Using the vSphere SSO service as the SAML identity provider for the vCloud Director System organisation can be a more secure alternative to LDAP or a local account. When vCloud Director is federated with vCenter SSO, enables you to import system administrators from vSphere and this is required for VCAV to work properly. so let’s configure it.
Login to vCD as system admin user and navigate to Administration > System Settings > Federation and click on Metadata (3) and download Metadata. it will be like this
then go to vSphere and upload this downloaded vCD Metadata.
Choose the File downloaded by Clicking in “Import from File” which we have downloaded and click on “Import”. This will complete the the metadata import from vCD to vSphere.
Now we need to Download SSO metadata file and need to import to vCD. login to vSphere , Go to “Configuration” -> SAML Service Providers -> Click on “Download”
Go to vCD login with Administrator , then go “Administration” -> “Federation” -> Tick on “Use SAML Identity Provider” – > then Browse the File which we have downloaded in previous step – Click “Upload” and Click “Finish”
Once mutual metadata sharing is completed , on vCD go to Administrator -> Users -> Import Users – you will see new Source called “SAML”
Choose SAML and manually enter “email@example.com” and click ok.
and new user has been added to vCD with System administrator role.
logout and login with vSphere SSO credential like”firstname.lastname@example.org” and its password , it should be a successful login.
There is one more important setting that we need to do on vCD appliances , go to /opt/vmware/vcloud-director/etc/global.properties and add – extensibility.timeout=60.
This completes our vCD pre-requisite configuration , in the next post i will deploy cassandra and rabbitmq.