Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

VCSA join to Active directory

Posted on 2016-07-27
10
118 Views
Last Modified: 2016-07-28
How do you join a VCSA to ADS...

And what is the difference of an identity source compared to joining to the domain?

We will need an identity source as domain.local    and joined to somedomain.com

Does that make since?
0
Comment
Question by:Indyrb
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 119

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 125 total points
ID: 41731885
an identity source can be internal, local server or Active Directory domain.

you will need to follow the steps in this web link

http://www.virten.net/2015/02/how-to-add-ad-authentication-in-vcenter-6-0-platform-service-controller/

Are you using vCenter 6.0 ?
0
 
LVL 39

Assisted Solution

by:Adam Brown
Adam Brown earned 125 total points
ID: 41731975
Adding the vCSA to the domain makes it a domain member, which allows it to directly communicate with Domain Controllers for authentication using Kerberos. Kerberos is significantly more secure than doing password hashing comparisons at login, which is what happens when you use AD as an Identity Source. Essentially, the difference is in the type of security used to authenticate users at login. Using AD as an Identity Source means that there are more methods for cracking authentication than if it were a domain member. Both methods are probably secure enough for the vast majority of environments (Kerberos would be preferable in, say, a very high security environment).

TL;DR: Functionally, they both do more or less the same thing. They allow you to log in with AD usernames and passwords. The difference is in *how* they do it.
0
 
LVL 11

Accepted Solution

by:
Mr Tortur earned 250 total points
ID: 41732953
Hi,
to configure AD users in SSO and vsphere, you need to add you domain as an identity source in SSO.
To do that you need to join your vCSA to your AD first.

To join vCSA to your domain, log in to the Web vsphere 6 client with full rights, meaning e.g. administrator@vsphere.local then go to  Administration / Deployment-System configuration / nodes / select your vcenter / manage tab / settings / advanced / Active directory / Join !

Proper dns server must be set before.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Indyrb
ID: 41733185
ty
0
 

Author Comment

by:Indyrb
ID: 41733187
The version is 6.0

Is there a difference with version 6 compared to 5.5
0
 
LVL 11

Assisted Solution

by:Mr Tortur
Mr Tortur earned 250 total points
ID: 41733215
0
 

Author Comment

by:Indyrb
ID: 41733231
I mean adding to Domains...
0
 

Author Comment

by:Indyrb
ID: 41733234
Does version 6.0 "VCSA" add  to ADS domain same way version 5.5
0
 
LVL 119

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 125 total points
ID: 41733266
Correct.
0
 
LVL 11

Assisted Solution

by:Mr Tortur
Mr Tortur earned 250 total points
ID: 41733294
yes exactly the same way
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question