hey,
I have vMA 4.1 with AD integration and ESXi 4.1/4.0 with fastpass authentication,
now, when I log in with domain user, I need to enter user name and password for each command.
is this normal behavior?
I was sure that fastpass save the credentials, and any user that in the sudoers file will be able to run command without entering username and password.
thanks.
To get this to work, you need to ensure that both your vMA host and ESX(i) host has been added to AD. You also need to ensure that you add your ESX(i) host using --authpolicy adauth, once you've done that, you'll need to initialize your target before you can execute a command in which vi-fastpass will takeover and using your AD credentials w/o prompting you for password.
Also take a look at this blog post, it should be helpful - http://www.virtuallyghetto.com/2010/07/vma-41-authentication-policy-fpauth-vs.html
=========================================================================
William Lam
VMware vExpert 2009,2010
VMware VCP3,4
VMware VCAP4-DCA
VMware scripts and resources at:
Getting Started with the vMA (tips/tricks)
Getting Started with the vSphere SDK for Perl
VMware Code Central - Scripts/Sample code for Developers and Administrators
If you find this information useful, please award points for "correct" or "helpful".
Here is a blog post that should help - http://www.virtuallyghetto.com/2010/11/how-to-configure-and-use-vmas-vi.html
=========================================================================
William Lam
VMware vExpert 2009,2010
VMware VCP3,4
VMware VCAP4-DCA
VMware scripts and resources at:
Getting Started with the vMA (tips/tricks)
Getting Started with the vSphere SDK for Perl
VMware Code Central - Scripts/Sample code for Developers and Administrators
If you find this information useful, please award points for "correct" or "helpful".
hey William,
i already understand this.. mostly from your blog..
my question is what happens if i have number of environments.
for one environment i use AD authentication all the way ( vMA and ESXi's are integrated to AD) and it works perfectly.
For the other environment, same vMA, I want to use fpauth (root user),
but it keeps asking me for user name and password (again i connected to vMA with my domain user).
is this supposed to happen?
BTW when i connect to vMA with vi-admin, the fpauth to the sane ESXi's (with root user) work just fine..
thanks
As mentioned in the blog post, there are two types of vi-fastpass auth: fpauth and adauth
If you're trying to using fpauth, you need to be logged into vMA using vi-admin account. If you have a mix of both types, you have two options:
1) Login directly as vi-admin account as fpauth is only valid under this account
2) Login using AD credentials and allow the account to sudo over to vi-admin user, this allows you to utilize both type of auths + allows for auditing purposes
=========================================================================
William Lam
VMware vExpert 2009,2010
VMware VCP3,4
VMware VCAP4-DCA
VMware scripts and resources at:
Getting Started with the vMA (tips/tricks)
Getting Started with the vSphere SDK for Perl
VMware Code Central - Scripts/Sample code for Developers and Administrators
If you find this information useful, please award points for "correct" or "helpful".