Hi all.
Our freshly installed vCenter 5.5 is not joined to our domain for security reasons (not managed by the same teams).
VM admins need to login with their Windows credentials though, so right now the SSO identity source is set to "Active Directory as a LDAP Server".
Pass-through authentication does not work with this setup, presumably because it needs the identity source to be set to "Active Directory (Integrated Windows Authentication)".
Is there any way to get pass-through authentication working without joining the vCenter to the Windows domain ?
SSO would not work if the machine is not joined to the domian.
The machine has to be joined to some domain ( test or internal ) to be working and for SSO to work correctly.
Reference KB - http://kb.vmware.com/kb/2058919
SSO would not work if the machine is not joined to the domian.
The machine has to be joined to some domain ( test or internal ) to be working and for SSO to work correctly.
Reference KB - http://kb.vmware.com/kb/2058919
OK.
Since vCSA manages to get it work, and is not technically joined to the domain (does it rely on Samba?), I thought there might be some way to work around this, but I've searched long and large and found nothing.
vCenter Server Appliance not joined to the domain would still work and would be able to authenticate to domain accounts but not the windows version one.