vExpert

Deep Dive in to Virtualization & Cloud


How to Join the vCSA 6.0 to an Active Directory Domain

You can join a Platform Services Controller appliance or a vCenter Server Appliance with an embedded Platform Services Controller to an Active Directory domain and attach the users and groups from this Active Directory domain to your vCenter Single Sign-On domain. In this blog I will explain how to join vCenter Server Appliance with an embedded Platform Services Controller to Active directory using Web GUI and Command Line.

Prerequisites

  • Time Synchronization – NTP sever to be configured to synchronize the time across the infrastructure
  • Domain Controller – Writable Domain controller with admin access to join object to Active Directory Domain
  • Communication – Required Domain communication ports must be open towards Domain

Join AD with vSphere Web Client

Open vSphere Web Client (https://[vcenter]/vsphere-client) and Login as Single Sign-On Administrator or a user with global permissions.

Navigate to Home > Administration > Deployment > System Configuration

Open Node you wan to join to Domain

Navigate to Manage > Settings > Active Directory and click Join…

Enter AD domain information, like Domain Name, OU, Username which has admin privileges to join Domain and Password. Press OK

Reboot the Appliance to take the changes on effect.

After rebooting you can see the Domain name on Web UI

Join AD with Command Line

Enable SSH login by following below steps

vSphere Web Client > Administration > System Configuration > Nodes > Manage > Settings > Access

Edit and Enable SSH login

Connect to the vCenter Server Appliance with SSH, use root credentials to login and activate the bash shell

Command>shell

Use the domainjoin-cli tool to join the domain, this will prompt for password of the account provided.

# /opt/likewise/bin/domainjoin-cli join [domain] [user name] 

Reboot the appliance

#reboot

When the appliance is back online it is part of the Active Directory domain

You can verify domain status from vCSA command line

# /opt/likewise/bin/domainjoin-cli query

Thanks,

If you have any comments, please drop me a line.
I hope this article was informative, and don’t forget to buy me a coffee if you found this worth reading.



Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.