UCS Director Basic Setup ConfigurationsOctober 11, 2016
The basic deployment of UCS Director consists of deploying an OVF file that is available from the Cisco downloads site. This post won’t go through the deployment of the OVF but this should be a pretty simple setup. The deployment will ask for IP Addressing information and some passwords. Complete the deployment of the OVF in your virtual environment and then continue with this post.
Once the OVF has been deployed, open a web browser and place the IP Address of the appliance in the address bar.
Login to the portal with the default username and password:
Once you’re logged in, the default password should be changed and UCS Director will prompt you to change this.
Change the password and click “save”.
After you’ve changed the password, you’ll need to re-login to the UCS Director portal.
Close the guided setup wizard.
Setup the mail server to send alerts from UCS Director. To do this go to the Administration Drop Down and select System. Then click the Mail Setup tab and enter in the information for the SMTP server.
NOTE: The “Server IP Address” is not the IP Address of the mail server, but should match the IP Address of the UCS Director appliance. It is used for approval links in the emails.
The Cisco UCS Director appliance comes with a trial license for 90 days. To add another license go to the Administration drop down and select license. Click the Update License and provide the license that was purchased.
Before going through a bunch of setup processes, it’s nice to be able to login to UCS Director with the accounts from your own Active Directory environment. The Active Directory setup will sync user accounts from AD and then re-sync them on a schedule. Setup the connection with Active Directory by navigating to the Administration drop down –> Ldap Integration. Then click “Add” to add a new LDAP account.
Note: it might be a good idea to take a snapshot of your appliance before setting this up. If you have a large directory and sync the whole thing this may take a long time and the cleanup can be tedious. A backup might be very useful.
Fill out the first page of the LDAP Server Configuration Wizard that makes the connection with the Active Directory domain controller. Then click “Next”.
Fill out the information in the wizard such as:
Account Name: This is the name that UCSD will use to identify the directory.
Server Type: What type of LDAP connection is being used.
Server: Server Address for your LDAP connection
Port: Which port should be used to connect to the LDAP server
Domain Name: What is the domain for your Active Directory
Username / Password: This is an account with read permissions on your AD instance for UCSD to query accounts
Synchronization Frequency: How long between LDAP Syncs? The minimum frequency is 1 hour
On the next screen select the base AD Object. This is the organization unit that will sync with Cisco UCS Director on the scheduled frequency. Many times it’s useful to only sync a specific OU instead of an entire directory tree for performance reasons. I created a new OU just for UCSD and place any of my users and groups in this OU. You can create your structure however it seems best for your organization. Then click “Next”.
On the user and group filters, you may filter out unnecessary users and groups from syncing with UCSD but at least 1 filter must be created. I use a default filter that looks for anything just to keep it simple. My filtering has already come from the OU selection that I created earlier. Create a filter and then click “Next”.
On the final screen, you may add an LDAP Role Filter but do not have to add one. Click “Submit”.
Add Users and Groups
Now that LDAP has been synced go to the Administration drop down and select “Users and Groups”. You should see a list of Active Directory Groups that have been synced under the “User Groups” tab as well as a list of users listed under the “Users” tab. Here you can select any users that require elevated privileges and then click “Edit”.
The properties of the user will open and you can enter in any additional details such as an email address that will be used by UCSD and change the User Role from the default of “Service End-User” to something else like a System Admin. Then click “Save”.
To make UCSD more manageable, it uses the concept of sites to help limit the number of objects that are displayed. You may switch between sites whenever necessary, but you should setup sites first before adding hardware or virtualization endpoints.
To add a Site go to the Administration drop down and the select “Physical Accounts”. Under the “Site Management” tab click “Add” to enter in information about your site. Click “Submit” and then enter in any additional sites that UCS Director will manage.
This post has walked you through the basic setup tasks that you should complete before configuring infrastructure and orchestration components. Much like other solutions a solid foundation will help speed up the time required for the rest of your configurations. In the next post we’ll cover some infrastructure setup tasks.