You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-vmware/configure-identity-source-vcenter.md
+14-14Lines changed: 14 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -53,26 +53,26 @@ First, verify that the certificate used for LDAPS is valid.
53
53
54
54
1. Sign in to a domain controller with administrator permissions where LDAPS is enabled.
55
55
56
-
1. Open the **Run command**, then type **mmc** and click the **OK** button.
57
-
1.Click the **File** menu option then **Add/Remove Snap-in**.
58
-
1. Select the **Certificates** in the list of Snap-ins and click in the **Add>** button.
59
-
1. In the **Certificates snap-in** window, select **Computer account** then click **Next**.
60
-
1. Keep the first option selected **Local computer...** , and click **Finish** then **OK**.
56
+
1. Open the **Run command**, type **mmc** and select the **OK** button.
57
+
1.Select the **File** menu option then **Add/Remove Snap-in**.
58
+
1. Select the **Certificates** in the list of Snap-ins and select the **Add>** button.
59
+
1. In the **Certificates snap-in** window, select **Computer account** then select**Next**.
60
+
1. Keep the first option selected **Local computer...** , and select **Finish**, and then **OK**.
61
61
1. Expand the **Personal** folder under the **Certificates (Local Computer)** management console and select the **Certificates** folder to list the installed certificates.
62
62
:::image type="content" source="media/run-command/ldaps-certificate-personal-certficates.png" alt-text="Screenshot showing displaying the list of certificates." lightbox="media/run-command/ldaps-certificate-personal-certficates.png":::
63
63
64
-
1. Double click on the certificate for LDAPS purposes. The **Certificate** General properties will display. Ensure the certificate date **Valid from** and **to** is current and the certificate has a **private key** that correspond to the certificate.
64
+
1. Double click the certificate for LDAPS purposes. The **Certificate** General properties will display. Ensure the certificate date **Valid from** and **to** is current and the certificate has a **private key** that corresponds to the certificate.
65
65
:::image type="content" source="media/run-command/ldaps-certificate-personal-general.png" alt-text="Screenshot showing the properties of the certificate." lightbox="media/run-command/ldaps-certificate-personal-general.png":::
66
-
1. On the same windows, click on the **Certification Path** tab and verify the **Certification path** is valid, which it should include the certificate chain of root CA and optionally intermediate certificates and the **Certificate Status** is OK. Close the window.
66
+
1. On the same window, select the **Certification Path** tab and verify that the **Certification path** is valid, which it should include the certificate chain of root CA and optionally intermediate certificates and the **Certificate Status** is OK. Close the window.
67
67
:::image type="content" source="media/run-command/ldaps-certificate-cert-path.png" alt-text="Screenshot showing the certificate chain." lightbox="media/run-command/ldaps-certificate-cert-path.png":::
68
68
69
69
Now proceed to export the certificate
70
70
71
-
1. Still on the Certificates console, right click on the LDAPS certificate and click on **All Tasks** > **Export**. The Certificate Export Wizard will prompt then click on **Next** button.
71
+
1. Still on the Certificates console, right select the the LDAPS certificate and click on **All Tasks** > **Export**. The Certificate Export Wizard prompt is displayed, select the **Next** button.
72
72
73
-
1. In the **Export Private Key** section, select the 2nd option, **No, do not export the private key** and click on the **Next** button.
74
-
1. In the **Export File Format** section, select the 2nd option, **Base-64 encoded X.509(.CER)** and click on the **Next** button.
75
-
1. In the **File to Export** section, click on the **Browse...** button and select a folder location where to export the certificate, enter a name then click on the **Save** button.
73
+
1. In the **Export Private Key** section, select the 2nd option, **No, do not export the private key** and se;ect the **Next** button.
74
+
1. In the **Export File Format** section, select the 2nd option, **Base-64 encoded X.509(.CER)** and then select the **Next** button.
75
+
1. In the **File to Export** section, select the **Browse...** button and select a folder location where to export the certificate, enter a name then select the **Save** button.
76
76
77
77
>[!NOTE]
78
78
>If more than one domain controller is LDAPS enabled, repeat the export procedure in the additional domain controller(s) to also export the corresponding certificate(s). Be aware that you can only reference two LDAPS server in the `New-LDAPSIdentitySource` Run Command. If the certificate is a wildcard certificate, for example ***.avsdemo.net** you only need to export the certificate from one of the domain controllers.
@@ -87,7 +87,7 @@ Now proceed to export the certificate
87
87
> Make sure to copy each SAS URL string(s), because they will no longer be available once you leave the page.
88
88
89
89
> [!TIP]
90
-
> Another alternative method for consolidating certificates is saving the certificate chains in a single file as mentioned in [this VMware KB article](https://kb.vmware.com/s/article/2041378), and generate a single SAS URL for the file that contains all of the certificates.
90
+
> Another alternative method for consolidating certificates is saving the certificate chains in a single file as mentioned in [this VMware KB article](https://kb.vmware.com/s/article/2041378), and generate a single SAS URL for the file that contains all the certificates.
91
91
92
92
## Configure NSX-T DNS for resolution to your Active Directory Domain
93
93
@@ -196,9 +196,9 @@ You'll run the `Get-ExternalIdentitySources` cmdlet to list all external identit
196
196
197
197
198
198
## Assign additional vCenter Server Roles to Active Directory Identities
199
-
Once you added an external identity over LDAP or LDAPS you can assign vCenter Server Roles to Active Directory security groups based on your organization's security controls.
199
+
After you've added an external identity over LDAP or LDAPS you can assign vCenter Server Roles to Active Directory security groups based on your organization's security controls.
200
200
201
-
1. After you sign in to vCenter Server with cloud admin privileges, you can select an item from the inventory click**ACTIONS** menu and select **Add Permission**.
201
+
1. After you sign in to vCenter Server with cloud admin privileges, you can select an item from the inventory, select**ACTIONS** menu and select **Add Permission**.
202
202
203
203
:::image type="content" source="media/run-command/ldaps-vcenter-permission-assignment-1.png" alt-text="Screenshot displaying hot to add permission assignment." lightbox="media/run-command/ldaps-vcenter-permission-assignment-1.png":::
0 commit comments