Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VMware vCenter Server Login Authentication Using Active Directory

Posted on 2010-11-28
3
Medium Priority
?
1,332 Views
Last Modified: 2012-05-10
On my Win2008 R2 box with vCenter Server installed I can launch vSphere from a PC, log into vCenter, and gain access to all my ESXi boxes. Great, but apparently there is a very specific way to grant what users have access to vCenter. Could someone enligthen me to the correct method?

What I did was go into AD, created a group called ESX Admins, added users to that group. Then on the Win2008 R2 box hosting vCenter i granted ESX Admins full Administrator privledge. Is that right or wrong?


All the information I found online referred to AD authenication for ESXi hosts and not vCenter. Similar to the link below: http://ict-freak.nl/2010/09/12/how-to-configure-vsphere-4-1-active-directory-authentication/

Any suggestions or did I do it correctly?
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 16

Accepted Solution

by:
Danny McDaniel earned 1600 total points
ID: 34227978
That's one way to go about it, but the best practice is to create AD groups and then within vCenter, assign those AD groups to a specific role such as administrator or VM admin or a custom role with specific permissions you want them to have.  

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_dc_admin_guide.pdf page 90
0
 
LVL 10

Assisted Solution

by:srgilani
srgilani earned 400 total points
ID: 34227991
The article you have mention is for ESX host, Whereas you require AD authentication on vCentre.

If you are AD admin as well then what you have to do is make ur vcentre machine part of ur domain and then in vcentre permissions add domain user / group and assign permission.

since i am not AD admin what i have done is added my in domain then create local groups on my vcentre like "Vsphere Admin" "Vsphere Power VM" etc and then add AD users in these groups. After this i simply add these local group in VCentre permission tab as appropriate and assign role made in vcentre.

Hope this will clarify.
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 34230948
I created a group in AD called ESX Admins. From there I went into vCenter, Permissions, and added the group called ESX Admins to the Administrator Group in vCenter. It works!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your phone running out of space to hold pictures?  This article will show you quick tips on how to solve this problem.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question