Solved

ESXi Shell Active Directory Authentication

Posted on 2016-07-27
5
104 Views
Last Modified: 2016-08-04
I need to be able to authenticate via SSH using ADS authentication... How do you get this setup?

Once setup, we wont be using root to authenticate via SSH into the esxi console.
0
Comment
Question by:Indyrb
  • 3
  • 2
5 Comments
 
LVL 119
ID: 41731880
What is very important is that ESXi host time, is synced to the same time source as your Active Directory domain controllers.

then you add the ESXi Host to the Domain, and then you may need to create an Active Directory group and add ESXi Admins into that group.

see this VMware KB for details

Configuring the ESXi host with Active Directory authentication (2075361)
0
 

Author Comment

by:Indyrb
ID: 41733159
is this for accessing the esxi server via SSH or logining into the ESXi box via webclient or FAT client.  I need mostly for SSH access
0
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 41733263
SSH and/or Legacy vSphere Client direct to ESXi!
0
 

Author Comment

by:Indyrb
ID: 41743039
Sorry to bother you, but if you join the esxi to the domain using above... How can you define what security groups can login and who can NOT.
0
 
LVL 119
ID: 41743052
there is a group which is created when you join it to the domain, or if not you create it.

which needs to match the configuration.

Change the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting to match the Administrator group that you want to use in the Active Directory. These settings takes affect within a minute and no reboot is required.

Source

Configuring the ESXi host with Active Directory authentication (2075361)
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question