Hi

Chargeback supports Windows Authentication. For this, please make sure that Chargeback is installed for supporting Windows Authentication.

Please refer to "Installing vCenter Chargeback" chapter for the details.

Please let us know if you have already installed Chargeback under Windows Authentication and still not able to get it working.

Regards,

Hemanth

Are you referring to the SQL database for Chargeback itself during install? This is about Adding a vCenter Server during configuration.

Hi William,

Yes.

Chargeback supports Windows Authentication. For this, please make sure that Chargeback is installed for supporting Windows Authentication (i.e. Using 'Windows Authentication' while providing details for Chargeback Database during installation). If this is the case, then you should be able to add vCenter Server in Windows Authentication mode.

Please refer to "Installing vCenter Chargeback" chapter for the details.

Please let us know if you have already installed Chargeback under Windows Authentication and still not able to get it working.

Thanks,

Akshay

Hi

To clarify, Chargeback uses same credentials for windows Authentication for authenticating with both Chargeback database and vCenter server database. When you install Chargeback for Windows authentication, Chargeback is made to run under the specified account. So, the same user should have access to both Chargeback database and vCenter Server database.

So, while you are adding vCenter server to Chargeback, as Chargeback is running under specified account, those credentials are used for communicating with vCenter Server database.

Hope this clarifies.

Regards,

Hemanth

Thanks. I just can't figure out the reason why two SQL share the same account for Windows authentication? They don't have to the same database or instance, correct?

I created seperate new SQL logins and granted minimum permissions, for example readonly for vCenter SQL.

I agree 100%!  I spent a couple hours on this before realizing what was going on.  It doesn't help the matter that the vCenter Server Database Authentication Type is listed as Windows Authentication/Credential Based Authentication instead of Windows Authentication/SQL Server Authentication.  Since the Windows Authentication option doesn't allow username/password I assumed it used the account I was logged into my PC with so instead I chose Credential Based and put in my domain service account for the vCenter DB.  For the life of me I couldn't figure out what was going on until I logged in as my vCenter DB account and tried the Windows Auth instead.  I looked at the audit logs and saw that the failed login attempt when choosing Windows Authentication came from the service account I was using for Chargeback, not the service account I was using for the vCenter DB!

For the VMware folks monitoring this queue, I'd recommend these vCenter Server Fixes in future releases:

1. Change the wording in the product and/or clarify "Credential Based Authentication" within the User Guide so we know its SQL Auth.
2. For Windows Authentication, allow us to specify an account so we aren't forced to use 1 windows account for 2 seperate databases.

Thanks!

Hi

Thanks for your inputs.

We have named as “Credential Based Authentication” because, the same option is used for Oracle database as well. We will try to clarify this in the documentation, as you suggested,

For the second point, in the next release, we will allow specifying credentials for Windows authentication as well.

Regards,

Hemanth