Automating vCAC Tenant Creation with vCO: Part 1 AD SSL

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too.

In parts 1 and 2 we will look at the AD requirements for a tenant. Since most organisations will likely use AD for authentication we will create the minimum users and groups required for a vCAC tenant in a structure that lends itself to further expansion.

In part 1 we will setup AD to accept requests via SSL. The AD plugin for vCO requires an SSL connection to a Domain Controller for any request that requires a password. For example creating a user or computer account, but not a group or an OU. Since we need to create some user accounts we will need to configure AD for SSL. (More on ways around this in a future post)

There are a number of different ways to go about this, so look into it properly for your own environment. There are various options with internal and external certificates, so find the best for your situation. Since this is in my lab and I only have one DC, I’m going to install AD Certificate Services on the DC and use an internal cert for the DC.

1) Ensure you have installed the AD Certificate Services role.

ADSSL00

2) Setup automatic certificates for computers in the Default Domain Controllers Group Policy

ADSSL01

ADSSL02

ADSSL03

ADSSL04

3) Check that your DC has been issued a certificate. Note: to speed this part up you may need a gpupdate /force and possibly also a reboot.

ADSSL05

4) You should also test that it is listening on port 636 for secure LDAP requests. You can use the built-in ldp.exe tool.

ADSSL06

ADSSL07

Now that we have that up and running, we can move onto Part 2 AD Users, Groups and OUs

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

One thought on “Automating vCAC Tenant Creation with vCO: Part 1 AD SSL

Comments are closed.