Active Directory Configuration AD over LDAP
VIDM (VMware IDentity manager) supports below three types of Directory integration.
1) Active Directory Over LDAP/IWA
2)Active Directory Over LDAP
3) Add Local User Directory (creates local Directory)
We will see which type of directory integration is recommended and how to configure the same.
1) Active directory Over LDAP / IWA
Depending on the complexity of Active directory structure. If Directory structure is single domain single forest then we should go for Active Directory Over LDAP
If its a single Forest multiple domain Structure IWA is recommended.
IF directory is a LDAP directory Use LDAP directory Option.
Lets see one by one how to configure these directory types
A) AD over LDAP
identity & access management Add Directory Go to and select ADD Active Directory Over LDAP/IWA.click
Provide a name to your directory,Select A sync connector, Scroll down to see more options
select Active Directory over LDAP
Select Yes for Authentication , this means this connector will do sync as well as do authentication for the portal.
Select samaccountname for directory Search attribute option
keep default for server location and scroll down for more options.
if active directory require connection to be over SSL we should paste SSL from DC here and use it over secure channel.
Select a Base DN a Bind DN and a password .
Base DN : This is location of users and groups in Active Directory
Bind DN : This is any user who is part of directory with / without out any special permissions.
click Save and Next
Make sure directory is listed click Next
Next page is Map User Attributes here we have to make sure mentioned attributes are selects and mapping of those attributes are correct as per Directory. Keep default hit Next..
Specify location of DN and click find groups to select groups you want to sync from dirctory location click Next
Specify user DNs, VIDM will sync users form all specified locations. click Next
next Page will show stats of users and groups to be synced after directory parameters specified click Sync Directory
click identity & Access Management to see newly added directory has been synced.
users from newly added directories can now login to portal.
this is how we configure Active directory Over LDAP. for IWA configuration Click here