AD Integration with ESX Hosts and Multiple Domains?

I have been doing some reading on enabling Active directory integration with our ESX Hosts and had a a question.

Currently we have Sys Admins in a couple of domains within the same forest. So how do we modify or tweak:

esxcfg-auth --enablead --addomain=domain.com --addc=domain.com to enable multiple domains?

Thanks for the Help

0 Kudos
2 Replies

You'll need a common root domain or something, and add accounts from there. If you have domains within the same forest, then you'll have to setup trusts and transfer accounts that way. Using esxcfg-auth ultimately sets up the kerberos, and I'm pretty sure you can't setup multiple kerberos realms for ESX to talk to.

I'm sure others will correct me if I am mistaken, but I don't think that will work. You'll have to get a domain, and import/authenticate users from that domain.


vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
0 Kudos


It is possible but you would need to edit a bunch of files by hand. I suggest you look into the book "Samba-3 by Example" by Terpstra for assistance in this.

Best regards,

Edward L. Haletky

VMware Communities User Moderator


Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

Edward L. Haletky
vExpert XIII: 2009-2021,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos