This post is a part of a series of posts for preparation for the VCAP6-CMA Deploy exam. For the full exam prep resources check here.
The high level configuration steps for this appliance are:
- Connect to the Identity Appliance VAMI
- Configure the Time/NTP settings
- Confirm the Network Settings
- Configure the SSO Administrator Password
- Configure the SSO Hostname
- Configure the SSL Certificate
- Join the Identity Appliance to Active Directory
Step by Step Instructions
Connect to the Identity Appliance VAMI
Using a web browser, navigate to VAMI of the Identity Appliance (https://identity-appliance.fqdn:5480)
Click Advanced and then click Proceed to identity-appliance.fqdn (unsafe).
Enter root into the User name text field and the password for the root account into the Password text field. Click Login.
Configure the Time / NTP Settings
Click the Admin Tab and then the Time Settings Tab.
Select Use Time Server from the Time Sync. Mode dropdown and enter the time server(s) in the text field(s) and click Save Settings.
Confirm the Network Settings
Click the Network Tab to confirm the network settings of the Identity Appliance are correct.
(If the settings are incorrect, click the Address Tab, update the relevant settings, click Save Settings and then reboot the appliance).
Configure the SSO Administrator Password
Click the SSO Tab.
Enter the desired admin password into the Admin Password and Repeat password text fields and click Apply.
Configure the SSO Hostname
Click the Host Settings Tab.
Confirm the name of Identity Manager Host is correct in the SSO Hostname field and click Apply.
Configure the SSL Certificate
Click the SSL Tab
From the Choose Action dropdown, select Import PEM encoded certificate.
Copy the entire contents of the Private key file into the RSA Private Key text field (including
-----BEGIN RSA PRIVATE KEY----- and
-----END RSA PRIVATE KEY-----).
Copy each SSL certificate the Certificate Chain into the Certificate Chain text field (including the
-----BEGIN CERTIFICATE----- and
-----END CERTIFICATE----- lines).
Note: The certificate chain should be Appliance SSL -> (if applicable) Subordinate CA SSL -> Root CA SSL.
Click Apply Settings.
Join the Identity Appliance to Active Directory
Click the Active Directory Tab.
Enter the Domain into the Domain Name text field, the user into the Domain User text field and the password into the Password text field. Click Join AD Domain.
(Note: the user detailed here is only required to add the Identity Appliance to AD so that Integrated Windows Authentication can occur)
Click Logout user root.