VMware Cloud Community
dfosbenner
Enthusiast
Enthusiast
‎11-04-2014 01:07 PM
Jump to solution

vCenter, AD-integration, and multiple forests

I manage three different Active Directory forests.  These were setup many years ago, they are three separate (private) companies, but all owned by the same CEO.

Well now it's 2014 and I am looking at vCenter.  Presently I have the Essentials version of vCenter which is limited to three hosts, and I'm learning to use it at HQ.  Ultimately I'd like vCenter Standard, and be able to manage the ESXi hosts at the other companies.  I don't have my vCenter integrated with AD at the moment - I'm just using the vsphere.local default.  As I am reading about enabking AD-integration with vCenter, it's looking like I have a problem.  The hosts in the other domains/forests don't have the same domain in their FQDN.

Seems like this will prevent me from using AD-integration since I have more than one domain.  But I should still be able to manage them all in one vCenter if I use vsphere.local, right?

0 Kudos
1 Solution

Accepted Solutions
rcporto
Leadership
Leadership
‎11-04-2014 05:46 PM
Jump to solution

You can use AD Integration without problem, take a look at this KB article for additional details if your forests are trusted: VMware KB: Microsoft Active Directory Trusts supported with VMware vCenter Single Sign-On

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto

View solution in original post

0 Kudos
5 Replies
rcporto
Leadership
Leadership
‎11-04-2014 05:46 PM
Jump to solution

You can use AD Integration without problem, take a look at this KB article for additional details if your forests are trusted: VMware KB: Microsoft Active Directory Trusts supported with VMware vCenter Single Sign-On

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
dfosbenner
Enthusiast
Enthusiast
‎11-05-2014 05:08 AM
Jump to solution

Thank you so much!  This is a big relief to know my design is supported.

0 Kudos
SJ1991
Contributor
Contributor
‎01-05-2018 02:40 PM
Jump to solution

Hi Richardson,

This never worked for me. I have xyz.corp and abc.net domains and there is a two way trust relationship between xyz.corp and abc.net. All is well until here.

Now I have installed vcenter on a server joined to abc.net domain and added the SG containing xyz.corp users to the Admin group in vcenter. After this when I try to login with a user from xyz.corp. It says invalid creds. Smiley Sad

0 Kudos
dfosbenner
Enthusiast
Enthusiast
‎01-05-2018 06:12 PM
Jump to solution

Wow, funny seeing this pop up 3 years later.  I ended up just using vsphere.local without AD integration.  I manage the servers in different AD domains from the single vCenter server, no issues.

0 Kudos
SJ1991
Contributor
Contributor
‎01-08-2018 12:54 PM
Jump to solution

Smiley Happy Worked for me finally.

0 Kudos