Setup
Using VMware Tools
The Service Account being used for the vCenter endpoint needs to be a member of the SystemConfiguration.Administrators group in vCenter (Administration > Single Sign-On > Users and Groups).
VMware Cloud on AWS
Enable connectivity for VM tools for VMware Cloud on AWS and VM tools support
- Establish a VPN between the MGW (Management Network) and CGW (Customer Network)
- Open port 443 from the firewall
This allows Guest Operations API
Add SovLabs vCenter Endpoint
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add SovLabs vCenter Endpoint vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add SovLabs vCenter Endpoint
Field | Value |
---|---|
Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
Version |
Choose the appropriate vCenter version |
Platform Service Controller (FQDN) |
Shown when 'Version' is 6+ Type in the PSC FQDN |
Is the PSC embedded on the vCenter server? |
Shown when 'Version' is 6+ Select if the PSC embedded on the vCenter server |
vCenter hostname (FQDN) |
Text input if 'Version' is less than 6. Auto-generated list in dropdown if 'Version' 6+ Type in or select the appropriate vCenter server FQDN |
Credential Configuration for vCenter Endpoint | |
Create credential? |
Check the checkbox to create a new credential. |
Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
Password |
Shown when 'Create credential?' is checked User's password |
Add Microsoft Endpoint
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add Microsoft Endpoint vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add Microsoft Endpoint
A Windows 2012 R2 jump server or domain controller that is utilized by the SovLabs plugin for a target AD, DNS, and/or IPAM server
Field | Value |
---|---|
Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
Connection type |
Connection method to connect to the target or proxy Microsoft server. Click here to use VMware Tools |
vCenter Endpoint |
Shown when 'Connection type' is Select an existing SovLabs vCenter Endpoint where the Microsoft server VM resides in |
VM name as it appears in vCenter |
Shown when 'Connection type' is Type in the VM name of the Microsoft AD server as it appears in vCenter *VM name is case sensitive! |
Is a jump server? |
Jump servers are limited to Choose whether or not to utilize a jump server to make remote commands to the target AD server |
Hostname |
Shown when 'Connection type' is not Microsoft AD server (FQDN or IP Address) |
Jump server |
Shown when 'Connection type' is not Jump server FQDN or IP Address for the target Microsoft AD server |
Remote server |
Shown when 'Is a jump server?' is checked Type in the target Microsoft AD server |
Uses non-standard port? |
Shown when 'Is a jump server?' is checked Was the |
Port |
Shown when 'Uses non-standard port?' is checked Port number |
Credential Configuration for Microsoft Endpoint | |
Create credential? |
Check the checkbox to create a new credential. |
Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
Username |
Shown when 'Create credential?' is checked Username that has necessary permissions () |
Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key |
SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
Advanced | |
Temporary directory where scripts will be placed |
Optional If not provided, will default to |
Share path for temporary directory to access |
Define if administrative shares are not available Type in |
Add Active Directory Configuration
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add Active Directory Configuration vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add Active Directory Configuration
Field | Value |
---|---|
Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
Microsoft Endpoint(s) |
Select all the Microsoft Endpoints configured for Active Directory |
Computer name case |
Select whether the computer names added in AD should be uppercase or lowercase |
Build OU | |
Use Build OU? |
The Build OU does not create the parent OU(s), the parent OU(s) must already exist. If checked, the VM (during vRA lifecycle machineBuilding) will be placed in an interim OU (Build OU) Once the VM has finished building and provisioning, the VM will be moved/placed in the [final] OU *If you configure the profile to use the Build OU, the AD machineBuilding workflow will create the object in the specified OU (Build OU). The move to the final OU does not happen until AD MachineProvisioned |
Build OU |
DN format ActiveDirectory Organizational Unit (OU) for VMs to join prior to completing provisioning |
Create Build OU? |
Check the checkbox to create the Build OU if it does not exist |
Remove Build OU? |
Check the checkbox to remove the Build OU when it is empty and no children exist |
OU | |
OU |
DN format ActiveDirectory Organizational Unit (OU) for VMs to join |
Create OU? |
Check the checkbox to create the OU if it does not exist |
Remove OU? |
Check the checkbox to remove the OU when it is empty and no children exist |
Security Group(s) | |
AD Security Group(s) |
DN format List any/all Security Group(s) for server to join |
Advanced | |
Delete computer accounts based on computer name? |
Check the checkbox to find computer account and remove it from AD, regardless of what OU it is in |