feter20
Enthusiast
Enthusiast

join AD domain while installing vCenter 7?

Jump to solution

i have a lab environment that the AD domain - labtwo.local exists on DNS server and would like to build vSphere 7 under this domain name.

however, i'm not so sure about which option to choose in the "SSO configuration" page in the installer. as shown in figure below which is obtained from internet.

VCSA7-Deployment-15-768x528.png

the demand is to join the vCenter under the domain "labtwo.local".

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
msripada
Virtuoso
Virtuoso

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-88...

Did you find this helpful? Let me know by completing this survey (takes 1 minute!)

View solution in original post

0 Kudos
5 Replies
scott28tt
VMware Employee
VMware Employee

Moderator: Thread moved to the vSphere Upgrade & Install area.

0 Kudos
daphnissov
Immortal
Immortal

That should always remain as vsphere.local. Do not change it, and do not attempt to set that to an external AD domain name. That's now how that piece works.

0 Kudos
SMcT
Enthusiast
Enthusiast

The VMware SSO Domain is not an Active Directory Domain.  Its vCenters internal default identity source.  I would recommend leaving this as the default - vsphere.local.

Once you have deployed vCenter, you can add an Active Directory Identity source to your vCenter appliance, this will then allow you to grant AD user accounts permissions to access you vCenter infrastructure. 

Check out this link for further information on adding an Identity Source - here

Hope that helps

0 Kudos
msripada
Virtuoso
Virtuoso

A little bit confused. so the questions are:

1. if i select the "join the existing SSO domain" then this indicate that the vCenter can utilize my AD domain's user account directly for login instead of creating a "vSphere.local" and using "administrator@vsphere.local" as login account?

Join the existing SSO domain is only required to be selected when you wanted to join the new vCenter to an existing vCenter in linked mode. This sso domain is vSphere.local or can be customized from vsphere 6.x versions. SSO DOMAIN is NOT SAME as your AD DOMAIN and should be unique.

2. is choosing "join the existing SSO domain" meaning that the vCenter server will join the AD domain at the same time?

Same answer as above. Once the vCenter is deployed. You need to follow the steps in the below docs

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-88...

Did you find this helpful? Let me know by completing this survey (takes 1 minute!)

View solution in original post

0 Kudos
Mohamed2233
Contributor
Contributor

The installation wizard gives a hint to use vCenter SSO system domain like vSphere.Local, The other option is to join existing SSO valid if a vCenter system is already running with its SSO system domain.

You can join vCenter 7 to the active directory domain after completing the installation. To do, that follow the steps in the following post https://www.systemadminslabs.com/2020/11/22/join-vmware-vcenter-7-server-to-active-directory-domain/

 

 


 

0 Kudos