I have been doing some reading on enabling Active directory integration with our ESX Hosts and had a a question.
Currently we have Sys Admins in a couple of domains within the same forest. So how do we modify or tweak:
esxcfg-auth --enablead --addomain=domain.com --addc=domain.com to enable multiple domains?
Thanks for the Help
You'll need a common root domain or something, and add accounts from there. If you have domains within the same forest, then you'll have to setup trusts and transfer accounts that way. Using esxcfg-auth ultimately sets up the kerberos, and I'm pretty sure you can't setup multiple kerberos realms for ESX to talk to.
I'm sure others will correct me if I am mistaken, but I don't think that will work. You'll have to get a domain, and import/authenticate users from that domain.
It is possible but you would need to edit a bunch of files by hand. I suggest you look into the book "Samba-3 by Example" by Terpstra for assistance in this.
Edward L. Haletky
VMware Communities User Moderator
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354
As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization