Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Documentation

Skip to end of metadata
Go to start of metadata

Introduction to vCenter SSO

VMware 5.1 ships with a new module to handle single sign-on authorization in vCenter installations. There are three deploy modes of this module, and two of them do not allow authentication with local SO user database, which is how we usually manage logins with Abiquo.

Multisite/HA SSO deploy mode authentications must be done against local-domain VMware database, LDAP or Active Directory.
Abiquo supports authentication:
  • with a user account belonging to the local domain database.
  • SSO configured with LDAP or AD

Configure SSO in vCenter

It is not possible to add SSO from a vSphere client, so you will have to log in from the vSphere web client, https://<vcenter_ip>:9443/vsphere-client. 
 
  1. Ensure that chosen username is not locked. vCenter will lock any username with consecutive failed login attempts. Abiquo may have locked the user if it was not properly configured with consecutive logon attempts.
  2. If required add a new user for Abiquo. On the Administration menu / SSO Users and Groups use the form to add accounts to the system-domain under the Users tab.
  3. On the vCenter side, you will have to add permissions to the created user on each ESXi host you are going to manage with Abiquo. On vCenter Menu / Hosts and Clusters menu.  

Configure vCenter SSO Properties

In the abiquo.properties file, specify your username in the format "username@domain" in lowercase, for example:

 

abiquo.dvs.vcenter.user = vdc@system-domain

Please note the format of the username, it must be username@domain. Username in domain\username format is not allowed