5 Replies Latest reply on Nov 4, 2014 9:40 AM by jmedd

    AD Plugin  - Support for Multiple Domain Controllers?

    jmedd Enthusiast
    vExpert

      Using a single Windows domain and the vCO AD Plugin 1.0.4. When configuring against the single Windows domain a DC in that domain is specified. Ideally I need to be able to support a situation where that configured DC is not available and a different DC automatically being used. (For instance other products which query or update AD can be configured with the domain root or multiple DCs configured to use in a particular order).

       

      Can anyone confirm if this is possible, i.e. is the configured DC in the plugin the only DC in that domain it is possible to use?

       

      By the looks of things I don't believe it is, but happy to learn otherwise. If not, please consider this a feature request :-)

        • 1. Re: AD Plugin  - Support for Multiple Domain Controllers?
          cdecanini_ Virtuoso
          VMware Employees

          The actual plug-in is not able to support multiple domains.

          Alternatively it is possible to:

          • Reconfigure the plug-in via workflow for each domain (but you need to use vCO lock to avoid a in flight workflow to be affected by configuration change).
          • Use mutliple vCO servers with the multi-node plug-in. Using one AD config per vCO.

           

          Eventually a new version of the plug-in will support multiple hosts since this is a common requirement.

          1 person found this helpful
          • 2. Re: AD Plugin  - Support for Multiple Domain Controllers?
            jmedd Enthusiast
            vExpert

            Thanks for the reply. Just to clarify, in this instance I am not actually interested in multiple domains (I've seen discussions on that in other communities posts).

             

            I am interested in multiple domain controller support in a single domain? Is your response applicable in that scenario, i.e. use one of the two suggested methods to talk to different DCs in the same domain?

            • 3. Re: AD Plugin  - Support for Multiple Domain Controllers?
              cdecanini_ Virtuoso
              VMware Employees

              As long as you can get a valid configuration with setting the host configuration with the workflow for each host it should work.

              • 4. Re: AD Plugin  - Support for Multiple Domain Controllers?
                qc4vmware Master

                Is there any reason you aren't using a load balancer?  We have a VIP that points to all of the DC's which host the global catalog.  That being said we have found the AD plugin unusable do to its inability to deal with both our AD structure and very poor performance against a large directory.  I haven't take a look at the latest release of the plugin but from what I can gather in the forums not a whole lot has changed.  Maybe the performance has been improved but our structure will still break it.

                1 person found this helpful
                • 5. Re: AD Plugin  - Support for Multiple Domain Controllers?
                  jmedd Enthusiast
                  vExpert

                  Thanks. Using a load balancer did come to mind, but had never heard of anyone else actually doing that (for any reason with AD), so it's good to hear that might be a possible route to go down. It does seem a bit excessive though to get round a fault with the plugin :-)

                   

                  I have a number of issues with the plugin similar to yourself (have seen some of your other postings on the topic). For this particular project we are already doing some of the AD work via vCO calls to PowerShell instead because of a constraint around not being able to implement SSL on the DCs. To be honest I think if I was starting again on this project I'd be tempted to do the whole AD part via vCO calls to PowerShell rather than try and use the AD plugin.

                   

                  Hopefully a better version of the plugin will be released in the future!