2,187
edits
m (minor updates) |
(Added "Active Directory Integration") |
||
Line 65: | Line 65: | ||
{|cellpadding="4" cellspacing="0" border="1" | {|cellpadding="4" cellspacing="0" border="1" | ||
|- style="background-color:#ee4444;" | |- style="background-color:#ee4444;" | ||
! Be aware that there is a bug in the vFoglight interface, every time you edit the form you must re-enter the password information | ! Be aware that there is a bug in the vFoglight interface, every time you edit the ''Configure Directory Services'' form you must re-enter the password information | ||
|- | |- | ||
|} | |} | ||
# Create service account on GMI domain | |||
#* EG for DTCP-VIRFOGV01 create <code> -sVFOGDTCP-VIRFOGV01 </code> using something like | |||
#* <code> dsadd user "cn=-sVFOGDTCP-VIRFOGV01, cn=Users, dc=gmi, dc=dtc, dc=reuint, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no </code> | |||
# Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Configure Directory Services''' | |||
# Configure AD integration using the table below, leave all other fields as is | |||
# Kick start AD integration | |||
#* Log out of the vFoglight interface, then log in as a GMI domain user (ie yourself). The login should partially succeed, and you should receive a error message like | |||
#* ''You logged in as user 123456 and do not have access to the application.'' | |||
#* If not, check the latest ManagementServer log at <code> .\Program Files\vizioncore\vFoglight\logs\ </code> and attempt to resolve. | |||
# Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Manage Groups''' | |||
# You should see both local (Built-In and Internal) groups, and External (from the AD domain). | |||
# Give VI Admins login access to vFoglight | |||
#* Highlight the '''VI Administrators''' group, and click on '''Edit Roles''' button. | |||
#* Add all roles to the group and save. | |||
#* Test by logging out of vFoglight and logging back in as a domain user | |||
{|cellpadding="4" cellspacing="0" border="1" | |||
|- style="background-color:#bbddff;" | |||
! Field !! Description !! Example | |||
|- | |||
| Nearest LDAP server || Primary Domain Controller || <code> ldap://dtcp-gmiadsc01.gmi.dtc.reuint.com:389/ </code> | |||
|- | |||
| Secondary LDAP server URL || Secondary Domain Controller || <code> ldap://dtcp-gmiadsc02.gmi.dtc.reuint.com:389/ </code> | |||
|- | |||
| Distinguished name of the service account || vFoglight server's Service Account || <code> CN=-sVFOGDTCP-VIRFOGV01,CN=Users,DC=gmi,DC=dtc,DC=reuint,DC=com </code> | |||
|- | |||
| Password || vFoglight Service Account password || ''Password for -sVFOGDTCP-VIRFOGV01'' | |||
|- | |||
| LDAP query prefix || Query prefix for user a/c finding || <code> CN= </code> | |||
|- | |||
| LDAP query suffix || Query suffix for user a/c finding, note the leading ''',''' || <code> ,DC=gmi,DC=dtc,DC=reuint,DC=com </code> | |||
|- | |||
| The scope(s) to search for groups || Where to look for domain user groups || <code> DC=gmi,DC=dtc,DC=reuint,DC=com </code> | |||
|- | |||
| The LDAP context for user searching || Where to look for domain users || <code> DC=gmi,DC=dtc,DC=reuint,DC=com </code> | |||
|- | |||
|} | |||
= Troubleshooting = | = Troubleshooting = |