VCSA join to Active directory

How do you join a VCSA to ADS...

And what is the difference of an identity source compared to joining to the domain?

We will need an identity source as domain.local    and joined to somedomain.com

Does that make since?
LVL 5
IndyrbAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Mr TorturConnect With a Mentor System EngineerCommented:
Hi,
to configure AD users in SSO and vsphere, you need to add you domain as an identity source in SSO.
To do that you need to join your vCSA to your AD first.

To join vCSA to your domain, log in to the Web vsphere 6 client with full rights, meaning e.g. administrator@vsphere.local then go to  Administration / Deployment-System configuration / nodes / select your vcenter / manage tab / settings / advanced / Active directory / Join !

Proper dns server must be set before.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
an identity source can be internal, local server or Active Directory domain.

you will need to follow the steps in this web link

http://www.virten.net/2015/02/how-to-add-ad-authentication-in-vcenter-6-0-platform-service-controller/

Are you using vCenter 6.0 ?
0
 
Adam BrownConnect With a Mentor Sr Solutions ArchitectCommented:
Adding the vCSA to the domain makes it a domain member, which allows it to directly communicate with Domain Controllers for authentication using Kerberos. Kerberos is significantly more secure than doing password hashing comparisons at login, which is what happens when you use AD as an Identity Source. Essentially, the difference is in the type of security used to authenticate users at login. Using AD as an Identity Source means that there are more methods for cracking authentication than if it were a domain member. Both methods are probably secure enough for the vast majority of environments (Kerberos would be preferable in, say, a very high security environment).

TL;DR: Functionally, they both do more or less the same thing. They allow you to log in with AD usernames and passwords. The difference is in *how* they do it.
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
IndyrbAuthor Commented:
ty
0
 
IndyrbAuthor Commented:
The version is 6.0

Is there a difference with version 6 compared to 5.5
0
 
IndyrbAuthor Commented:
I mean adding to Domains...
0
 
IndyrbAuthor Commented:
Does version 6.0 "VCSA" add  to ADS domain same way version 5.5
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
Correct.
0
 
Mr TorturConnect With a Mentor System EngineerCommented:
yes exactly the same way
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.