Orchestrator supports the following directory service types: Active Directory, eDirectory, and Sun Java System Directory Server.

Connect your system to the LDAP server that is physically closest to your Orchestrator server, and avoid connections to remote LDAP servers. Long response times for LDAP queries can lead to slower performance of the whole system.

To improve the performance of the LDAP queries, keep the user and group lookup base as narrow as possible. Limit the users to targeted groups that need access, rather than to whole organizations with many users who do not need access. Depending on the combination of database and directory service you choose, the resources you need can vary. For recommendations, see the documentation for your LDAP server.

To use the vCenter Single Sign On authentication method, you must first install vCenter Single Sign On. If you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to use vCenter Single Sign On as an authentication method. If you install Orchestrator separately from vCenter Server, and you want to use vCenter Single Sign On, you must configure the Orchestrator server to use the vCenter Single Sign On server that you installed and configured.