Hi,
is it requirement to have your vCenter in AD domain?
In vsphere-esxi-vcenter-server-51-installation-setup-guide.pdf there is information on page 222:
"If the system that you use for your vCenter Server installation belongs to a workgroup rather than a
domain, not all functionality is available to vCenter Server. If assigned to a workgroup, the vCenter Server
system is not able to discover all domains and systems available on the network when using some features."
Please can someone describe this more?
Hi Ferdis,
vSphere 5.1 has an implimentation of a concept of "single sign on" or SSO. It's supposed to be an interface that allows domain users to authenticate and supports LDAP, AD and bunch of other authentication methods.
As such, installing in a workgroup essentially does not allow for "auto discovery" of domain users etc and as such, only authentication available would be local authentication.
Setting up additional "identity sources" etc later can be done, but can raise other issues.
Another thing to keep in mind is if the VC is not connected to a domain, and after installation, if you want to add the VC to a domain, the most obvious thing that's going to happen is that the FQDN of the VC will/might change. This would cause a bunch of services that depend on name resolution to stop working, especially SSO, Inventory Services, Hardware Status and other plugins etc.
So the answer is, you CAN set up VC in a workgroup, and it WOULD work, just later if you want to move it to a domain or configure AD accounts etc, that might cause multiple components to break
Hope that helps
Regards
a
Hi,
thank you very much!