OpenManage Integration for VMware vCenter Version 4.3

Creating connection profile

Prerequisites

Before using the Active Directory credentials with a connection profile, ensure that:
  • The Active Directory user’s account exist in Active Directory.
  • The iDRAC and host are configured for Active Directory based authentication.

About this task

A connection profile stores the iDRAC and host credentials that OMIVV uses to communicate with the Dell EMC servers. Each Dell EMC server must be associated with a connection profile to be managed by OMIVV. You might assign multiple servers to a single connection profile. You can create a connection profile using the configuration wizard or from the OpenManage Integration for VMware vCenter > Settings tab. You can log in to iDRAC and the host using the Active Directory credentials.
NOTE: The Active Directory credential can be either same or separate for both iDRAC and the host.
NOTE: You cannot create a connection profile if the number of added hosts exceeds the license limit for creating a connection profile.
NOTE: An MX chassis host can be managed using a single unified chassis management IP. To manage an MX chassis using a chassis profile, see Creating chassis profile. Dell EMC recommends managing an MX chassis hosts with an iDRAC IP to get complete OMIVV functions.

Steps

  1. In the Connection Profile Description dialog box, click Next.

  2. In the Connection Profile Name and Credentials dialog box, enter the connection Profile Name and connection profile Description, which is optional.

  3. In the Connection Profile Name and Credentials dialog box, under iDRAC Credentials, do either of the following actions, depending on configuring iDRAC with or without Active Directory:

    NOTE: The iDRAC account requires administrative privileges for updating firmware, applying hardware profiles, applying system profiles in 14th Gen servers, and deploying hypervisor.

    • The iDRAC IPs that are already configured and enabled for Active Directory on which you want to use Active Directory, select Use Active Directory; otherwise scroll down to configure the iDRAC credentials.
      1. In Active Directory User Name, type the username. Type the username in one of these formats: domain\username or username@domain. The username is limited to 256.
      2. In Active Directory Password, type the password. The password is limited to 127 characters.
      3. In Verify Password, type the password again.
      4. Depending on your requirement, perform one of the following actions:
        • To download and store the iDRAC certificate and validate it during all future connections, select Enable Certificate Check.
        • To not store and perform the iDRAC certificate check during all future connections, clear Enable Certificate Check.
    • To configure the iDRAC credentials without Active Directory, perform the following tasks:
      1. In User Name, type the username. The username is limited to 16 characters. See the iDRAC Documentation for information about username restrictions for the version of iDRAC that you are using.
      2. In Password, type the password. The password is limited to 20 characters.
      3. In Verify Password, type the password again.
      4. Perform one of the following actions:
        • To download and store the iDRAC certificate, and validate it during all future connections, select Enable Certificate Check.
        • To not store and perform the iDRAC certificate check during all future connections, clear Enable Certificate Check.
  4. In Host Root, perform one of the following steps:

    • The hosts that are already configured and enabled for Active Directory on which you want to use Active Directory, select Use Active Directory, and perform the following steps; otherwise configure your host credentials:
      1. In Active Directory User Name, type the username. Type the username in one of these formats: domain\username or username@domain. The username is limited to 256 characters.
        NOTE: For host username and domain restrictions, see the following:

        Host username requirements:

        • Between 1 and 64 characters long
        • No nonprintable characters

        Host domain requirements:

        • Between 1 and 64 characters long
        • First character must be alphabetical.
        • Cannot contain a space.
      2. In Active Directory Password, type the password. The password is limited to 127 characters.
      3. In Verify Password, type the password again.
      4. Perform one of the following actions:
        • To download and store the host certificate, and validate it during all future connections, select Enable Certificate Check.
        • To not store and perform the iDRAC certificate check during all future connections, clear Enable Certificate Check.
    • To configure host credentials without Active Directory, perform the following tasks:
      1. In User Name, the username is root, which is the default username and you cannot change the username. However, if the Active Directory is set, you can choose any Active Directory user and not root.
      2. In Password, type the password. The password is limited to 127 characters.
        NOTE: The OMSA credentials are the same credentials that are used for the ESXi hosts.
      3. In Verify Password, type the password again.
      4. Perform one of the following actions:
        • To download and store the host certificate, and validate it during all future connections, select Enable Certificate Check.
        • To not store and perform the host certificate check during all future connections, clear Enable Certificate Check.
  5. Click Next.

  6. In the Connection Profile Associated Hosts dialog box, select the hosts for the connection profile and click OK.

    NOTE: If the OEM hosts are not displayed on the Select Hosts window, add the OEM hosts using the Add OEM Hosts wizard, see Adding OEM hosts.

  7. To test the connection profile, select one or more hosts and click Test Connection.

    NOTE: This step is optional and checks the host and iDRAC credentials. Although this step is optional, Dell EMC recommends that you test the connection profile.
    NOTE: If the WBEM service is disabled for all hosts running ESXi 6.5 or later, WBEM is automatically enabled when you perform the test connection and inventory on those hosts.
    NOTE: If you select All Registered vCenter while creating the connection profile, test connection fails for all hosts running ESXi 6.5 or later that has the WBEM service disabled. In such case, it is recommended to complete the connection profile wizard actions, run the inventory on hosts, and then test the connection profile again.
    NOTE: You may see that test connection is failing for the host and indicating that invalid credentials are entered, even after entering valid credentials. It may happen because the ESXi is blocking the access. Wait for 15 minutes and retry the test connection.

  8. To complete the creation of profile, click Next.

    After you click next, all details that you provide in this wizard is saved and you cannot modify the details from the wizard. You can modify or create more connection profiles for this vCenter detail from the Manage > Profiles Connection Profiles page after completing the configuration from the configuration wizard. See Modifying connection profile topic in this guide..
NOTE: The servers that do not have either an iDRAC Express or Enterprise card, the iDRAC test connection result is not applicable for this system.

After hosts are added to connection profile, the IP address of OMIVV is automatically set to SNMP trap destination of host's iDRAC, and OMIVV automatically enables the Web-Based Enterprise Management (WBEM) service for hosts running ESXi 6.5 and later. OMIVV uses the WBEM service to properly synchronize the ESXi host and the iDRAC relationships. If configuring the SNMP trap destination fails for particular hosts, and/or enabling the WBEM service fails for particular hosts, those hosts are listed as noncomplaint. To view the noncomplaint hosts that require SNMP trap destination to be reconfigured and/or WBEM services to be enabled, see Reporting and fixing compliance for vSphere hosts.