baber
Expert
Expert

how can join vcsa 6.7 to active directory after vcsa installation

Jump to solution

Dear all

Hi

i have installed my vcsa 6.7 with dns (without active directory) but today i want join it to windows active directory

I did these steps :

Administration/ Configuration / Active Directory domain tab  and finally click on join AD

but in the new windows i can see attach pic where do i had to insert IP address of active directory server ?

BR

Please mark helpful or correct if my answer resolved your issue.
1 Solution

Accepted Solutions

For LDAP, try to follow the below:

pastedImage_1.png


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak

View solution in original post

24 Replies

Hello,

Please follow the procedure described on the following docs: Join or Leave an Active Directory Domain


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

So thanks

but if you attend my question is about the IP address

where do i had to insert domain server ip address ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

if you deep look into the mentioned docs, you will find a message in the same rows of Domain, under Description told you that "Do not provide an IP address in this text box".

if you already configured your DNS server, here you have to put the domain search name only.


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

but i have installed vsa with vcsa.ha.com

now i want add vcsa to active directory server that is installed on DNS and domain  with name  divar.com

now what do i had to do ?

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

what do you mean by "but i have installed vsa with vcsa.ha.com" ?

and as per my understanding, do you have two AD ?

please more explain.


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

no. in the first installation i used ha.com (dns server) vcsa.ha.com

but today i want add my vcsa to an active directory server with name divar.com (because i have a lo of user in divar.com and want create permission for them for connect to vcsa.)

now what do i had to do ?

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

To edit the DNS settings of VCSA appliance, check the following: Edit the DNS and IP Address Settings of the vCenter Server Appliance

After try to join to domain.

But as per my experience and if this vcsa is fresh installed and no lot of configuration are applied. I prefer to redeploy it again with the correct domain/DNS.


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

I think you did not understand correctly my question .

Actually i don't want change my DNS server or ip

i just want join vcsa to AD

previously , during vcsa installation i used ha.com dns server and used vcsa.ha.com

and to day i want just add vcsa to AD as i said in first post

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

are your two domains in the same server (same DNS server ) ?


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

no same server

i have one dns server with name ha.com and ip =10.10.10.20

and one Active directory server with domain and dns service on that

divar.com (20.20.50.10)

now i want join vcsa to AD

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

Dear,

Now i am confused, you told me one server and you mentioned two different IPs.

Does your server had two different IP, and hosts two domains and two DNS ?

Otherwise and I as mentioned before, if it is new VCSA I prefer to destroy it and redeploy a new one with the correct FQDN and DNS and Domain.


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
baber
Expert
Expert

I explain it again :

1-install vcsa with dns name ha.com (vcsa.ha.com)  dns server ip = 10.10.10.20 ----> this is just dns server and is not contain domain or active directory server.

2- today i decided join  that vcsa to AD server ( active directory server ip = 20.20.20.50 ) ---> this active directory server is separate from DNS server that i previously said.

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
0 Kudos

Ok,

So my next question is: if any normal PC configured with 10.10.10.20 as DNS server, can be joined to the AD resides on 20.20.20.50 ?

And, does the DNS zone of 20.20.20.50 is configured on the DNS server 10.10.10.20 ?

please advise,


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
IRIX201110141
Champion
Champion

If you choose the AD join as LDAP Server instead the integrated Windows authentication you have the option to specify connect to a specific domain controller by use ldap://mydc01.home.local.

Regards

Joerg

0 Kudos
baber
Expert
Expert

exactly . I need this option .

1- Is that your means i can connect to windows active directory server via LDAP ?

2- how can config that ? do i had to do enable ldap on windows active directory server ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
0 Kudos
RajeevVCP4
Expert
Expert

As I understood your domain IP is 20.20.20.50 and DNS 10.10.10.20.

If your vcsa is able to ping AD IP and DNS IP then you can add vcsa in AD,

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you
0 Kudos
baber
Expert
Expert

thanks

please see attach pic there is not any field for insert active directory ip address

Please mark helpful or correct if my answer resolved your issue.
0 Kudos
daphnissov
Immortal
Immortal

If all you want is for users to be able to login to this vCenter with their AD credentials, you do not need to join the vCSA to Active Directory. You can add that AD as an identity source over LDAP.

Single Sign-On => Configuration => Identity Sources => Add Identity Source

pastedImage_0.png

0 Kudos
baber
Expert
Expert

so thanks

i saw that in vcsa 6.7 but actually i dont't know how fill that for example

i don't know what is my primary server url because as i said earlier i have an active directory server with ip address 20.20.20.50 with name divar.com

i don't have any primary and secondary url

1- what do i had to put in primary and secondary server url ?

2- in connect to part which one do i had to select any domain controller in the domain or specific domain controller ?

3- is that means from user name and password  , administrator user and password for active directory server ?

BR

Babak

Please mark helpful or correct if my answer resolved your issue.
0 Kudos