melay
Contributor
Contributor

Use Intergrated Windows Authentication in vSphere SSO without joining vCenter to the domain ?

Jump to solution

Hi all.

Our freshly installed vCenter 5.5 is not joined to our domain for security reasons (not managed by the same teams).

VM admins need to login with their Windows credentials though, so right now the SSO identity source is set to "Active Directory as a LDAP Server".

Pass-through authentication does not work with this setup, presumably because it needs the identity source to be set to "Active Directory (Integrated Windows Authentication)".

Is there any way to get pass-through authentication working without joining the vCenter to the Windows domain ?

0 Kudos
1 Solution

Accepted Solutions
pratjain
VMware Employee
VMware Employee

SSO would not work if the machine is not joined to the domian.

The machine has to be joined to some domain ( test or internal ) to be working and for SSO to work correctly.

Reference KB - http://kb.vmware.com/kb/2058919

Regards, PJ If you find this or any other answer useful please mark the answer as correct or helpful.

View solution in original post

0 Kudos
3 Replies
pratjain
VMware Employee
VMware Employee

SSO would not work if the machine is not joined to the domian.

The machine has to be joined to some domain ( test or internal ) to be working and for SSO to work correctly.

Reference KB - http://kb.vmware.com/kb/2058919

Regards, PJ If you find this or any other answer useful please mark the answer as correct or helpful.
0 Kudos
melay
Contributor
Contributor

OK.

Since vCSA manages to get it work, and is not technically joined to the domain (does it rely on Samba?), I thought there might be some way to work around this, but I've searched long and large and found nothing.

0 Kudos
pratjain
VMware Employee
VMware Employee

vCenter Server Appliance not joined to the domain would still work and would be able to authenticate to domain accounts but not the windows version one.

Regards, PJ If you find this or any other answer useful please mark the answer as correct or helpful.
0 Kudos