vRealize Automation 8.0 Easy Install

In this post, I will be looking at the vRealize Automation 8 Easy Install deployment option. Since the release of vRealize Automation 7, VMware has been making significant improvements in the vRA deployment process to what we experienced in vCAC 6.x. The vRA 8 Easy Installer provides a step-by-step wizard to deploy vRealize Automation (vRA), Workspace ONE and vRealize Lifecycle Manager (vRLCM). I will be using the Easy Install option to deploy these components.

The vRealize Automation documentation can be found at VMware vRealize Automation Documentation. Ensure you check the vRealize Automation documentation for the latest information and requirements.

Required System Resources

The following table provides details of the system resources required to install vRA, vRLCM and vIDM.

Requirements vRealize Lifecycle Manager Identity Manager vRealize Automation

Total Storage

48 GB

60 GB

222 GB (Single node installation)

Virtual CPU

2

2

2

RAM

6 GB

6 GB

32 GB

System Partition

10 GB

8 GB

50 GB

Data Partition

20 GB

144 GB

Metrics Partition

20 GB

Logs Partition

8 GB

Swap Size

8 GB

6 GB

Tomcat Partition

10 GB

Var Partition

10 GB

db Partition

10 GB

10 GB

Network Requirements

All components within the deployment will require the following network configuration items:

  • Static IP Address (IPv4)
  • Network Mask
  • Default Gateway
  • DNS Server(s)
  • Domain Name
  • NTP Server

Ports and Protocols

VMware has recently released the VMware Port and Protocols site. Please reference this site for details of the vRealize Automation 8.0 Ports and Protocols requirements.

DNS and Host Name Resolution

All components must be able to resolve each other by using a fully qualified domain name (FQDN). A DNS A and PTR entry must exist for all nodes providing forward and reverse name resolution for all nodes.

Installation Overview

Once the pre-requisites are in place, the vRA Easy Installer deployment procedure will follow the high-level steps below:

  • Download the vRealize Automation 8 Easy Installer
  • Access the vRealize Automation Easy Installer
  • Specify appliance deployment parameters
  • Install vRealize Suite Lifecycle Manager 8.0
    • Specify vRealize Lifecycle Manager configuration parameters
  • Install VMware Identity Manager 3.3.1
    • Specify Identity Manager configuration parameters
  • Install vRealize Automation 8.0
    • Specify vRealize Automation configuration parameters

vRealize Automation 8.0 Installation

Download the vRealize Automation 8.0 ISO file from My VMware.

Mount the vra-lcm-installer.iso disk image to the local system and navigate to the folder, which is dependant on the operating system you are using:

Operating System

File Path

Windows

lcm-installer\vrlcm-ui-installer\win32\installer.exe

Linux

    1. Login to Linux VM.
    2. Run apt-get install p7zip-full.
    3. Run 7z x vra-lcm-installer.iso.
    4. Run chmod +x vrlcm-ui-installer/lin64/installer
    5. Run apt install libnss3 (required only if libnss3 component is not installed.)
    6. Run vrlcm-ui-installer/lin64/installer.

Mac

vrlcm-ui-installer/mac/Installer/Installer.app

 

After running the appropriate installer file (depending on the OS), the vRealize Easy Installation Wizard will start.

2.6.1

Click Install.

2.6.2

Click Next.

2.6.3

On the End User License Agreement page, select the checkbox for I accept the terms of the license agreement

Optionally select if you would like to join the VMware Customer Experience Improvement Program (CEIP)

Click Next.

2.6.4

Enter the Appliance Deployment Target information:

  • vCenter Server Hostname
  • HTTPS Port
  • Username
  • Password

Click Next.

2.6.5

Click Accept on the Certificate Warning to continue.

2.6.6

Select the target compute cluster within the vCenter inventory for the deployment of the appliances.

Click Next.

2.6.8

Select the target datastore or datastore cluster for the deployment of the appliances.

Check Enable Thin Disk Mode if would like to enable thin provisioning for the deployment.

Click Next.

2.6.9

Enter the required network configuration.

Click Next.

2.6.10

Enter and confirm a password for the various accounts specified.

Click Next.

2.6.11

Enter the required Lifecycle Manager configuration items.

Click Next.

2.6.12

Enter the required Identity Manager configuration items.

Click Next.

2.6.13

Enter the required vRealize Automation configuration items.

Click Next.

2.6.14

At the Summary page, validate all of the entered information.

Click Submit.

2.6.16

2.6.17

The installation will now progress and complete, assuming there are not any issues, and you will be provided with a screen showing the vRLCM and vRA URLs upon completion.

2.6.19

The vCenter inventory screen shows the Identity Manager, LifeCycle Manager and vRealize Automation appliances have all deployed successfully to the target VM folder specified during Easy Install wizard.

Overall, VMware has made significant advances in simplifying the installation process of vRA 8 over previous releases, and have now updated the vRA architecture and embedded application services into VMware appliances, thus remove the dependency of Microsoft Windows and Microsoft SQL server for the IaaS components.

 

Deploy Embedded PSC with Enhanced Linked Mode – Part 2

Stage 2 – Setup the vCenter Server Appliance with Embedded PSC

After completing stage 1, you will be taken to stage 2 and the introduction page.

Click Next

2.5.1

Either select Synhronize time with NTP servers or  Synchronize time with ESXi host (depending on your preference).  Enter NTP servers (if required) and select Enabled from the SSH access dropdown.

Click Next

2.5.2

As this is the first VCSA with Embedded PSC, select the Create a new SSO domain radio button

Enter the name for the Single Sing-On domain name: vsphere.local
The Single Sign-On user name is administrator and cannot be changed
Enter the Single Sign-On password and confirm the password
Enter the Single Sign-On Site name: default-site

Click Next

2.5.3

Select the checkbox if you would like to join the VMware Customer Experience Improvement Program

Click Next

2.5.4

Review the summary on the Ready to complete Install – Stage 2 page, verify the settings and then click Finish

2.5.5

Click OK to the warning message

2.5.6

If all goes well, the VCSA setup should complete successfully. You can navigate to https://vmatestlab01.testlab.com/vsphere-client to go to the vSphere Web Client, https://vmatestlab01.testlab.com/ui to go to the HTML5 client or click the https://vmatestlab01.testlab.com:443 to go to the Appliance Getting Started Page.

Click Close

2.5.7

Deploy second VCSA appliance following previous steps in part 1 Deploy Embedded PSC with Enhanced Linked Mode – Part 1

After completing stage 1, you will be taken to stage 2 and the introduction page.

Click Next

2.5.8

Either select Synhronize time with NTP servers or  Synchronize time with ESXi host (depending on your preference).  Enter NTP servers (if required) and select Enabled from the SSH access dropdown.

Click Next

2.5.2

Select the Join an existing SSO domain radio button to join the existing SSO domain of the first deployed Embedded PSC VCSA appliance

Enter the FQDN of the first VCSA with Embedded PSC: vmatestlab01.testlab.com
Enter the HTTPS port: 443
Enter the Single Sign-On name: vsphere.local
The Single Sign-On user name is administrator and cannot be changed
Enter the Single Sign-On password

You will notice there is no longer an option to enter the SSO site name. For greenfield deployments, SSO sites are no longer available for new deployments.

2.5.10

Select the checkbox if you would like to join the VMware Customer Experience Improvement Program

Click Next

2.5.11

Review the summary on the Ready to complete Install – Stage 2 page, verify the settings and then click Finish

2.5.12

If all goes well, the second VCSA setup should complete successfully. You can navigate to https://vmatestlab02.testlab.com/vsphere-client to go to the vSphere Web Client, https://vmatestlab02.testlab.com/ui to go to the HTML5 client or click the https://vmatestlab02.testlab.com:443 to go to the Appliance Getting Started Page.

Click Close

2.5.13

After logging into the HTML5 client for vmatestlab01.testlab.com, you can click Linked vCenter Server Systems to validate Enhanced Linked Mode.

2.5.14

Conclusion

Deploying the vCenter Server Appliance using embedded PSCs is now the way forward since vSphere 6.5 U2 and vSphere 6.7, utilising VCSA HA for high availability if your solution requires. VMware has done a really good job of simplifying the deployment. As previously stated, always review the vSphere Installation and Setup Guide for full details of the prerequisites and details steps, validating product interoperability in your environment by reviewing the VMware Product Interoperability Matrices along with reviewing the VMware KB Supported and deprecated topologies for VMware vSphere 6.5 (2147672) for supported deployment topologies.

 

 

Deploy Embedded PSC with Enhanced Link Mode – Part 1

vSphere 6.7 was released in April 2018 which included many new features and enhancements. Following on from this release, vSphere 6.5 Update 2 was released in May 2018, which included some features from vSphere 6.7. As vSphere 6.7 was released prior to vSphere 6.5 U2, there is not a supported upgrade path from vSphere 6.5 U2 to vSphere 6.7. This should be carefully considered in any implementation or future upgrade plans. I expect there will be a supported upgrade path from vSphere 6.5 U2 to a future minor version release of vSphere 6.7.

vCenter Server 6.5 Update 2 now supports Enhanced Linked Mode (ELM) when the vCenter appliance is deployed with an embedded Platform Services Controller (PSC). Previous versions required external PSCs to enable ELM. The VMware KB Supported and deprecated topologies for VMware vSphere 6.5 (2147672) still needs further updates as there is only the following note at the bottom of the article:

Note: With vCenter Server 6.5 Update 2, you can deploy by using the GUI or CLI installer up to 15 vCenter Server Appliance instances in Embedded Linked Mode, and manage these instances with the vSphere Web Client or vSphere Client from any of the instances.

The recommendation from vSphere 6.5 U2 and vSphere 6.7 onwards, is to use Embedded PSCs. The caveat is that this is only for greenfield deployments, there is not a currently supported method to upgrade or migrate from external PSC deployment to an embedded PSC deployment.

Due to an issue with expiring PSC Machine SSL certificates in my homelab and challenges replacing these, I decided to deploy vCenter 6.5 U2 using embedded PSCs. I will be deploying a single SSO domain in a single SSO site. As you will notice during this deployment guide, there is not an option to create another SSO site when joining an existing SSO domain, this is due to SSO sites no longer being required for new deployments.

Please review the vSphere Installation and Setup Guide for full details of the prerequisites and details steps, along with validating product interoperability in your environment by reviewing the VMware Product Interoperability Matrices.

The vCenter 6.5 U2 appliance installation is broken into two stages, the first stage is to deploy a new appliance and the second stage is to complete the new 6.5 U2 appliance setup and configure vCenter Single Sign-On, then start the services of the newly deploy vCenter 6.5 U2 appliance.

I’ll assume you know how to download the required ISOs from the VMware website. I will be deploying the PSC/VCSA topology shown in the image below:

 

2.4.1

Image acknowledgement from VMware blog

Stage 1 – Deploy the new vCenter Server Appliance

In stage 1, I will deploy the OVA file of the vCenter 6.5 U2 appliance. Mount the ISO and navigate to the \vcsa-ui-installer\ directory and then to the required subdirectory for your OS:

  • For Windows OS, go to the win32 subdirectory, and run the installer.exe
  • For Linux OS, go to the lin64 subdirectory, and run the installer
  • For Mac OS, go to the mac subdirectory, and run the Installer.app

I’m running my deployment from a Windows machine so I will run \vcsa-ui-installer\ win32\installer.exe

2.4.2

Select Install from the vCenter Server Appliance 6.5 U2 Installer

2.4.3

The introduction provides an overview of the stages required to complete the installation.

Click Next

2.4.4

Select the I accept the terms of the license agreement checkbox

Click Next

2.4.5

Select the vCenter Server with an Embedded Platform Services Controller radio button

Click Next

2.4.6

Enter the ESXi host FQDN where you would like the new vCSA 6.5 U2 appliance deployed.

Click Next

2.4.7

Click Yes on the Certificate Warning to continue.

2.4.8

Enter the name for the VCSA appliance VM and set a root password.

Click Next

2.4.9

Select the deployment size you would like for your environment. For my home lab, I selected Tiny

Click Next

2.4.10

Select a datastore for the VCSA and if you would like to enable Thin Disk Mode.

Click Next

2.4.11

Now select a network with ephemeral port binding, this is temporary and the new VCSA appliance can be moved to another network after the installation has completed.

Enter the required network configuration.

Click Next

2.4.12

Review the summary on the Ready to complete stage 1 page, verify the settings and then click Finish

2.4.13

Once the deployment has completed, click Continue to progress to Stage 2. If you close, you can continue with Stage 2 by navigating to the VAMI of the newly deployed vCenter Server appliance, https://vmatestlab01.testlab.com:5480

I will continue with the VCSA appliance configuration and SSO setup in Deploy Embedded PSC with Enhanced Linked Mode – Part 2.

 

 

 

Retiring Certifications and Exams

VMware has recently announced the following VMware Certified Advanced Professional exams are due to expire at the end of September 2018. If you are currently studying for one of these exams, you may want to accelerate your study and schedule the exam soon before availability reduces.

2.3.1

All available exams and certification are detailed on VMware’s certification site and announcements are made in the Education Services blog. For a list of retired or retiring certification exams, you can find information in the Retired Certifications and Exams document.

 

vRA 7.3 AD Integration with a Disjointed Namespace – Part 2

In part 1 of this blog post, I demonstrated the impact of configuring vRA Directories Management using IWA in a disjointed namespace. In this blog post, I will now cover the procedure to remediate and recover vRA to an operational state.

The high level steps required to remediate vRA are listed in order below:

  1. Take a snapshot of all vRA nodes
  2. Change the Master vRealize Automation Appliance Host Name – Change the Master vRA Appliance Host Name
  3. Change a Replica vRealize Automation Appliance Host Name – (if applicable) (on all replica nodes) – Change a Replica vRA Appliance Host Name
  4. Reset RabbitMQ cluster from the primary vRA appliance VAMI – Reset RabbitMQ
  5. Re-install the vRA IaaS management agents on each vRA IaaS node

 

I will assume readers of this blog know how to take a snapshot of all the vRA nodes and detail from step 2 onwards.

Change the Master vRealize Automation Appliance Host Name

Ensure your DNS A and PTR records are updated if required. In my use case, I did not need to update any DNS records.

Go to the vRealize Automation master appliance management console by opening a connection using its FQDN:

Example: https://vratestlab01.testlab.com:5480/

Log in with the root username and password.

2.0.1

Select Network > Address and enter the required FQDN of the master vRA appliance in the hostname field

Click Save Settings

2.0.2

Logon to the console of the master vRA Appliance and run the following script:

/usr/lib/vcac/tools/change-hostname/change-hostname.sh old-master-FQDN new-master-FQDN

Example:
/usr/lib/vcac/tools/change-hostname/change-hostname.sh vratestlab01.offprem.cloud.test.group vratestlab01.testlab.com

Validate the hostname change by entering hostname -f after the script completes

2.0.3

Logon to the console of all replica vRA Appliance and run the following script:
Note: This script is only executed on all replica nodes and not the master/primary node.

sed -i “s/old-master-FQDN/new-master-FQDN/g” “/etc/haproxy/conf.d/10-psql.cfg” “/etc/haproxy/conf.d/20-vcac.cfg”

Example:
sed -i “s/vratestlab01.offprem.cloud.test.group/vratestlab01.testlab.com/g” “/etc/haproxy/conf.d/10-psql.cfg” “/etc/haproxy/conf.d/20-vcac.cfg”

2.0.4

Change a Replica vRealize Automation Appliance Host Name

Ensure your DNS A and PTR records are updated if required. In my use case, I did not need to update any DNS records.

Go to the vRealize Automation replica appliance management console by opening a connection using its FQDN:

Example: https://vratestlab02.testlab.com:5480/

Log in with the root username and password.

2.0.5

Select Network > Address and enter the required FQDN of the replica vRA appliance in the hostname field

Click Save Settings

2.0.6

Logon to the console of the replica vRA Appliance and run the following script:

/usr/lib/vcac/tools/change-hostname/change-hostname.sh old-replica-FQDN new-replica-FQDN

Example:
/usr/lib/vcac/tools/change-hostname/change-hostname.sh vratestlab02.offprem.cloud.test.group vratestlab02.testlab.com

Validate the hostname change by entering hostname -f after the script completes

2.0.7

Logon to the console of all other vRA Appliances in the cluster, including the master and run the following script:

sed -i “s/old-replica-FQDN/new-replica-FQDN/g” “/etc/haproxy/conf.d/10-psql.cfg” “/etc/haproxy/conf.d/20-vcac.cfg”

Example:
sed -i “s/vratestlab02.offprem.cloud.test.group/vratestlab02.testlab.com/g” “/etc/haproxy/conf.d/10-psql.cfg” “/etc/haproxy/conf.d/20-vcac.cfg”

2.0.8

Reset RabbitMQ Cluster

Go to the vRealize Automation master appliance management console by opening a connection using its FQDN:

Example: https://vratestlab01.testlab.com:5480/

Log in with the root username and password.

2.0.9

 

Select vRA Settings > Messaging

Click Reset RabbitMQ Cluster

Click OK to confirm

2.0.10

2.0.11

Restart the master vRealize Automation appliance.

Restart all replica vRealize Automation appliances, one at a time.

Re-install the vRA IaaS management agents on each vRA IaaS node

Logon to the first vRA IaaS node and open a browser.

Navigate to the vRealize Automation IaaS Installation page at https://<vra-appliance-fqdn&gt;:5480/installer

Click Management Agent Installer

2.0.12

Browse to the local directory where you saved the installer, on the IaaS node.
Note: You will need to uninstall the vRA IaaS Management Agent first.

Right click on the vCAC-IaaSManagementAgent-Setup.msi file and select Install.

When the setup wizard opens, click Next.

2.0.13

On the End-User License Agreement screen of the Management Agent Setup Wizard, check the box I accept the terms of this agreement.

Click Next.

2.0.14

On the Destination Folder screen, select a destination folder by clicking Change, or accept the default installation path.

Click Next.

2.0.15

On the Management Site Service screen:

In the vRA appliance load balancer address text box, specify the vRealize Automation appliance URL, for example: <https://vra-portal.testlab.com:5480&gt;

In the Root username text box, enter the vRealize Automation appliance username <root>.

In the Password text box, enter the vRealize Automation appliance <password>.

In the Management Site Service certificate SHA1 fingerprint text box, click Load.

Select the I confirm the fingerprint matches the Management Site SSL Certificate check box.

Click Next.

2.0.16

Enter the AD domain service account details for the vRA Management Agent, for example, testlab\svc_vra_mgr01

Enter the password for the AD service account

Click Next.

2.0.17

 Click Install

2.0.18

Once the installation has completed successfully, click Finish to exit the Management Agent installation wizard.

2.0.19

Verify the VMware vRealize Automation Management Agent is running on the primary IaaS Web Server in Server Manager by going to Tools > Computer Management > Services.

Verify the Logon as Service account is configured to use the vRealize Automation Service Account, for example, testlab\svc_vra_iaas01.

2.0.20

Verify the vRealize Automation Management agents config file is updated to the changed FQDN for the vRealize Automation appliance nodes in the deployment.

The file is located at: <install_path>\VMware\vCAC\Management Agent\VMware.IaaS.Management.Agent.exe.Config

2.0.21

Re-install the vRA IaaS Management agents on all remaining vRA IaaS nodes, verifying the endpoint addresses are updated to the required FQDN on each node.

Go to the vRealize Automation master appliance management console by opening a connection using its FQDN: https://vratestlab01.testlab.com:5480/

Log in with the root username and password.

Navigate to vRA Settings > Cluster and verify the configuration. Expand the Host / Node Name to validate the roles assigned to each node.

Verify all nodes now appear are in a healthy state by checking their Last Connected time from the VAMI of the primary vRA appliance

 

  • Ensure the IaaS nodes have a last connected time of less than 30 seconds
  • Ensure the vRA appliances have a last connected time of less than 10 minutes

2.0.23

Navigate to vRA Settings > Database and verify the configuration.

Ensure the replication mode is Asynchronous

Check the Connection Status is CONNECTED

Verify the primary vRA appliance is the MASTER node and the secondary vRA appliance is the REPLICA node.

Ensure both Postgres DB nodes have a status of Up

2.0.24

Navigate to Services and confirm all services have a status of REGISTERED.

Note: Verify the vRA Appliance services on all vRA nodes.

Navigate to vRA Settings > Messaging

Verify the Connection Status is CONNECTED

Verify the RabbitMQ Process is Running

Verify the status of the RabbitMQ Cluster and all nodes are Connected

Note: Reset the RabbitMQ Cluster from the master vRA Appliance if you have errors.

2.0.26

Login to the vRA portal, navigate to Administration > Directories Management > Directories

Verify directory synchronisation is now successful.

Verify you are now able to login to the vRA portal with an Active Directory account.

2.0.27

This concludes the blog post and whilst I appreciate this may be a corner case, hopefully, you have found this information useful. I’m expecting the public VMware documentation to updated for this use case, although, there are not any guarantees.

 

 

vRA 7.3 AD Integration with a Disjointed Namespace – Part 1

During a recent vRA 7.3 enterprise deployment at a customer site, I was required to configure vRA Directories Management to support AD user authentication. The customer had the following constraints, which impacted the expected outcome of this configuration.

  • Non-Windows machines were not allowed to register their DNS A or PTR records in the Active Directory integrated DNS domain.
  • Active Directory integration must be configured using Integrated Windows Authentication if the product supports IWA and LDAP is not permitted
  • Computer objects will be pre-staged in the Active Directory domain
  • vRA appliances and vRA IaaS nodes DNS records were located in different namespaces

This meant we needed to configure an Active Directory IWA to support user authentication using the Directory Management feature however, the AD domain name and DNS zone was a different namespace to the FQDN of the vRA appliances.

In this blog post, I will recreate this use case using the domains below to demonstrate the impact of configuring vRA Directories Management using IWA in a disjointed namespace. I will cover the procedure to remediate the configuration in a part 2.

For further information on disjointed namespaces, please refer to the Microsoft article: Disjoint Namespace

  • vRealize Automation appliances and vRA IaaS nodes are using an AD domain named testlab.com. All these host are configured as <hostname>.testlab.com and name resolution is provided by AD integrated DNS. The vRA IaaS Windows servers are members of the testlab.com domain.
  • vRA is required to support user authentication from an Active Directory domain named offprem.cloudtest.com, as such, considering the constraints, vRA Directories Management will be required to use offprem.cloudtest.com as an identity source for synchronisation

Configure a vRA Active Directory over IWA Connection for Directories Management

Login to the vRA default tenant as a local user with Tenant Administrator privileges

1.9.1

Select Administration > Directories Management > Directories

1.9.2

Click Add Directory and select Add Active Directory over LDAP/IWA.

1.9.3

On the Add Directory page, specify the following:

Enter a Directory Name for the AD domain in the Directory Name text box.

Select the Active Directory (Integrated Windows Authentication) radio button

Select the primary vRA appliance as the Sync Connector from the dropdown list

Do you want this Connector to also perform authentication? Select the Yes radio button

Select sAMAccountName  as the Directory Search Attribute

Enter the name of the AD domain to join and the domain admin credentials.

Enter the Bind User Details in UPN format

Click Save & Next

1.9.4

1.9.5

On the Select the Domains page, select the domains which should be associated with this AD connection.

Click Next

1.9.6

The Directories Management attributes are mapped to the Active Directory attributes. Review and update as required.

Click Next

1.9.7

Select the groups you would like to synchronise from Active Directory

Click Next

1.9.8

Select the users you would like to synchronise from Active Directory

Click Next

1.9.9

Review the page to see how many users and groups will be syncing to the directory.

Click Sync Directory

1.9.10

1.9.11

1.9.12

Symptoms of Configuring Active Directory IWA with a Disjointed Namespace

Configure Directories Management for High Availability

When configuring Directories Management for High Availability, you add the secondary connector to the identity provider, save the settings successfully but the configuration does not remain persistent.

Select Administration > Directories Management > Identity Providers

1.9.13

Click the Add a Connector drop-down list, and select the connector that corresponds to your secondary vRealize Automation appliance.

Enter the appropriate password in the Bind DN and Domain Admin Password fields.

Click Save.

1.9.14

1.9.15

The connector configuration is not saved. This could but just be a UI issue but is an observed symptom I have only witnessed in this use case.

vRA Appliance Hostname

The vRA Appliance hostname in the VAMI network tab has been updated to use the short name.

1.9.17

The hostname of the appliance in the OS has been updated with the FQDN of the IWA AD domain, which in my use case is not resolvable.

1.9.18

vRealize Automation VAMI Cluster

When viewing the vRA Cluster information in the VAMI, the node list is empty.

1.9.19

vRA IaaS Management Agents

The vRealize Automation Management agents config file is updated to the changed FQDN for the vRealize Automation appliance on every vRA IaaS node in the deployment.

The file is located at: <install_path>\VMware\vCAC\Management Agent\VMware.IaaS.Management.Agent.exe.Config

1.9.20

In part 2 of this blog, I will demonstrate how to remediate this use case, and complete the configuration of vRA Directories Management using Active Directory with Integrated Windows Authentication in a disjointed namespace.