09 janvier 2014
Howto: AD Authentication in vCenter SSO 5.5
With the recently released VMware vSphere 5.5, the component Single-Sign-On (SSO) has been completely rewritten. The biggest change is that the RSA database has been removed, which eliminates much of its complexity. There is also a new identity type (Active Directory (Integrated Windows Authentication)) that works without specifying the AD Controllers directly, like the old vSphere 4.x / 5.0 authentication. The whole process is much easier. This post shows how to enable Active Directory Authentication within the new vSphere 5.5... [Lire la suite]
26 juillet 2013
Multiple vCenter Servers, SSO, and How To Design for Failure
Internally within my company, there is usually a lot of discussion about how a customer goes about managing multiple vCenter servers. With the vSphere 5.1 addition of Single Sign-On (SSO), it dramatically complicates the design itself. This topic won't mean much for SMBs because you should be pretty well off with a single vCenter and SSO instance. This is primarily going to be focused on large enterprise designs.
WARNING::: these are MY design considerations and recommendations, use at your own risk. All depicted... [Lire la suite]
08 juillet 2013
Be carefull with VMware SSO Master password bug
This week I installed a fresh vSphere 5.1 Update 1 environment and I wanted to configure it will real world certificates to get rid of all those “Do you really really reeeeeally accept this insecure website” messages. Using the VMware SSL Certificate Automation Tool I generated all the new certificates and then started changing the certificate on the VMware SSO server. When doing this, you’ll be asked for the Master password. Since I learned a while ago in a very painful way that the Admin@System-domain password is not equal to... [Lire la suite]
30 avril 2013
ALERT: Login issue after updating to vCenter 5.1 Update 1
VMware has become aware of an issue that may occur after upgrading to vCenter Server 5.1 Update 1.
Specifically:
You are unable to log in using the vSphere Web Client or domain username/password credentials via the vSphere Client.
This issue can occur if the specified vCenter Server login domain user account is associated with a large number of domain groups and multiple domains are configured as SSO identity sources. The precise number of groups at which this issue can occur varies due to the nature of Active... [Lire la suite]
27 août 2012
RemoteApp- comment faire du SSO avec Remote DesktopService 2008 R2
A travers cet article, je vais tenter d’expliquer comment mettre en place le SSO (Single Sign On) pour l’utilisation de RemoteApp publiées sous RDS 2008 R2.
Pour les besoins de l’explication, je vais partir du principe que l’infrastructure en place est la suivante :
- 1 domaine : core.lab
- 1 ferme de 2 serveurs RDSH
o RDSH1.core.lab
o RDSH2.core.lab
Le nom de la ferme est RDFARM.core.lab
- 1 RD Connection Broker : RDCB.core.lab
- 1 RD Web Access : RDWA.core.lab
- 1 RD Gateway : RDGW : RDGW.core.lab
... [Lire la suite]
19 février 2012
RemoteApp- comment faire du SSO avec Remote DesktopService 2008 R2
A travers cet article, je vais tenter d’expliquer comment mettre en place le SSO (Single Sign On) pour l’utilisation de RemoteApp publiées sous RDS 2008 R2.
Pour les besoins de l’explication, je vais partir du principe que l’infrastructure en place est la suivante :
- 1 domaine : core.lab
- 1 ferme de 2 serveurs RDSH
RDSH1.core.lab
RDSH2.core.lab
Le nom de la ferme est RDFARM.core.lab
... [Lire la suite]