PhantomAM
Contributor
Contributor

Domain auth with domain controller on ESXi host

I am wondering if I can/should enable domain auth for my ESXi 6.5 free since my domain controller is on my ESXi host. Would I run into any issues with this potentially? Also is there say a backup login method?

Tags (2)
0 Kudos
7 Replies
daphnissov
Immortal
Immortal

Do you need to for some reason? It's probably not the best idea ever, so yeah, you'd run into issues if your DC was down and you couldn't login with even root. Reduced complexity is always better.

0 Kudos
PhantomAM
Contributor
Contributor

Was just an idea to move towards having one login for everything instead of many logins.

0 Kudos
daphnissov
Immortal
Immortal

As long as you have a potential chicken-and-egg scenario on your hand, I would avoid it.

0 Kudos
PhantomAM
Contributor
Contributor

I guess I could set up a DC-1 and DC-2 system with DC-2 on a different host.

0 Kudos
daphnissov
Immortal
Immortal

That would be preferable. I would say use anti-affinity rules to keep them separate, but with ESXi free and no vCenter that's not an option (not that vMotion is anyhow).

0 Kudos
PhantomAM
Contributor
Contributor

I am getting the VMUG subscription to solve a few of my problems just not sure when. I will note that for when I have licences that work worth a dam for more than the basics. Though the free version is great for lots too

0 Kudos
sarikrizvi
Enthusiast
Enthusiast

You can use AD authentication with ESXi host it's better to give limited privilege to AD users instead root privilege.

How to join ESXi to AD for Improved Management and Security

Regards,
SARIK (Infrastructure Architect)
vExpert 2018-2020 | vExpert - Pro | NSX | Security
vCAP-DCD 6.5 | vCP-DCV 5.0 | 5.5 | 6.0 | vCA-DCV 5 | vCA-Cloud 5 | RHCSA & RHCE 6 | A+ (HW & NW)
__________________
Please Mark "Helpful" or "Correct" if It'll help you
_____________________________________
@Follow:
Blog# https://vmwarevtech.com
vExpert# https://vexpert.vmware.com/directory/1997
Badge# https://www.youracclaim.com/users/sarik
0 Kudos