In this blog post, I am going to cover the setup of the Active Directory integration with vRealize Automation using LDAPS.
Cloud Assembly supports integration with Active Directory servers to provide out of the box creation of computer accounts in a specified Organizational Unit (OU) within an Active Directory server prior to provisioning a virtual machine.
Note: to join to AD within the Guest OS, you can use CloudConfig properties or vSphere CustomizationSpec.
The VMware official documentation doesn’t really call out LDAPS configuration, only LDAP. So after helping a customer configure this, I thought I’d quickly write something up.
To get started, login into vRealize Automation and select Cloud Assembly.
Installing the ADMT software + Password Migration Service
Creating a user list for migration
Migrating User objects + Passwords between AD Forests
Create connectivity between both AD Forests
There must be IP network connectivity between the DC’s in your Forests.
You need to configure conditional forwarders between your forests, so they can resolve one another.
On the source domain controller;
Open up the DNS console, and right click the Conditional Forwarder folder to create a new record.
Enter your target domain name and IP address/es of your domain controllers in the target domain. Select “store this conditional forwarder in active directory”, to replicate to other DCs in the source domain.