Solved

vcenter 4.1 AD authentication

Posted on 2014-02-24
9
716 Views
Last Modified: 2014-02-27
hello Expert
i just build up a vcenter with edition is 4.1, could you teach me how i can add Active Directory authentication for this vCenter so that i can delegate permissions for each domain account?

thank you
0
Comment
Question by:beardog1113
  • 4
  • 3
  • 2
9 Comments
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
Is your vCenter Server installed and added to a Member Server of a Domain ?
0
 

Author Comment

by:beardog1113
Comment Utility
hello
it looks like make the vShpere host join domain and authenticate againstit, if i have 100 host under the vcenter, may i need do this 100 times for each host?
does it possible make the vcenter to authenticate against the domain directly?

thank you
0
 

Author Comment

by:beardog1113
Comment Utility
hi Andrew
yes it is, the vcenter is a domain member server.

thanks
0
 
LVL 13

Accepted Solution

by:
Abhilash earned 250 total points
Comment Utility
If its a Domain member server then the vCenter ca authenticate AD Users.
Now to add permissions to vCenter, Click on vCenter object and click on the Permissions TAB.

Once you get to there you can Right-Click and select Add Permissions.
This will take you to the permissions Window. On the top you will see a drop down list of authentication sources. Select your AD server from it.
Below in the box it will show all users in AD, search for the user/group you need to assign permissions to and click on the Add button. On the right you will find the roles list. Assign the required role(Adminstrator/read-only/No Acess/Custom Role) for the user/group and click ok.

Now you will be able to login using that account from AD.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
Comment Utility
If you you have added Domain Administrators to the Administrators group on the Member Server (vCenter Server), you should be able to login as Administrator, using a Domain Administrator account, which will then let you Add Permissions to the VM Template and Folder view.
0
 

Author Comment

by:beardog1113
Comment Utility
hello Abhilash
your options is under login with "Administrator" right?

hello Andrew
of course i am using the account belong to "domain admins" to login the vcenter, but it told me that i don't have the permission to login. also as Abhilash mentioned, while add the permission, how can i update the domain list? i mean i have several domains in our organization which is totally trust domain relationship, how can i display other domains in the list?

thank you all
0
 
LVL 13

Expert Comment

by:Abhilash
Comment Utility
Yes you will get the options when you login with Administrator if that is what you are asking.
Any user who has Administrator login to vCenter can do these changes.
I not sure if this is possible in vCenter 5.0 and below. I'm sure it can be done from 5.1 and above.
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
Are you Domain Administrator accounts, members of the Local Administrators group on the member server? (which is usually the Default).

Any member of this group has Default Access to vCenter, and when you've logged in, then we can suggest how you modify permissions, and add groups and roles.

If the trusts are in place, those domains, should be able in the pick lists.
0
 

Author Closing Comment

by:beardog1113
Comment Utility
thank you
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Using a software based iSCSI solution, there is no requirement to purchase a hardware iSCSI initiator or TOE (TCP/IP Offload Engine) interface card. A standard network interface card can be used to connect an existing ESXi server to a remote iSCSI t…
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Advanced tutorial on how to run the esxtop command to capture a batch file in csv format in order to export the file and use it for performance analysis. He demonstrates how to download the file using a vSphere web client (or vSphere client) and exp…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now