Introduction

This document provides step-by-step instructions for configuring vCenter using the Octopus LDAP service as an identity source. The Octopus Authentication LDAP service provides the ability to integrate any service or application that supports LDAP by adding the Octopus Authentication bind to an Enterprise LDAP Repository (e.g., Active Directory).

Solution Overview

In this setup, user authentication for vCenter is configured to use the Octopus Authentication Server LDAP service. This service allows the Octopus Authentication Server to act as an LDAP Proxy and perform authentication against the LDAP Repository (e.g., Active Directory). The Octopus Authentication LDAP service replaces the direct connection to the LDAP Repository Server and performs Octopus Authentication instead of the legacy Username & Password mechanism. (Octopus Authentication can also be configured as MFA.)

The Octopus Authentication LDAP service supports both LDAP and LDAPS connections.

Prerequisites

Before beginning the integration, make sure the following requirements are met:

  • There is a deployed, operational instance of vCenter.
  • Octopus Authentication Server version 4.8.4 is installed and operational.
  • Your corporate directory (e.g., Active Directory, Oracle, Zimbra, etc.) is integrated with the Octopus Server and users have been added.
     For details about directory integration, refer to Appendix C: Configuring the LDAP Identity Source.
  • For LDAPS only: Certificates have been copied to the required locations.
    For more information, refer to Appendix B: Managing LDAPS Certificates.