i have a lab environment that the AD domain - labtwo.local exists on DNS server and would like to build vSphere 7 under this domain name.
however, i'm not so sure about which option to choose in the "SSO configuration" page in the installer. as shown in figure below which is obtained from internet.
the demand is to join the vCenter under the domain "labtwo.local".
A little bit confused. so the questions are:
1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?
2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?
A little bit confused. so the questions are:
1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?
Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.
2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?
Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs
Did you find this helpful? Let me know by completing this survey (takes 1 minute!)
Moderator: Thread moved to the vSphere Upgrade & Install area.
That should always remain as vsphere.local. Do not change it, and do not attempt to set that to an external AD domain name. That's now how that piece works.
The VMware SSO Domain is not an Active Directory Domain. Its vCenters internal default identity source. I would recommend leaving this as the default - vsphere.local.
Once you have deployed vCenter, you can add an Active Directory Identity source to your vCenter appliance, this will then allow you to grant AD user accounts permissions to access you vCenter infrastructure.
Check out this link for further information on adding an Identity Source - here
Hope that helps
A little bit confused. so the questions are:
1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?
Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.
2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?
Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs
Did you find this helpful? Let me know by completing this survey (takes 1 minute!)
The installation wizard gives a hint to use vCenter SSO system domain like vSphere.Local, The other option is to join existing SSO valid if a vCenter system is already running with its SSO system domain.
You can join vCenter 7 to the active directory domain after completing the installation. To do, that follow the steps in the following post https://www.systemadminslabs.com/2020/11/22/join-vmware-vcenter-7-server-to-active-directory-domain/