7. vCloud Security Examples : 7.1 Single Sign-On (SSO) – Provider : 7.1.3 Example
7.1.3 Example
This example shows how vCloud Director administrators who are already authenticated to the vCenter Server through the vSphere Web Client do not have to separately authenticate to vCloud Director.
To authenticate through vCloud Director with single sign-on
1. Log in to vCloud Director as the administrator.
2. Register vCloud Director with the Lookup Service. Click Administration > System Settings > Federation tab, and click the Register button under vSphere Services.
3. Enter the Lookup Service URL for the vCenter server with which you want this vCloud Director to SSO:
<qualified domain name of vCenter-server>:7444/lookupservice/sdk
4. Enter the SSO Admin User Name and SSO Admin User Password.
5. Enter the vCloud Director URL:
<qualified domain name of vcd-server>/cloud
6. Click OK, and wait for the dialog box to be dismissed.
7. Select Use vSphere Single Sign-On and click Apply.
8. Click Users and import a vSphere SSO user into vCloud Director.
9. As an example, import the Administrator@System-Domain user from vCenter SSO server.
10. Log out of vCloud Director.
11. Go to the vCenter Sever and log in as the user that was imported in a preceding step.
12. Open a new browser tab and go to vCloud Director. You are logged in without requiring further authentication.
13. To log in as a vCloud Director local user, type:
14. Using RDP, access the virtual machine where the vSphere Web Client is running.
a. Open a new browser tab and go to vCloud Director.
b. You are redirected to the vSphere Web Client where you can log in as Administrator@System-Domain.
c. Upon successful authentication you are redirected to vCloud Director.