The following types of Active Directory forest configurations are supported by Oracle VDI.

Example of a Single Tree Forest

The Active Directory is a forest containing:

The krb5.conf file should look similar to the following.

[libdefaults]
default_realm = USERS.EXAMPLE.COM


[realms]
USERS.EXAMPLE.COM = {
kdc = users.host
admin_server = users.host
kpasswd_protocol = SET_CHANGE
}
EXAMPLE.COM = {
kdc = example.windows.host
admin_server = example.windows.host
kpasswd_protocol = SET_CHANGE
}

[domain_realm]
.users.example.com = USERS.EXAMPLE.COM
users.example.com = USERS.EXAMPLE.COM
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM

And the settings to be used in the Oracle VDI Manager:

Example of Multiple Tree Forests

For example, the following multiple tree configuration with multiple domains is supported.

In order to add this tree configuration as a Company in Oracle VDI Manager, first make sure that Kerberos has been configured correctly on the Oracle VDI hosts.

The krb5.conf file should look similar to the following.

[libdefaults]
default_realm = CENTRAL.VDI.EXAMPLE.COM 

[realms]
CENTRAL.VDI.EXAMPLE.COM = {
kdc = centralroot.vdi.example.com
}
CHILD.CENTRAL.VDI.EXAMPLE.COM = {
kdc = centralchild.vdi.example.com
}
EAST.VDI.EXAMPLE.COM = {
kdc = eastroot.vdi.example.com
}

[domain_realm]
.central.vdi.example.com = CENTRAL.VDI.EXAMPLE.COM
central.vdi.example.com = CENTRAL.VDI.EXAMPLE.COM
.child.central.vdi.example.com = CHILD.CENTRAL.VDI.EXAMPLE.COM
child.central.vdi.example.com = CHILD.CENTRAL.VDI.EXAMPLE.COM
.east.vdi.example.com = EAST.VDI.EXAMPLE.COM
east.vdi.example.com = EAST.VDI.EXAMPLE.COM

In the Oracle VDI Manager New Company wizard, be sure to enter the domain name of the Forest Root in the Specify Connection step.