Actually, “how to setup default domain in the Identity appliance using jxplorer” would probably be a better title for this post but I chose to put the emphasis on the end result to make it clearer what we are trying to achieve.
Allow me to explain:
When you login to vRA you probably noticed the default behavior requires using a full UPN login like user@domain.com , If you want to allow login with a short name there are a few ways to achieve that:
1. You can setup native AD identity source for the default tenant as detailed here , but this only works for the default tenant and not for any additional tenants which is annoying since as a general practice we usually create additional tenants.
2. You can configure default domain in the identity appliance as detailed in this article by Eric Shanks AKA @eric_shanks
But what if you want to setup default domain on non default tenant and you are using a stand alone identity appliance, you cannot configure it through the vCenter web client since the vCenter web client is probably already configured with the vCenter SSO. What do you do? here is a solution:
1. Install jxplorer and configure it to connect to the vRA identity appliance as detailed in the following KB http://kb.vmware.com/kb/2077170 (use this KB only to set up jxplorer, do not change the LDAP string as the given example in the article)
2. In jxplorer browse to local/vsphere/services/IdentityManager/Tenants/<tenant name> and highlight it
3. Make sure you are in Table editor rather than HTML viewer and in the vmwSTSDefaultIdentityProvider attribute input the domain name
That’s it! no restarts required, you will now be able to login using only user name and removed the UPN
Drop any comments if you have
Thanks,
Niran