VMware Cloud Community
Stuarty1874
Contributor
Contributor
‎01-26-2008 06:45 AM

Active Directory Authentification (Group Access)

Guys, I currently have the ability to authenticate against Active Directory from my ESX 3 host. I useradd individual accounts and have them authenticate against AD.

What I'd like to know is.......

Is it possible to....

a) Create a group on the ESX host

b) then create a replica group in Active Directory

c) add my users to the Active Directory group,

d) then logon via SSH and authenticate in ESX?

0 Kudos
4 Replies
sbeaver
Leadership
Leadership
‎01-26-2008 08:00 AM

Check out this thread and download the doc I posted. This should point you in the right direction

http://communities.vmware.com/message/789543#789543

Steve Beaver

VMware Communities User Moderator

*Virtualization is a journey, not a project.*

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**
0 Kudos
Stuarty1874
Contributor
Contributor
‎01-28-2008 06:59 AM

Thanks Steve. I'll have a look and get back to you.

0 Kudos
RParker
Immortal
Immortal
‎01-28-2008 08:15 AM

You can create users on AD and have the ESX authenticate, but the problem is we tried it and it keeps locking the AD accounts, so we quit using it.

I don't think you can replicate groups, only users.

0 Kudos
Schorschi
Expert
Expert
‎01-31-2008 09:48 PM

There are lots of variants for LDAP script to query AD for group membership, and then delete/add user ids on each ESX host. There are a few good examples of the script on various blogs, google it. It works well for us.

0 Kudos