Joining a Platform Service Controller to the AD Domain (vCSA 6.0)

Pls check my previous blog on PSC , F5 PSC LB and vCSA installation and configuration.In this blog we can see the PSC AD configuration.

In vCSA 6.0 the way we connect the AD is changed when compare to the older version. To join the AD in 6.0 VMware  included the Infrastructure node configuration which is part of the Platform Service controller.

When we have more that one PSC in the Load Balacer configuration then we have to configure the AD in all the PSC so that if active PSC is down still we can login to the other PSC.

Before configuring the AD make sure the Time Synchronization and naming  is correct between the PSC and AD.

Login to the Web-Client with SSO Username and Password.

Navigate to Administration – Deployment – System Configuration.

l2ed 9itled

Select the Platform Service Controller and go to Manage –
Active Directory.

Click join

e45d9d

 

0ed

Once the authentication is provided then make sure to reboot the PSC and when booted we can see the AD configuration.

01ed

Make the same changes to the other PSC node also and in case if we are having issue on adding AD to the PSC and getting the below error then we need to activate the agent directly by login in to the PSC.

56ed

-ed

Login to the PSC SSH : /opt/likewise/bin/domainjoin-cli join domain username

Provide the AD password to join the domain.

Once it shows SUCCESS then reboot the PSC node.

Note it wont show the domain in GUI AD option like other PSC but still it is authenticated with the AD domain.

Another way to add the Domain is to by login to the Https://FQDNPSC/PSC

Provide the administrator@domain.local \ password

Go to the Appliance Settings.

Click Manage

Add Active Directory.

ssgo1

After the AD configuration is completed in PSC , Go to the Single Sign-On – Configuration – Identity Sources.

Click on Add symbol +

Ung

Before adding the AD Domain in PSC it will show the below message .

3led

Select the first option Active Directory ( Integrated Windows Authentication ) and in the Domain Name we can see the AD Domain which we added in the PSC.

Ungg

Next we have to add the appropriate AD Groups and the Users to the roles we want to access the VC.

Go to Global Permissions.

Und

Ungd

Click Add.

Select the AD Domain.

Search the User or Group

Un43

Also if you want to login directly with your domain user without adding the domainname in the username credentials , make the domain as default so it will allow directly AD user without domain name.

aad

Once user is added then try to login in to the webclient using the AD user.

Advertisements
This entry was posted in Platform Services Controller (PSC ), vCSA 6.0, VMware and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s