Solved

ESXi Shell Active Directory Authentication

Posted on 2016-07-27
5
119 Views
Last Modified: 2016-08-04
I need to be able to authenticate via SSH using ADS authentication... How do you get this setup?

Once setup, we wont be using root to authenticate via SSH into the esxi console.
0
Comment
Question by:Indyrb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 120
ID: 41731880
What is very important is that ESXi host time, is synced to the same time source as your Active Directory domain controllers.

then you add the ESXi Host to the Domain, and then you may need to create an Active Directory group and add ESXi Admins into that group.

see this VMware KB for details

Configuring the ESXi host with Active Directory authentication (2075361)
0
 

Author Comment

by:Indyrb
ID: 41733159
is this for accessing the esxi server via SSH or logining into the ESXi box via webclient or FAT client.  I need mostly for SSH access
0
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 41733263
SSH and/or Legacy vSphere Client direct to ESXi!
0
 

Author Comment

by:Indyrb
ID: 41743039
Sorry to bother you, but if you join the esxi to the domain using above... How can you define what security groups can login and who can NOT.
0
 
LVL 120
ID: 41743052
there is a group which is created when you join it to the domain, or if not you create it.

which needs to match the configuration.

Change the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting to match the Administrator group that you want to use in the Active Directory. These settings takes affect within a minute and no reboot is required.

Source

Configuring the ESXi host with Active Directory authentication (2075361)
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

731 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question