HOWTO: Configure the VMware Identity Appliance for vRealize Automation 6.x

This post is a part of a series of posts for preparation for the VCAP6-CMA Deploy exam.  For the full exam prep resources check here.

Prerequisites

Configuration Overview

The high level configuration steps for this appliance are:

  1. Connect to the Identity Appliance VAMI
  2. Configure the Time/NTP settings
  3. Confirm the Network Settings
  4. Configure the SSO Administrator Password
  5. Configure the SSO Hostname
  6. Configure the SSL Certificate
  7. Join the Identity Appliance to Active Directory

Step by Step Instructions

Connect to the Identity Appliance VAMI

Using a web browser, navigate to VAMI of the Identity Appliance (https://identity-appliance.fqdn:5480)

Click Advanced and then click Proceed to identity-appliance.fqdn (unsafe).

Enter root into the User name text field and the password for the root account into the Password text field. Click Login.

Configure the Time / NTP Settings

Click the Admin Tab and then the Time Settings Tab.

Select Use Time Server from the Time Sync. Mode dropdown and enter the time server(s) in the text field(s) and click Save Settings.

Confirm the Network Settings

Click the Network Tab to confirm the network settings of the Identity Appliance are correct.

(If the settings are incorrect, click the Address Tab, update the relevant settings, click Save Settings and then reboot the appliance).

Configure the SSO Administrator Password

Click the SSO Tab.

Enter the desired admin password into the Admin Password and Repeat password text fields and click Apply.

Configure the SSO Hostname

Click the Host Settings Tab.

Confirm the name of Identity Manager Host is correct in the SSO Hostname field and click Apply.

Configure the SSL Certificate

Click the SSL Tab

From the Choose Action dropdown, select Import PEM encoded certificate.

Copy the entire contents of the Private key file into the RSA Private Key text field (including -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----).

Copy each SSL certificate the Certificate Chain into the Certificate Chain text field (including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines).

Note: The certificate chain should be Appliance SSL -> (if applicable) Subordinate CA SSL -> Root CA SSL.

Click Apply Settings.

Join the Identity Appliance to Active Directory

Click the Active Directory Tab.

Enter the Domain into the Domain Name text field, the user into the Domain User text field and the password into the Password text field. Click Join AD Domain.

(Note: the user detailed here is only required to add the Identity Appliance to AD so that Integrated Windows Authentication can occur)


Click Logout user root.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.