Friday, April 27, 2012

ESXi Admin Authentication Against AD

I have a virtual host that I set up for our Developers to use for testing. I wanted to connect it to the AD domain for authentication. The setup is very easy and straightforward (this is one of those rare times), but there is a specific order in which you need to perform the steps that a few tutorials I read didn't specify.

Everyone leads off with adding the machine to the domain. You first need to go into the Configuration tab of your ESXi host and click Authentication Services. The rest of that step is pretty self-explanatory: select Active Directory as the service type and enter your domain name. You'll be prompted for the credentials of a user with the rights to add machines to the domain. What they forget to mention is that apparently ESXi uses a default admin group called ESX Admins, which you have to create in AD before you add the host to the domain. If you join the machine to the domain first and then create the security group second, the group doesn't show up in the Permissions tab.

Just a quick little note on a small omission that caused me some grief as I tried to set this up.

No comments:

Post a Comment