Steps to re-create embedded connector in vIDM
search cancel

Steps to re-create embedded connector in vIDM

book

Article ID: 374867

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Creating/Adding an embedded or Internal connector in vIDM UI.

Environment

VMware Identity Manager 3.3.x

Cause

When a connector is accidentally removed or deleted in VMware Identity Manager, it needs to be restored and activated through the API. This article outlines the steps to obtain the necessary tokens, activate the connector, and integrate it within the VMware Identity Manager.

Resolution

NOTE: Ensure to take a snapshot of all the vIDM nodes. Before proceeding with the below steps:

 
Generate an Activation Code for the VMware Identity Manager Connector
 
Log in to the VMware Identity Manager console as the System domain user and use the postman or curl command to activate the embedded connector while re-adding using below steps.
 
Using Postman
 
1. Click the Identity & Access Management tab. Click Setup.
 
2. On the Connectors page, click Add Connector.
 
 
3. Enter a name for the connector. Click Generate Activation Code. The activation code displays on the page. Copy the activation code and save it.
 
 
4. Once you have the activation code generated from the above pop-up, you can use below request to activate the connector.
 
Step 1 : Open postman or rest client and run below APIPOST. Follow below steps to acquire the HZN token.
  • Make a post request to below link:
     
    • URL: https://<VIDM Node FQDN>/SAAS/API/1.0/REST/auth/system/login
    • Method: POST
Headers:
Accept: application/json; charset=utf-8
Content-Type: application/json

Example Request Body:
{
    "username": "admin",
    "password": "adminpassword",
    "issueToken": "true"
}

Example Response
{
    "id": null,
    "sessionToken": "eywxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      xxxxxxxxxxxxxxxmxaI",
    "firstName": null,
    "lastName": null,
    "admin": false
}
 
Once acquired the HZN Token follow below steps.
 
Step 2 : Activate Connector using Activation Token
POST https://<connectorHost>:8443/hc/API/1.0/REST/connectormanagement/connector/activate/
 
 
Headers:
Content-Type:  application/vnd.vmware.horizon.manager.connector.management.activate.connector+json

Authorization: HZN <token>
HZN <token>: obtained from step1
 
 
Body:
 
{
"activationToken":"ID5",
"adminPassword":"ID6",
"gatewayHostname":"ID7"
}
 
Success Response Status: 200 OK
 
Sample Response:
 
{
"isSuccess":true,
"redirectUrl":"<connector worker URL>",
"message":"Successfully activated the Connector.",
"tenantStateId":{"tenant":"<Tenant Id>","connector":"<connector worker Id>"}
}
 
Using cURL
 
curl --location 'https://ID1:8443/hc/API/1.0/REST/connectormanagement/connector/activate/' \
--header 'Authorization: HZN ID2' \
--header 'Content-Type: application/vnd.vmware.horizon.manager.connector.management.activate.connector+json' \
--header 'Accept: application/json' \
--header 'Cookie: JSESSIONID=ID3; trutid=ID4' \
--data '{
"activationToken":"ID5",
"adminPassword":"ID6",
"gatewayHostname":"ID7"
}'
 
Legends
 
ID1: vIDM IP address
ID2: HZN Cookie or Bearer Token 
ID3: JSESSIONID
ID4: VIDM tenant ID
ID5: Connector activation token
ID6: Default Admin Password
ID7: vIDM host_name/LB_FQDN
 


Using Bash script 
 
1. Download the bash script - connector.sh attached on the KB and upload it to Aria Suite Lifecycle appliance as it has jq and curl utilities preinstalled.
 
2. Follow the steps outlined in the "Using Postman" section to retrieve the activation code from the vIDM UI.
 
3. Enable execution permission for the script using the command "chmod +x connector.sh" and run the script using the command "./connector.sh"
 
4. During execution, the script will prompt you to input the following information:
  • vIDM Load Balancer Fully Qualified Domain Name (FQDN)
  • vIDM Node Fully Qualified Domain Name (FQDN)
  • Connector Activation Code
  • Admin Password
5. Compare the response of the API under "Activation API response :" of the script output with the sample response provided in the "Using Postman" section to ensure the API call was successful.

Additional Information

Upon successful execution, a 200 response code will be returned.
The connector will now be visible in the Admin UI.
Complete the integration by adding the connector under workspace_IDP for directory connection or authentication in the Admin UI.

Attachments

connector.sh get_app
Powered by Wolken Software