VMware Cloud Community
baber
Expert
Expert
Jump to solution

how can join vcsa 6.7 to active directory after vcsa installation

Dear all

Hi

i have installed my vcsa 6.7 with dns (without active directory) but today i want join it to windows active directory

I did these steps :

Administration/ Configuration / Active Directory domain tab  and finally click on join AD

but in the new windows i can see attach pic where do i had to insert IP address of active directory server ?

BR

Please mark helpful or correct if my answer resolved your issue.
1 Solution

Accepted Solutions
HassanAlKak88
Expert
Expert
Jump to solution

For LDAP, try to follow the below:

pastedImage_1.png


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak

View solution in original post

24 Replies
HassanAlKak88
Expert
Expert
Jump to solution

Hello,

Please follow the procedure described on the following docs: Join or Leave an Active Directory Domain


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

So thanks

but if you attend my question is about the IP address

where do i had to insert domain server ip address ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

if you deep look into the mentioned docs, you will find a message in the same rows of Domain, under Description told you that "Do not provide an IP address in this text box".

if you already configured your DNS server, here you have to put the domain search name only.


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

but i have installed vsa with vcsa.ha.com

now i want add vcsa to active directory server that is installed on DNS and domain  with name  divar.com

now what do i had to do ?

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

what do you mean by "but i have installed vsa with vcsa.ha.com" ?

and as per my understanding, do you have two AD ?

please more explain.


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

no. in the first installation i used ha.com (dns server) vcsa.ha.com

but today i want add my vcsa to an active directory server with name divar.com (because i have a lo of user in divar.com and want create permission for them for connect to vcsa.)

now what do i had to do ?

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

To edit the DNS settings of VCSA appliance, check the following: Edit the DNS and IP Address Settings of the vCenter Server Appliance

After try to join to domain.

But as per my experience and if this vcsa is fresh installed and no lot of configuration are applied. I prefer to redeploy it again with the correct domain/DNS.


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

I think you did not understand correctly my question .

Actually i don't want change my DNS server or ip

i just want join vcsa to AD

previously , during vcsa installation i used ha.com dns server and used vcsa.ha.com

and to day i want just add vcsa to AD as i said in first post

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

are your two domains in the same server (same DNS server ) ?


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

no same server

i have one dns server with name ha.com and ip =10.10.10.20

and one Active directory server with domain and dns service on that

divar.com (20.20.50.10)

now i want join vcsa to AD

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

Dear,

Now i am confused, you told me one server and you mentioned two different IPs.

Does your server had two different IP, and hosts two domains and two DNS ?

Otherwise and I as mentioned before, if it is new VCSA I prefer to destroy it and redeploy a new one with the correct FQDN and DNS and Domain.


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

I explain it again :

1-install vcsa with dns name ha.com (vcsa.ha.com)  dns server ip = 10.10.10.20 ----> this is just dns server and is not contain domain or active directory server.

2- today i decided join  that vcsa to AD server ( active directory server ip = 20.20.20.50 ) ---> this active directory server is separate from DNS server that i previously said.

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
HassanAlKak88
Expert
Expert
Jump to solution

Ok,

So my next question is: if any normal PC configured with 10.10.10.20 as DNS server, can be joined to the AD resides on 20.20.20.50 ?

And, does the DNS zone of 20.20.20.50 is configured on the DNS server 10.10.10.20 ?

please advise,


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos
IRIX201110141
Champion
Champion
Jump to solution

If you choose the AD join as LDAP Server instead the integrated Windows authentication you have the option to specify connect to a specific domain controller by use ldap://mydc01.home.local.

Regards

Joerg

Reply
0 Kudos
baber
Expert
Expert
Jump to solution

exactly . I need this option .

1- Is that your means i can connect to windows active directory server via LDAP ?

2- how can config that ? do i had to do enable ldap on windows active directory server ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
RajeevVCP4
Expert
Expert
Jump to solution

As I understood your domain IP is 20.20.20.50 and DNS 10.10.10.20.

If your vcsa is able to ping AD IP and DNS IP then you can add vcsa in AD,

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you
Reply
0 Kudos
baber
Expert
Expert
Jump to solution

thanks

please see attach pic there is not any field for insert active directory ip address

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

If all you want is for users to be able to login to this vCenter with their AD credentials, you do not need to join the vCSA to Active Directory. You can add that AD as an identity source over LDAP.

Single Sign-On => Configuration => Identity Sources => Add Identity Source

pastedImage_0.png

Reply
0 Kudos
baber
Expert
Expert
Jump to solution

so thanks

i saw that in vcsa 6.7 but actually i dont't know how fill that for example

i don't know what is my primary server url because as i said earlier i have an active directory server with ip address 20.20.20.50 with name divar.com

i don't have any primary and secondary url

1- what do i had to put in primary and secondary server url ?

2- in connect to part which one do i had to select any domain controller in the domain or specific domain controller ?

3- is that means from user name and password  , administrator user and password for active directory server ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
Reply
0 Kudos