VCP7-CMA – Objective 2.2

Disclaimer: These are my notes from taking the 2V0-731 exam. If something doesn’t make sense, please feel free to reach out.

The goal of this objective is to understand how to manage the Active Directory (or another user authentication solution) synchronisation within vRealize Automation. Short objective this one.

Objective 2.2 – Create and Manage Directories

References

Directories are synchronised using a connector through an identity provider, vIDM built into vRA by default. As it is the connector that binds to AD, each provider has it’s own connector.

User attributes are synchronised into the internal identity provider and authenticated there rather than directly with AD.

Active Directory can be added one of two ways:

The directory needs to be created in the default tenant before being able to add it into the additional tenants. Login and go to Administration – Directories Management, Directories, add, fill in details.

When adding users, it will pick up nested groups. So add the OU containing all the groups & choose which groups to sync.

If groups are added to the directory, they will need adding to the synchronisation.

One gotcha I found was that my netbios name wasn’t in capitals so I was received an invalid user error message (that for some reason I didn’t write down). I used rendom to rename the domain & capitalise the netbios name. I have done this in production once, and it was seamless, still made me nervous though.

To check on the health of the synchronisation, open up the directory from Directories Management and view the Sync Log.

The information above was enough to get me through the exam, but there is much more detail in the documentation.