Recently, I’m preparing for some design and pilot materials for a client on VMware Horizon View and this sort of make me ponder about tools to use to monitor or even benchmark VDI environments. Common names come into thought like LoginVSI (I’m going to test this out soon), Liquidware Stratusphere etc comes into mind. Hey we should not forget native tools from VMware itself right like VCOPs for Horizon View? 🙂 I’ve been testing out VCOPs for vSphere for a while and domain authentication is of the simplest form by enabling users on the roles and you are pretty much done. In VCOPs for View adapter, it requires the custom UI and this certainly is not as straight-forward as the vSphere UI for VCOPs. There’s some customisation to be done but it’s not that difficult with the correct tool used. In this example, I’m going to use Active Directory as an example. People using things like OpenLDAP, it’s a lot easier to understand since for OpenLDAP you need to know the directory structure from Day 1 when you set it up. For Active Directory it may not be as direct but with a tool called ADSI, this will certainly help.
So here are the steps to enable Active Directory Authentication using ADSI in the process to identify some parameters that you are going to use.
Note that this configuration is only available in custom dashboard so only Advanced and Enterprise editions will have this function at the moment for vCOPs 5.8.x.
Steps to add an Active Directory User to VCOPs Custom UI
- Install ADSI if you are unfamiliar with how to get the Directory Objects in Active Directory. This tool will help. Follow the instructions here to install ADSI edit. (assuming you are using Windows 2008 R2)
- Once you installed ADSI, you should see ADSI in your Administrative Tools section. Click Start / Administrative Tools / ADSI Edit.
- You should then see this. In the picture below, you see 2 boxes, the Red and the Blue. Take note of the values. The Red represents your domain in the form of DC=<YourDomainName>,DC=<TLD> whereas Blue represents the Organisational Unit that your users accounts reside. In this case, I’m using Users OU as an example.
- Now after taking down the values, proceed to launch your VCOPs Custom UI @ http://<VCOPS UI IP Address>/vcops-custom. Login using your admin credentials for VCOPs as usual.
- Go to the admin tab and a drop down box should appear. Click Security.
- You should then see the screen below. Click on the icon as shown and that should bring you to the LDAP configuration page.
- This screen shows you the default screen to add the LDAP configuration as well as to add users once you are done with the LDAP configuration. Click on Add link besides Ldap Host Drop down box.
- Remember the values you’ve previously took down in your Red / Blue boxes? You can now use them here. Input the values as per below.
LDAP Host Name: <Your domain controller FQDN or IP Address>
Port: Enter 389
SSL: Leave untick
Username Field: userprinciplename
Base DN: Blue Box + Red Box eg <CN=Users,DC=DOMAINNAME,DC=COM> (Remember the commas)
Username: <Enter your domain admin credentials>
Password: <Enter your domain admin credentials>
AutoSync: Leave Tick
**** Leave the rest of the fields blank ****
- You should have a screen like this.
- Click OK and you should be back to the Import Users screen. Click on Lookup button and you should be presented with the AD Groups like below. Expand using the + sign and choose the respective users accounts and assign the roles for VCOPs. Afterwhich you should see the users accounts are assigned to the roles as per screen below.
- Logout of the default VCOPs admin account and login using <user_account>@domainname.com.
That’s pretty much the steps! Pretty simple actually. I hope the steps above will help you in your configuration. Enjoy!