Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Solved
VCSA join to Active directory
Posted on 2016-07-27
How do you join a VCSA to ADS...
And what is the difference of an identity source compared to joining to the domain?
We will need an identity source as domain.local and joined to somedomain.com
Does that make since?
And what is the difference of an identity source compared to joining to the domain?
We will need an identity source as domain.local and joined to somedomain.com
Does that make since?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3
2- +1
10 Comments
Active today
an identity source can be internal, local server or Active Directory domain.
you will need to follow the steps in this web link
http://www.virten.net/2015/02/how-to-add-ad-authentication-in-vcenter-6-0-platform-service-controller/
Are you using vCenter 6.0 ?
you will need to follow the steps in this web link
http://www.virten.net/2015/02/how-to-add-ad-authentication-in-vcenter-6-0-platform-service-controller/
Are you using vCenter 6.0 ?
Active 1 day ago
Adding the vCSA to the domain makes it a domain member, which allows it to directly communicate with Domain Controllers for authentication using Kerberos. Kerberos is significantly more secure than doing password hashing comparisons at login, which is what happens when you use AD as an Identity Source. Essentially, the difference is in the type of security used to authenticate users at login. Using AD as an Identity Source means that there are more methods for cracking authentication than if it were a domain member. Both methods are probably secure enough for the vast majority of environments (Kerberos would be preferable in, say, a very high security environment).
TL;DR: Functionally, they both do more or less the same thing. They allow you to log in with AD usernames and passwords. The difference is in *how* they do it.
TL;DR: Functionally, they both do more or less the same thing. They allow you to log in with AD usernames and passwords. The difference is in *how* they do it.
Active today
Hi,
to configure AD users in SSO and vsphere, you need to add you domain as an identity source in SSO.
To do that you need to join your vCSA to your AD first.
To join vCSA to your domain, log in to the Web vsphere 6 client with full rights, meaning e.g. administrator@vsphere.loca
Proper dns server must be set before.
to configure AD users in SSO and vsphere, you need to add you domain as an identity source in SSO.
To do that you need to join your vCSA to your AD first.
To join vCSA to your domain, log in to the Web vsphere 6 client with full rights, meaning e.g. administrator@vsphere.loca
Proper dns server must be set before.
Active today
yes! lot of differences!
Here is a start as a comparison :
http://www.vmwarearena.com/vsphere-6-0-difference-between-vsphere-5-0-5-1-5-5-and-vsphere-6-0/
https://www.virten.net/vmware/vsphere-5-5-vs-vsphere-6-0/
Here is a start as a comparison :
http://www.vmwarearena.com/vsphere-6-0-difference-between-vsphere-5-0-5-1-5-5-and-vsphere-6-0/
https://www.virten.net/vmware/vsphere-5-5-vs-vsphere-6-0/
Featured Post
Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.
Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units?
This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Attackers love to prey on accounts that have privileges.
Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month4 days, 13 hours left to enroll
670 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.