Using domain credentials for your VMware environment only makes sense. It alleviates the hassle of having to keep up with two different sets of user credentials and makes for a much more centralized authentication model for users as well as administrators. With ESXi and vCenter you have the “Authentication Services” Settings that allows you to actually link your ESXi box to your domain that you would like to add user accounts from. Let’s take a look and see how this is accomplished in the vSphere 4.1 Client.
Click on your host in the vSphere Client and then navigate to your “Configuration” tab
Once you are here, click on the “Properties” button that is all the way on the right hand side of the client. You will see the box below pop up that shows the “Local Authentication” selected which is the default mode.
Here we have clicked the “Local Authentication” dropdown box and selected “Active Directory.”
At this point, we want to login to vSphere using domain credentials, right click on our host, click the “Add Permission” menu option
option. We need to click on the “ADD” button under “Users and Groups” to display our locations of where to choose users:
- You need to make sure your vCenter box is joined to the domain which you want to add users from and you are logged into your vCenter box with a user who has permissions to add users from the domain. This is of course a side task in addition to joining your ESXi box to the domain.
- You will see your ESXi box in your “Computers” container in Active Directory after the domain joining finishes which will help confirm that it was successful
In conclusion this is a rather easy task to accomplish with the new vCenter/vSphere interface and most administrators will have no problems with the logic behind how permissions work in vSphere as it is rather intuitive.