After setting up your View environment, you must set up your VMware Identity Manager environment before integrating pod federations with the service.

You have a username and password with the rights to join the Active Directory domain that is used with View. For more information about the rights required to join a domain, see "Integrating with Active Directory" in Installing and Configuring VMware Identity Manager.

1

Verify that the attribute userPrincipalName in the VMware Identity Manager User Attributes page is marked required.

a

In the administration console, click the Identity & Access Management tab.

b

Click Setup and select the User Attributes tab.

c

If the Required checkbox for the userPrincipalName attribute is not selected, select it.

Important

You must do this before you create the VMware Identity Manager directory. User attributes cannot be changed to required after the directory is created.

2

Sync the users and groups that have global or local entitlements in your View environment from Active Directory to the VMware Identity Manager service through directory sync.

a

To view current users and groups, click the Users & Groups tab.

b

Select the Identity & Access Management > Directories tab.

c

Select the appropriate directory.

d

Modify the directory settings if needed, and click Sync Now.

3

If applicable, establish a connection to multi-domains or trusted multi-forest domains in Active Directory. See Installing and Configuring VMware Identity Manager for information.

4

Join the VMware Identity Manager directory to the same Active Directory domain as View.

a

Click the Identity & Access Management tab.

b

Click Setup and select the Connectors tab.

c

Click Join Domain next to the appropriate directory.

d

Type the information for the Active Directory domain and click Join Domain. Do not use non-ASCII characters when you enter your domain information.

Option

Description

Domain

Type the fully qualified domain name of the Active Directory. For example, hs.example.com.

Note

The Active Directory FQDN must be in the same domain as the View Connection Server instances. Otherwise, your deployment fails.

Domain User

Type the username of an account in Active Directory that has permissions to join systems to that Active Directory domain.

Domain Password

Type the password associated with the AD Username. This password is not stored by VMware Identity Manager.

e

Verify that VMware Identity Manager and the View servers are joined to the same domain.