Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
52 lines (51 sloc) 3.94 KB
<?xml version="1.0" encoding="UTF-8"?>
<!--This work by Eucalyptus Systems is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See the accompanying LICENSE file for more information.-->
<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd">
<task outputclass="docs one-sidebar sidebar-first" id="images_xen_win_ad">
<title>Configure Active Directory</title>
<p>The Eucalyptus Integration service lets an enterprise with existing Active Directory
domains attach Windows instances to the domains and control access to these instances using the existing AD user database. Users can log into the instance either using their domain credentials or the Administrator’s password generated with the <cmdname>euca-get-password</cmdname> command. </p>
<p>Because AD technology is tightly integrated with domain name service (DNS), the default
name server contacted by the instance must be able to resolve the AD address as a proper
domain controller. You can do this for all networking modes except System, by configuring
the following line in the CC’s <filepath>eucalyptus.conf</filepath> file:</p>
<p>If there is no such pre-existing DNS set-up or your networking mode is System, you might need to change the VM’s network interface so that the preferred DNS server points to the domain controller. </p>
<p>To set up Active Directory:
<cmd>Click <menucascade><uicontrol>Windows Programs</uicontrol>
<uicontrol>Eucalyptus</uicontrol> <uicontrol>EucaSetup.exe</uicontrol></menucascade>. </cmd>
<info><image href="images/ewi_win_start.jpg" scale="80" alt="Eucalyptus setup selection"/></info>
<stepresult>The <uicontrol>Eucalyptus Windows Integration</uicontrol> popup displays.</stepresult>
<cmd>Click the <uicontrol>Active Directory</uicontrol> tab in the Eucalyptus Windows Integration window and enter the following information:</cmd>
<image href="images/ewi_ad.jpg" scale="80" alt="Active Directory tab"/>
<li>Enter the address of the existing Active Directory domain controller in the <uicontrol>AD Address</uicontrol> field.</li>
<li>Enter the administrator username in the <uicontrol>Admin Username</uicontrol> field. We recommend using a generic user account that has permission to join a computer to a domain or a specific organizational unit.</li>
<li>Enter and confirm the password in the <uicontrol>Admin Password</uicontrol> field.
Note that the Admin username and password are required to join an instance to an Active
Directory. When launched in Eucalyptus, these properties will be deleted as soon as the instance joins (or fails to join) the domain.</li>
<li>Optionally, enter an organizational unit in the <uicontrol>Organizational Unit</uicontrol> field. This specifies a container that the instances launched from this image will be attach to.</li>
<note type="tip">If the values entered in this section are incorrect, the launched
instances will fail to join the domain. We recommend that you verify the information by
manually joining a computer to a domain using the same information that you entered in this step. You may first log in the launched instance using administrator password (<cmdname>euca-get-password</cmdname>) and manually join the domain for verification.</note>
<cmd>Click <uicontrol>Apply</uicontrol>.</cmd>
<postreq>You are now ready to <xref href="images_xen_win_rdp.dita"/>
Jump to Line
Something went wrong with that request. Please try again.