vRealize Business 7.1 Standalone installation with VMware Identity Manager

With the new version of vRealize Business 7.1 released on 23 August they finally made it possible to install vRB standalone without using vRealize Automation which is great, however you still need to connect vRB to a VMware Identity Manager to authenticate. Below are the steps to follow to configure both vRB and vIDM.

Prerequisites:

  • DNS A record for vIDM server (unable to create the database in configuration wizard if using IP Address in browser)
  • DNS A record for vRB.

Steps:

  1. Deploy both vIDM and vRB appliances. Not going to go into details here since this is pretty straight forward.
  2. After deployment is completed and appliance is up and running.
  3. Browse (https) to vIDM FQDN, which will give a configuration wizardScreen Shot 2016-08-24 at 12.04.16 PM
  4. Set passwordScreen Shot 2016-08-24 at 12.04.41 PM
  5. Set DatabaseScreen Shot 2016-08-24 at 12.05.25 PM
  6. Finish
  7. Login to vRB VAMI (https://FQDN:5480)
    1. Register with viDM. (admin username)Screen Shot 2016-08-24 at 12.47.55 PM
    2. Verify registration successful.
  1. Next step is to provide local admin user access to vRB
    1. Open a webpage to vIDM
    2. Login with admin/password
    3. Select Users and Groups
    4. Screen Shot 2016-08-24 at 1.06.52 PM
    5. Select VCBM_ALL
    6. Select Users in this group
    7. Click Modify users in this group
    8. Screen Shot 2016-08-24 at 1.07.23 PM
    9. Check box for “Additional specific Users”
    10. Type “admin”, press Enter
    11. Select Admin, Local (Admin@local Users)
    12. Next
    13. Save
  2. Provide domain user access to vRB.
    1. Open a webpage to vIDM
    2. Login with admin/<password>
    3. Select Identity & Access Management
    4. Select Directories
    5. Click “Add Directory” -> Add Active Directory over LDAP/IWA
    6. Screen Shot 2016-08-25 at 8.30.47 AM
    7. Select either Active Directory of LDAP or Active Director (Integrated Windows Authentication)Screen Shot 2016-08-25 at 8.32.06 AM
    8. (Option 1) If you select AD over LDAP:
      1. If you AD does not support DNS service Location then uncheck the box and specify your AD server.
      2. Specify Bind User details:
      3. In the Base DN field, enter DN from which to start account searches
      4. OU=department,DC=domain,DC=com
      5. In the Bind DN field, enter the account that can search for users
      6. CN=Users,OU=department,DC=domain,DC=com.
    9. (Option 2) If you select AD Integrated Windows Authentication
      1. Enter domain name
      2. Enter Domain Admin username
      3. Enter Domain password
      4. Enter Domain authenticated Bind User UPN (user@domain.com)
      5. Save & Next
  3. Select the Domains you want associated with AD connection.
  4. Map user attributes
  5. Screen Shot 2016-08-25 at 8.41.45 AM
  6. Select the groups you want to sync
    1. CN=users,DC=example,DC=company,DC=com
    2. Screen Shot 2016-08-25 at 8.42.28 AM
  7. Select the users you want to sync
    1. CN=username,CN=users,DC=example,DC=company,DC=com
    2. Screen Shot 2016-08-25 at 8.47.20 AM
  8. Review the users and groups.
  9. Click Sync Directory
  10. Open a webpage to VRB.
    1. Login with Admin
    2. Enter serial number
    3. Select Administration tab
    4. Select Manage Private Cloud Connections -> vCenter Server
      1. Click Plus (+) button on right.
      2. Screen Shot 2016-08-25 at 8.52.42 AM
    5. Enter vCenter server information
    6. Screen Shot 2016-08-25 at 8.53.02 AM
    7. Select Update Reference Database
      1. Click Run Automatic Update if you have internet access. (If greyed out then might be on latest version or verify internet connectivity)
      2. Verify the following ports are open on firewall
        1. Port 443, which connects to https://vrb-hub.vmware.com/manualupdate/welcome#/
        2. Port 22, which connects to SaasFTP.digitalfuel.com
  11. Complete

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s