Enthusiast
Enthusiast

join AD domain while installing vCenter 7?

Jump to solution

i have a lab environment that the AD domain - labtwo.local exists on DNS server and would like to build vSphere 7 under this domain name.

however, i'm not so sure about which option to choose in the "SSO configuration" page in the installer. as shown in figure below which is obtained from internet.

VCSA7-Deployment-15-768x528.png

the demand is to join the vCenter under the domain "labtwo.local".

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
Commander
Commander

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-88...

Did you find this helpful? Let me know by completing this survey (takes 1 minute!)

View solution in original post

0 Kudos
5 Replies
Leadership
Leadership

Moderator: Thread moved to the vSphere Upgrade & Install area.

0 Kudos
Immortal
Immortal

That should always remain as vsphere.local. Do not change it, and do not attempt to set that to an external AD domain name. That's now how that piece works.

0 Kudos
Contributor
Contributor

The VMware SSO Domain is not an Active Directory Domain.  Its vCenters internal default identity source.  I would recommend leaving this as the default - vsphere.local.

Once you have deployed vCenter, you can add an Active Directory Identity source to your vCenter appliance, this will then allow you to grant AD user accounts permissions to access you vCenter infrastructure. 

Check out this link for further information on adding an Identity Source - here

Hope that helps

0 Kudos
Commander
Commander

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-88...

Did you find this helpful? Let me know by completing this survey (takes 1 minute!)

View solution in original post

0 Kudos
Contributor
Contributor

In the installation wizard , it gives a hint to use vCenter SSO system domain like vsphere.local , the other option to join already existing SSO vaild if a vCenter system already running with its SSO system domain.

you can join vCenter 7 to active directory domain after completing installation , to do that follow steps in the following post https://www.systemadminslabs.net/2020/11/join-vcenter-7-to-active-directory.html

 


 

0 Kudos