Main menu

VSICM55 - Slide 08-11 - Integrating ESXi with Active Directory



1. Wrong:

First sentence of the third paragraph in the slide notes states:

You can configure the host to join an AD domain so that a user trying to access the host is authenticated against the centralized vCenter Single Sign-On user directory.
1. Correct:

Joining an ESXi host to an Active Directory domain eliminates the need to create and maintain local user accounts, simplifies the ESXi host configuration and reduces the risk for configuration issues that could lead to unauthorized access.

However, this process does not involve vCenter Single Sign-On server, rather, the host actually queries the AD domain directly. Additionally, provided you've been granted appropriate permissions, once an ESXi host has been configured to use an Active Directory service, you can login directly to the host - either via the vSphere Client or the direct console user interface (DCUI) - using an AD user account even when vCenter Single Sign-On is not available.

Hence, the above sentence should be better reworded as follows:

You can configure the host to join an AD domain so that a user trying to access the host is authenticated against the centralized AD user directory.
1. Source:

VMware vSphere 5.5 Documentation Center.



2. Wrong:

Second sentence of the third paragraph in the slide notes states:

Whenever you are asked to provide credentials (for example, when using vSphere Web Client to log in directly to the ESXi host), you can enter the user name and password of a user in the domain to which the host is joined.
2. Correct:

As of vSphere 5.5, you cannot use the vSphere Web Client to log in directly to an ESXi host, only the Windows-based vSphere Client - a.k.a. vSphere C# Client - can!


Last modified onTuesday, 28 January 2014 02:24
Rate this item
(0 votes)
back to top