Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ESXi Shell Active Directory Authentication

Posted on 2016-07-27
5
Medium Priority
?
169 Views
Last Modified: 2016-08-04
I need to be able to authenticate via SSH using ADS authentication... How do you get this setup?

Once setup, we wont be using root to authenticate via SSH into the esxi console.
0
Comment
Question by:Indyrb
  • 3
  • 2
5 Comments
 
LVL 124
ID: 41731880
What is very important is that ESXi host time, is synced to the same time source as your Active Directory domain controllers.

then you add the ESXi Host to the Domain, and then you may need to create an Active Directory group and add ESXi Admins into that group.

see this VMware KB for details

Configuring the ESXi host with Active Directory authentication (2075361)
0
 
LVL 5

Author Comment

by:Indyrb
ID: 41733159
is this for accessing the esxi server via SSH or logining into the ESXi box via webclient or FAT client.  I need mostly for SSH access
0
 
LVL 124

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 2000 total points
ID: 41733263
SSH and/or Legacy vSphere Client direct to ESXi!
0
 
LVL 5

Author Comment

by:Indyrb
ID: 41743039
Sorry to bother you, but if you join the esxi to the domain using above... How can you define what security groups can login and who can NOT.
0
 
LVL 124
ID: 41743052
there is a group which is created when you join it to the domain, or if not you create it.

which needs to match the configuration.

Change the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting to match the Administrator group that you want to use in the Active Directory. These settings takes affect within a minute and no reboot is required.

Source

Configuring the ESXi host with Active Directory authentication (2075361)
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question