The vCAC 6.0 Identity Appliance (IA) is an integral component of vCAC and a very welcomed addition. The vCAC 6.0 IA will be the first component of the new vCAC 6.0 Suite that is deployed in your environment. If you don’t already have the vCAC 6.0 Identity Appliance you can download from the VMware Downloads page.
Identify Appliance Features
The identity appliance gives vCAC some newly added benefits and features that with regards to authentication and supporting multiple directory services. Some of these features include:,/p>
- Multiple AD Provider Support per tenant
- Multiple LDAP Service Providers per tenant
- Single Sign-On Capabilities
- Allows for the portal to now have the much sought after logout button
The appliance is delivered as an ova or ovf whichever you prefer. I will be walking through the installation using the ova version. In this tutorial we will do the following:
- Import the vCAC 6.0 Identity Appliance OVA to vCenter
- Configure the vCAC 6.0 Identity Appliance for use
Importing the vCAC 6.0 Identity Appliance OVA to vCenter
*Note: I’m using the VI Client in my example however the import can also be performed using the Web Client as well.
1. In the VI CLient go to “File “Deploy OVF Template””
2. Use the “Browse Button” and locate the OVA fileon yoru ocmputer and click “Next”
4. Click “Accept” and then click “Next“.
5. Name the VM, select the folder you would like to place it in and select “Next“.
6. Choose a “Cluster/Host“, and then click “Next“.
7. Choose a “Resource Pool“, and then click “Next“.
8. Choose a “Datastore“, and then click “Next“.
9. Click Next.
10. Choose a “Network“, and then click “Next“.
11. Fill in all the information for the appliance. Use the FQDN for the hostname. CLick Next.
12. Click “Finish”.
Configuring the vCAC 6 Identity Appliance
13. Navigate to https://FQDN:5480 in your web browser and login as “root” with the “password” you set during deployment.
14. Once you are logged in select “Time Zone” and set the “System Time Zone” to your location and click “Save Settings”
15. Select the “Network” tab and verify that your networking configuration is correct.
16. Select the “SSO” tab. Set a password for the default “System Domain” You can change the “System Domain“, but it “MUST NOT” be a domain that is in use in your environment. Click “Apply” when done. (*Note: The system domain is used to grant you access to the vCAC6 portal to manage tenant creation.
17. The “SSO” Initialization can take a few minutes. Once complete you will see “SSO is initialized“. Don’t do anything until it has finished!
18. Once “SSO” is initialized click the “Host Settings” menu item. Here you will put in the “FQDN” of the “vCAC6 Identity Server” with the port 7444 like “FQDN:7444“. Click “Apply”
19. Next we need to generate or import a certificate. In this example we will be generating a certificate. In the “Common Name” filed it’s important that the name is the FQDN of the vCAC 6 Identity Server that we are configuring. You can input the rest of the fileds with what’s relevant for your environment and then click “Generate Certificate”
20. Once you see “SSL Certificate is created successfully” the configuration of the vCAC Identity Server is complete.