Solved

VMware vCenter Server Login Authentication Using Active Directory

Posted on 2010-11-28
3
1,321 Views
Last Modified: 2012-05-10
On my Win2008 R2 box with vCenter Server installed I can launch vSphere from a PC, log into vCenter, and gain access to all my ESXi boxes. Great, but apparently there is a very specific way to grant what users have access to vCenter. Could someone enligthen me to the correct method?

What I did was go into AD, created a group called ESX Admins, added users to that group. Then on the Win2008 R2 box hosting vCenter i granted ESX Admins full Administrator privledge. Is that right or wrong?


All the information I found online referred to AD authenication for ESXi hosts and not vCenter. Similar to the link below: http://ict-freak.nl/2010/09/12/how-to-configure-vsphere-4-1-active-directory-authentication/

Any suggestions or did I do it correctly?
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 16

Accepted Solution

by:
danm66 earned 400 total points
ID: 34227978
That's one way to go about it, but the best practice is to create AD groups and then within vCenter, assign those AD groups to a specific role such as administrator or VM admin or a custom role with specific permissions you want them to have.  

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_dc_admin_guide.pdf page 90
0
 
LVL 10

Assisted Solution

by:srgilani
srgilani earned 100 total points
ID: 34227991
The article you have mention is for ESX host, Whereas you require AD authentication on vCentre.

If you are AD admin as well then what you have to do is make ur vcentre machine part of ur domain and then in vcentre permissions add domain user / group and assign permission.

since i am not AD admin what i have done is added my in domain then create local groups on my vcentre like "Vsphere Admin" "Vsphere Power VM" etc and then add AD users in these groups. After this i simply add these local group in VCentre permission tab as appropriate and assign role made in vcentre.

Hope this will clarify.
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 34230948
I created a group in AD called ESX Admins. From there I went into vCenter, Permissions, and added the group called ESX Admins to the Administrator Group in vCenter. It works!
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When we purchase storage, we typically are advertised storage of 500GB, 1TB, 2TB and so on. However, when you actually install it into your computer, your 500GB HDD will actually show up as 465GB. Why? It has to do with the way people and computers…
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question