Home 
Resources ESX and ESXi Server
Resources ESX and ESXi Server
| Active Directory Authentication on ESX |
 |
 |
|
To enable active directory authentication on ESX servers you need to do the following...
1. Login to the ESX server as root. You may have to do this at the console, as the default configuration of SSH will deny access to the root user.
2. Run the following command, placing your own domain controller server name and domain name in the appropriate places.
/usr/sbin/esxcfg-auth --enablead --addomain=yourdomain.tld --addc=dc1.yourdomain.tld --krb5realm=yourdomain.tld --krb5kdc=dc1.yourdomain.tld --krb5adminserver=dc1.yourdomain.tld --krb5enable 3. Add a user from active directory that will be allowed to login to the ESX server.
/usr/sbin/useradd john.doe NOTES:
Repeat steps 1 to 3 for each ESX server you have. Once this is complete at least the passwords will not have to be kept being updated, AD will manage that.
Repeat step 3 for each user you want to be able to login, not all users will be allowed to login, you have to specify which.
If you have more than one domain controller you can specify the "--addc=" option again when you run esxcfg-auth for redundancy.
Tested working on ESX 3.5 using active directory 2003. (Let me know if you have this working on anything else).
|
