Active Directory
Microsoft® Active Directory™ serves to authenticate access to manage the VMware® instance only and not to house SaaS consumer users of the workloads in the deployed instances. The forest root domain name of the Active Directory server equals to the Domain Name Services (DNS) domain name that you specify for the initial instance deployment.
Domain name services (DNS) in this design are for the cloud management and infrastructure components only. The DNS zone files are also replicated on the Active Directory servers.
Active Directory groups and users
The Regulated Workloads Active Directory is used for the privileged administrators, service accounts, and the IBM Cloud for VMware Solutions automation
service ID.
Microsoft Active Directory user IDs
User | User ID | Description |
---|---|---|
IBM automation | automation |
Used to add a host or a virtual machine for service. Also, to set up Active Directory and DNS entries |
Privileged user | Administrator |
Default Windows® user |
Privileged user | cloudadmin |
Default user for the customer to access vCenter Server |
Nonprivileged | cloudreadonly |
Read-only account for the customer |
Microsoft Active Directory groups
User | User ID | Description |
---|---|---|
IBM automation or privileged users | IC4v-vCenter |
vCenter Administration Group |