You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-vmware/configure-external-identity-source-nsx-t.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Set an external identity source for VMware NSX
3
3
description: Learn how to use Azure VMware Solution to set an external identity source for VMware NSX.
4
4
ms.topic: how-to
5
5
ms.service: azure-vmware
6
-
ms.date: 3/29/2024
6
+
ms.date: 3/26/2026
7
7
ms.custom:
8
8
- engagement-fy23
9
9
- sfi-image-nochange
@@ -14,20 +14,20 @@ ms.custom:
14
14
15
15
In this article, learn how to set up an external identity source for VMware NSX in an instance of Azure VMware Solution.
16
16
17
-
You can set up NSX to use an external Lightweight Directory Access Protocol (LDAP) directory service to authenticate users. A user can sign in by using their Windows Server Active Directory account credentials or credentials from a third-party LDAP server. Then, the account can be assigned an NSX role, like in an on-premises environment, to provide role-based access for NSX users.
17
+
You can set up NSX to use an external Lightweight Directory Access Protocol (LDAP) directory service to authenticate users. A user can sign in by using their Windows Server Active Directory account credentials or credentials from a non-Microsoft LDAP server. Then, the account can be assigned an NSX role, like in an on-premises environment, to provide role-based access for NSX users.
18
18
19
19
:::image type="content" source="media/nsxt/azure-vmware-solution-to-ldap-server.png" alt-text="Screenshot that shows NSX connectivity to the LDAP Windows Server Active Directory server." lightbox="media/nsxt/azure-vmware-solution-to-ldap-server.png":::
20
20
21
21
## Prerequisites
22
22
23
23
- A working connection from your Windows Server Active Directory network to your Azure VMware Solution private cloud.
24
24
- A network path from your Windows Server Active Directory server to the management network of the instance of Azure VMware Solution in which NSX is deployed.
25
-
- A Windows Server Active Directory domain controller that has a valid certificate. The certificate can be issued by a [Windows Server Active Directory Certificate Services Certificate Authority (CA)](https://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx) or by a [third-party CA](/troubleshoot/windows-server/identity/enable-ldap-over-ssl-3rd-certification-authority).
25
+
- A Windows Server Active Directory domain controller that has a valid certificate. The certificate is issued by a [Windows Server Active Directory Certificate Services Certificate Authority (CA)](https://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx) or by a [third-party CA](/troubleshoot/windows-server/identity/enable-ldap-over-ssl-3rd-certification-authority).
26
26
27
27
We recommend that you use two domain controllers that are located in the same Azure region as the Azure VMware Solution software-defined datacenter.
28
28
29
29
> [!NOTE]
30
-
> Self-signed certificates are not recommended for production environments.
30
+
> Self-signed certificates aren't recommended for production environments.
31
31
32
32
- An account that has Administrator permissions.
33
33
- Azure VMware Solution DNS zones and DNS servers that are correctly configured. For more information, see [Configure NSX DNS for resolution to your Windows Server Active Directory domain and set up DNS forwarder](configure-dns-azure-vmware-solution.md).
@@ -41,7 +41,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
41
41
42
42
:::image type="content" source="media/nsxt/configure-nsx-t-pic-1.png" alt-text="Screenshot that shows NSX Manager with the options highlighted.":::
43
43
44
-
1. Enter values for **Name**, **Domain Name (FQDN)**, **Type**, and **Base DN**. You can add a description (optional).
44
+
1. Enter values for **Name**, **Domain Name (FQDN)**, **Type**, and **Base DN**. You can add a description (optional).
45
45
46
46
The base DN is the container where your user accounts are kept. The base DN is the starting point that an LDAP server uses when it searches for users in an authentication request. For example, **CN=users,dc=azfta,dc=com**.
47
47
@@ -61,7 +61,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
61
61
|**Port**| Leave the default secure LDAP port. |
62
62
|**Enabled**| Leave as **Yes**. |
63
63
|**Use Start TLS**| Required only if you use standard (unsecured) LDAP. |
64
-
|**Bind Identity**| Use your account that has read permissions to directory. For example, `<[email protected]>`. |
64
+
|**Bind Identity**| Use your account that read permissions to directory. For example, `<[email protected]>`. |
65
65
|**Password**| Enter the password for the LDAP server. This password is the one that you use with the example `<[email protected]>` account. |
0 commit comments