VMware Cloud Community
abhilashhb
VMware Employee
VMware Employee
‎04-22-2012 12:23 PM

regarding authenntication in a vcenter

Hi all,

How is authentication done locally on a vcenter when its not part of a Active directory? and also when its part of active directory? what are all the processes that run?

Abhilash B
LinkedIn : https://www.linkedin.com/in/abhilashhb/

0 Kudos
2 Replies
vcpguy
Expert
Expert
‎04-22-2012 12:36 PM

You can do it locally OR via AD.

  1. I think, it makes more sense to make your vCenter server part of AD and have the users authenticated via AD.
  2. In an Enterprise environment, it is always good from security reasons and management perspective to use AD.
  3. Be careful to remove the domain admins group from your local Admi group in vCenter server. This needs to be done so that your domain admins are not vCenter Admins.

Nothing changes from process perspective.

----------------------------------------------------------------------------- Please don't forget to reward Points for helpful hints; answers; suggestions. My blog: http://vmwaredevotee.com
0 Kudos
weinstein5
Immortal
Immortal
‎04-22-2012 03:19 PM

Without AD vcenter will use local users and groups for authetication - if the vcenter server is part of AD it will then include users and groups from AD as well the local users and groups - by default the loacal admin group is assigned administrators privledge to the root of the vcenter inventory - the process used is same both with AD and Local users - a user our group is assigned a roled to an object in the inventory and that is its permission - 

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
0 Kudos