Join VMware ESXi 6.5 to Active Directory

You can configure a host to use a directory service such as Active Directory to manage users and groups, especially when it is about an organization or enterprise environment, for better management of the users and access to the host.

Before you add host to the AD domain, first :

  • Verify that the host name of ESXi is fully qualified with the domain name of the Active Directory forest.
  • You have an Active Directory domain and have create both reverse and forward dns record for the esxi host.
  • Root access: Create a group called ESX Admins on Active Directory. AD users accounts assigned to it are automatically granted root access on ESXi.
  • Time must be synchronized between AD domain and host. Synchronize the time between ESXi and the directory service system using NTP 

 

1- Check the hostname of the esxi host and domain name, to be the same with AD domain.

2018-03-27_20h02_57

2- Check Active Directory domain, the DNS records and security group created for the access :

Create new security group , ESX Admins and add member to it, who will have access to the host.

3- Check the DNS record created in both zones :

2018-03-27_20h08_49

4- Configure NTP on host and start it :

System – Time & Date – Edit settings

2018-03-27_20h11_04

Enter NTP servers and save it. Then under Actions -> NTP Service -> Start

2018-03-27_20h13_51

After we have completed this prerequisites, click on Manage -> Security & Users -> Authentication -> Click on Join domain

2018-03-27_20h18_45

Type the Name of your Domain and enter a username and password of a user that Is authorized to Join computers to the domain.

2018-03-27_20h21_04

After you join domain, refresh and you will see the new domain joined.

2018-03-27_20h22_44

Verify by loggin out of the host gui and enter with domain credentials.

2018-03-27_20h27_07

After a succesful login, you will see at the top logged user :

2018-03-27_20h28_19

As we’ve seen, there are a number of advantages to joining ESXi to Active Directory. It makes user management easier while improving security across the board.

Thank you !

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.