Search the VMware Knowledge Base (KB)
View by Article ID

Configuring the ESXi host with Active Directory authentication (2075361)

  • 15 Ratings

Purpose

This article provides steps to add an ESXi host to the Active Directory.

Resolution

To add an ESXi host to the Active Directory using vSphere client:

  1. Confirm the ESXi host is synchronizing time with the Active Directory Domain controller. For more information, see Synchronizing ESXi/ESX time with a Microsoft Domain Controller (1035833).
  2. From the vSphere Client, select the host that you want to add to the Active Directory.
  3. Click the Configuration tab
  4. Click the Authentication Services.
  5. Click the Properties link at the top right pane.
  6. In the Directory Services Configuration dialog, select the directory service from the dropdown.
  7. Enter a domain.
  8. Click Join Domain.
  9. Enter the user name (in user@domain.com format) and password of a directory service user account that has permissions to join the host to the domain and click OK.
  10. Click OK to close the Directory Services Configuration dialog box.
  11. Click the Configuration tab and click Advanced Settings.
  12. Navigate to Config > HostAgent.
  13. Change the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting to match the Administrator group that you want to use in the Active Directory. These settings takes affect within a minute and no reboot is required.
Notes
  • If the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting is changed, ensure to remove any invalid users from the Permissions tab of the ESXi host.
  • In ESXi 4.1, the ESX Admins container is hard coded and must be added on the Active Directory side for authentication to work.

To add an ESXi host to the Active Directory using vSphere Web Client:

  1. Browse to the host in the vSphere Web Client inventory.
  2. Click the Manage tab and click Settings.
  3. Under System, select Authentication Services.
  4. Click Join Domain.
  5. Enter a domain.

    Use the form domain.com or domain.com/OU1/OU2.

  6. Enter the user name and password of a directory service user who has permissions to join the host to the domain, and click OK.
  7. Click OK to close the Directory Services Configuration dialog box.

    See Also

    Request a Product Feature

    To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

    Feedback

    • 15 Ratings

    Did this article help you?
    This article resolved my issue.
    This article did not resolve my issue.
    This article helped but additional information was required to resolve my issue.

    What can we do to improve this information? (4000 or fewer characters)




    Please enter the Captcha code before clicking Submit.
    • 15 Ratings
    Actions
    KB: