VMware Horizon Cloud Service Next-Gen – The Automation Series – Chapter 3 – Active Directory

This blog post is part of the VMware Horizon Cloud Service Next-Gen – The Automation Series, a series of blog posts that describes the possibilities and use of the VMware Horizon Cloud Service Next-Gen APIs.

In chapter 1 we created the API token, which we then used to create an access token in chapter 2. The access token will be used in this chapter to add, get and delete an Active Directory configuration in the VMware Horizon Cloud Service.

The original VMware documentation for Active Directory operations can be found here.

We will use PowerShell again to execute the requests.

Create

We will start by creating a new Active Directory configuration. For this we will use the following information:

HTTP Method POST
URI https://cloud.vmwarehorizon.com/admin/v2/active-directories
Content-Type application/json Header
Authorization Bearer <Access token> Header
orgId Organization ID Body
name Any name for the record, but generally the domain name Body
dnsDomainName FQDN for the domain name Body
description Any description for the record Body
bindAccounts / primary / username Primary bind account username Body
bindAccounts / primary / password Primary bind account password Body
bindAccounts / auxiliary/ username Secondary bind account username Body
bindAccounts / auxiliary/ password Secondary bind account password Body
joinAccounts / primary / username Primary join account username Body
joinAccounts / primary / password Primary join account password Body
joinAccounts / auxiliary/ username Secondary join account username Body
joinAccounts / auxiliary/ password Secondary join account password Body
defaultOU Organizational unit where provisioned VM’s will be contained Body

The orgId or Organization ID is something you can lookup manually in the Cloud Services Console or automated using the API. In one of the upcoming chapters, I will explain how to retrieve the Organization ID using the API. This is how it’s done manually.

Once logged on to the Cloud Service Console, click the drop-down button (1). The Organization ID is displayed there (2). You can use the copy button (3) to copy the Organization ID string and use it as the value for the orgId.

With this information we will now construct the lines of code in PowerShell to add the Active Directory configuration.

(1) We create the access token from the API token using the New-HCSAccessToken function we described in chapter 2. We put this value in the $AccessToken variable, which we will use in the following step.

(2) We then construct the $Header array, where we specify the expected Content-Type to be received by the URI, which is application/json. And we specify the type of authorization using the Bearer type with the access token from the variable $AccessToken.

(3) After this we construct the $Body array with all the items that define the Active Directory configuration to be added to the Horizon Cloud Services.

Now that we have both the Header and Body information in place, it’s time to execute the command to add the Active Directory configuration (1). Once executed, the output with what has been configured will be displayed (2).

When we look in the Horizon Universal Console, we see that the Active Directory configuration is added.

Get

To retrieve the Active Directory configuration(s), we will use the following information:

HTTP Method GET
URI https://cloud.vmwarehorizon.com/admin/v2/active-directories
Content-Type application/json Header
Authorization Bearer <Access token> Header

With this information we will now construct the lines of code in PowerShell to retrieve the Active Directory configuration(s).

(1) We create the access token from the API token again using the New-HCSAccessToken function, and put this value in the $AccessToken variable, which we will use in the following step.

(2) We construct the $Header array, where we specify the expected Content-Type to be received by the URI, which is application/json. And we specify the type of authorization using the Bearer type with the access token from the variable $AccessToken.

(3) We execute the command to retrieve the Active Directory configuration(s).

(4) Once executed, the output with what has been configured will be displayed.

Delete

To delete an Active Directory configuration, we will use the following information:

HTTP Method DELETE
URI https://cloud.vmwarehorizon.com/admin/v2/active-directories/<AD record ID>
Content-Type application/json Header
Authorization Bearer <Access token> Header
id Id for the Active Directory configuration URI

You can lookup the required AD record ID using the steps from the Get paragraph. Look for the id value in the output.

With this information we will now construct the lines of code in PowerShell to delete the Active Directory configuration.

(1) We create the access token from the API token again using the New-HCSAccessToken function, and put this value in the $AccessToken variable, which we will use in the following step.

(2) We construct the $Header array, where we specify the expected Content-Type to be received by the URI, which is application/json. And we specify the type of authorization using the Bearer type with the access token from the variable $AccessToken.

(3) We execute the command to delete the Active Directory configuration.

(4) Once executed, the output with what has been deleted will be displayed.

PowerShell Functions Examples

The scripts below serve as examples. You may change the scripts to your own needs or standards, like error handling, securing password strings and things like that.

I hope this chapter was informative and that you enjoyed reading.

Next up is single sign-on configuration.

You may also like...

1 Response

  1. January 12, 2023

    […] 1 – API Token Chapter 2 – Access Token Chapter 3 – Active Directory Chapter 4 – Single Sign-On Chapter 5 – Site Chapter 6 – Provider Instance Chapter […]