vCenter Hyperic – Active Directory Authentication

It’s been a while since I last blogged. Recently I’m re-implementing my home labs vCenter Hyperic server from my open source version and I decided to go for Active Directory Authentication since I’ve also upgrade my domain to Windows 2012 R2 server with Domain Functional at Windows 2008.

I hope these instructions will help someone out there just like what I’ve did for VCOPs authentication (see here) as I realised the information on how-to do this is rather sparse or almost nil online.

Steps

1. Using the instructions for my VCOPs Active Directory post here, you can get your Active Directory details to be input into Hyperic. Now keep those information handy. Let’s move on to the next step.

2. Login to your Hyperic Portal at http://<hyperic_ipadd>:7080 (Do not tick “Use my organization authentication” yet). Login and click on Administration Tab and you should see HQ Server Settings in section HQ Server Settings as below. Click on it.

hyperic-01-main hyperic-01

3. Scroll down and you should see the options for LDAP authentication as below:

hyperic-02

This is where you will input your details from your Active Directory details gathering in Step 1. Input the details as below:

Use LDAP Authentication: Ticked
URL:
 ldap://<IPAdd or FQDN>:389/
Username: Enter the full CN pathing of your domain admin; eg. CN=Administrator,CN=Users,DC=EXAMPLE,DC=COM
Search Base: Enter the CN pathing of your users or if you don’t mind, you can start from root; eg, CN=Users,DC=EXAMPLE,DC=COM
Login Property: sAMAccountName
Group Search Base: Enter the CN pathing of your user groups or if you don’t mind, you can start from root; eg, DC=EXAMPLE,DC=COM
Group Search Filter: (member={0})
Password: <Enter your domain admin credentials for account specified above>

**** Leave the rest of the fields as default ****

4. Click on the OK button to save. Logout and tick “Use my organization authentication” tick box and key in your username (without the domain, just username alone) and password to login. You will be prompt for every first time to give details. Enter the relevant details and you should be given base rights.

5. To give administration rights to specific users, go to Administration Tab, under Authentication/Authorization section, click on List Roles

hyperic-04_20140915144222

For simplicity sake, I will be assigning the user to the Super User Role which is also the administrator role. You can create and customise roles accordingly instead. Click on Super User Role as shown above.

6. Under Assigned Users, click on Add to List button.

hyperic-05

7. You should see your new user. Click on the arrow button in the center to add the user to the list. Click OK to save.

hyperic-06

That’s it. Logout and login again to check on the permissions given and functions that you can access.

 

Hope these steps are clear enough. I’ve a few more blog post coming up for setting some monitoring on services for Hyperic. Stay tuned!

 

Leave a Reply

* Copy This Password *

* Type Or Paste Password Here *

18,384 Spam Comments Blocked so far by Spam Free Wordpress