Solved

VMware vCenter Server Login Authentication Using Active Directory

Posted on 2010-11-28
3
1,312 Views
Last Modified: 2012-05-10
On my Win2008 R2 box with vCenter Server installed I can launch vSphere from a PC, log into vCenter, and gain access to all my ESXi boxes. Great, but apparently there is a very specific way to grant what users have access to vCenter. Could someone enligthen me to the correct method?

What I did was go into AD, created a group called ESX Admins, added users to that group. Then on the Win2008 R2 box hosting vCenter i granted ESX Admins full Administrator privledge. Is that right or wrong?


All the information I found online referred to AD authenication for ESXi hosts and not vCenter. Similar to the link below: http://ict-freak.nl/2010/09/12/how-to-configure-vsphere-4-1-active-directory-authentication/

Any suggestions or did I do it correctly?
0
Comment
Question by:First Last
3 Comments
 
LVL 16

Accepted Solution

by:
danm66 earned 400 total points
Comment Utility
That's one way to go about it, but the best practice is to create AD groups and then within vCenter, assign those AD groups to a specific role such as administrator or VM admin or a custom role with specific permissions you want them to have.  

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_dc_admin_guide.pdf page 90
0
 
LVL 10

Assisted Solution

by:srgilani
srgilani earned 100 total points
Comment Utility
The article you have mention is for ESX host, Whereas you require AD authentication on vCentre.

If you are AD admin as well then what you have to do is make ur vcentre machine part of ur domain and then in vcentre permissions add domain user / group and assign permission.

since i am not AD admin what i have done is added my in domain then create local groups on my vcentre like "Vsphere Admin" "Vsphere Power VM" etc and then add AD users in these groups. After this i simply add these local group in VCentre permission tab as appropriate and assign role made in vcentre.

Hope this will clarify.
0
 
LVL 1

Author Closing Comment

by:First Last
Comment Utility
I created a group in AD called ESX Admins. From there I went into vCenter, Permissions, and added the group called ESX Admins to the Administrator Group in vCenter. It works!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

A procedure for exporting installed hotfix details of remote computers using powershell
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now