VMware Cloud Community
zenking
Hot Shot
Hot Shot
Jump to solution

vCenter AD Authentication

I've seen some info about adding the esxi hosts to AD, but I'm looking more for something about using AD accounts for the vsphere client since that's where we're doing 95% of our work. Right now we're logging into vcenter with a local admin account that has the admin permissions on our datacenters. If I add the vcenter vm (which is xp 64 bit) to AD and add the appropriate AD users to the local admin group, do I need to do anything else within vcenter before I can start using the AD account to log into the client?

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos
1 Solution

Accepted Solutions
weinstein5
Immortal
Immortal
Jump to solution

No you do not need to do anything - the server will know to look to the domain for the authentication.

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

View solution in original post

Reply
0 Kudos
5 Replies
weinstein5
Immortal
Immortal
Jump to solution

No you do not need to do anything - the server will know to look to the domain for the authentication.

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Reply
0 Kudos
RParker
Immortal
Immortal
Jump to solution

You may not need to do anything, but you may be aware of something.

If you created a local account on vCenter say vmadmin and you ALSO have a domain account of the same name, you have to distinguish which one you want to login.

So if your domain is company.com and that's how vCenter is joined, to login as vmadmin you may have to add company\vmadmin otherwise vCenter will assume you mean the LOCAL account not the domain..

Just FYI

zenking
Hot Shot
Hot Shot
Jump to solution

Thanks, guys. We have different admin account names in AD, so that won't be an issue.

Cheers

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos
zenking
Hot Shot
Hot Shot
Jump to solution

I added the vcenter vm to AD and was able to log directly into the vm with the AD account, but I couldn't log into the client with AD credentials. I tried both adminname and AD\adminname. I removed the vm from AD, so I can log into the client again.

Any ideas on troubleshooting this?

Thanks.

VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.
Reply
0 Kudos
gunga
Contributor
Contributor
Jump to solution

Quote Remove 

Not sure if this original post was answered. Here is my situation.

I have a running vsphere 4.1 and have a virtual center that is on a server that is in a workgroup not a domain.

I now want to use domain accounts for my VCenter. So I read that I need to have Vcenter server in a domain. But when I add the Vcenter to the domain I can not login to Vcenter even with administrator account using the client.

Can you change VCenter to a domain from a workgroup and have this work in 4.0 or 4.1? Or do you have to rebuild Vcenter from scratch with a computer that is already in the domain?

I tested it on my vshere 4.0 setup and it didnt work. Just assumed this would work on either.

Thanks for any insite.
Reply
0 Kudos