificate
If your LDAP server uses SSL, you can import the SSL certificate file to the Orchestrator configuration interface
and activate secure connection between Orchestrator and LDAP.
SSL capabilities are not installed as part of Microsoft Active Directory and Sun Java Directory Server, and
require more configuration. For instructions about configuring your LDAP server for SSL access, see third-
party documentation.
Prerequisites
n
Verify that SSL access is enabled on the LDAP server.
n
Obtain a self-signed server certificate or a certificate that is signed by a Certificate Authority.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Network.
3 In the right pane, click the SSL Certificate tab.
4 Browse to select a certificate file to import.
5 Click Import.
A message confirming that the import is successful appears.
Chapter 6 Configuring Orchestrator
VMware, Inc. 35