Foglight LDAP Group Integration for Virtualization Administrators

A customer recently asked if it was possible for Foglight to integrate with Active Directory.  To take it a step further, use the Member(s) of a existing Active Directory Group to access Foglight and when the Group Member(s) login, they can only see VMware related dashboards.

In Foglight,

Go-To Administration ->Users & Security Management -> Configure Directory Services

  • Edit and Enter the Location of the Nearest and Secondary LDAP server URLs
  • Edit and Enter the Settings (screenshots below)

          - The comma is required at the beginning of the LDAP query suffix.

          - Use the second and/or third group namespace(s) if your Groups are nested at that layer.

          - Always enter and confirm the password when making changes to Settings.

  • Distinguished name of the service account

          - This can be any account that has 'Read-Access' to Active Directory

  •  This is a view of my Active Directory Group and Members

  • LDAP query suffix
  • The scope(s) to search for groups
  • The LDAP context for user searching

 

  • Now, lets test by logging in with one of the Member(s) in the Active Directory Group

  •  The error below is By-Design because the User nor the Active Directory Group has any Roles to access Foglight.

  •  Login to Foglight using the Administrator Account

           - Go-To Administration -> Users & Security Management -> User Management -> Groups -> LDAP Groups...

           - You will see the Group imported from Active Directory 

           - Select the Group and 'Add Groups to be visible'

 

  • Assign the Active Directory Group the (6) Roles below.

  • Now, lets have 'eduardk' attempt to login again.
  • 'eduardk' logged in successfully and has access to the VMware Dashboards.

  • Now, have the remaining users in the LDAP Group, test logging into Foglight.
  • In Foglight (User Management), you will be able to see the User(s), Group(s) and Role(s).

 

For more information, visit our Foglight for Virtualization product page.

About the Author
Corey.Rivers
Corey Rivers is a Virtualization Systems Consultant for Quest, specializing in Infrastructure Performance Monitoring.