Re: No domain listed for vCenter, local Admin acco...

Andrew800 · ‎04-05-2013

I recently installed and configured vCenter Server on a Windows 2008 R2 VM using a SQL 2008 database. Currently, only the local Administrator account of that machine can be used to log in to vCenter using the vSphere Client. When I select the vCenter instance in the vCenter tree (top-most in the tree), then click the Permissions tab, then 'right-click > Add Permission...', then click 'Add...', in the drop down menu for 'Domain' there are only the following three available options: blank, '(server)' and 'SYSTEM-DOMAIN' as shown in the attached pic. The default (or current selection when it is opened) is 'blank', and my domain name does not appear in the drop down menu at all. On the Windows server where vCenter is installed, I put a few individual user accounts and the 'Domain-Admins' group (which has its own list of users) into the local Administrators group expecting that one of the names in the Domain Admins group could also be used to access vCenter via the vSphere Client. This did not work. Where can I add these accounts to be able to access vCenter and why does the domain not appear in that drop down menu?

chriswahl · ‎04-05-2013

Welcome to the world of Single Sign On (SSO). You'll need to tie your domain into SSO before you can set permissions on domain accounts.

This link should assist:

http://pubs.vmware.com/vsphere-51/topic/com.vmware.vsphere.security.doc/GUID-B23B1360-8838-4FF2-B074...

VCDX #104 (DCV, NV) ஃ WahlNetwork.com ஃ @ChrisWahl ஃ Author, Networking for VMware Administrators

FL0G · ‎04-05-2013

As described, you have to add the DC additionaly to your SSO configuration. But there is a gotcha: You do not see the the configuration menu when logged in as local-os Administrator. You have to use the SSO admin which you created during the vCenter installation (admin@system-domain).

All

No domain listed for vCenter, local Admin account only can access vCenter