Orchestrator must read your LDAP structure to inherit its properties. You can specify the credentials that Orchestrator uses to connect to an LDAP server.

Ensure that you have a working LDAP service in your infrastructure and have generated the LDAP connection URL.


Log in to the Orchestrator configuration interface as vmware.


Click LDAP.


Specify the primary and secondary LDAP hosts, the lookup port of the LDAP server, and the root element.


Type a valid user name (LDAP string) in the User name text box for a user who has browsing permissions on your LDAP server.

The possible formats in which you can specify the user name in Active Directory are as follows:

Bare user name format, for example user.

Distinguished name format: cn=user,ou=employees,dc=company,dc=org.

Use this format with Sun and eDirectory. Do not use spaces between the comma and the next identifier.

Principal name format: user@company.org.

NetBEUI format: COMPANY\user.


In the Password text box, type the password for the user name you entered in Step 4.

Orchestrator uses the credentials to connect to the LDAP server.

Define the LDAP containers for Orchestrator to look up users and groups.