A customer recently asked if it was possible for Foglight to integrate with Active Directory. To take it a step further, use the Member(s) of a existing Active Directory Group to access Foglight and when the Group Member(s) login, they can only see VMware related dashboards.
In Foglight,
Go-To Administration ->Users & Security Management -> Configure Directory Services
- Edit and Enter the Location of the Nearest and Secondary LDAP server URLs
- Edit and Enter the Settings (screenshots below)
- The comma is required at the beginning of the LDAP query suffix.
- Use the second and/or third group namespace(s) if your Groups are nested at that layer.
- Always enter and confirm the password when making changes to Settings.
- Distinguished name of the service account
- This can be any account that has 'Read-Access' to Active Directory
- This is a view of my Active Directory Group and Members
- LDAP query suffix
- The scope(s) to search for groups
- The LDAP context for user searching
- Now, lets test by logging in with one of the Member(s) in the Active Directory Group
- The error below is By-Design because the User nor the Active Directory Group has any Roles to access Foglight.
- Login to Foglight using the Administrator Account
- Go-To Administration -> Users & Security Management -> User Management -> Groups -> LDAP Groups...
- You will see the Group imported from Active Directory
- Select the Group and 'Add Groups to be visible'
- Assign the Active Directory Group the (6) Roles below.
- Now, lets have 'eduardk' attempt to login again.
- 'eduardk' logged in successfully and has access to the VMware Dashboards.
- Now, have the remaining users in the LDAP Group, test logging into Foglight.
- In Foglight (User Management), you will be able to see the User(s), Group(s) and Role(s).
For more information, visit our Foglight for Virtualization product page.