Join the vCSA 6.7 to an Active Directory Domain From HTML Client

VMware vSphere 6.7  is the latest version released by VMware and there are many enhancement and new features are available with this release. The major change for the vCenter Server Appliance is simplified  architecture and all  vCenter Server services are running on a single instance with all the function .With vSphere 6.7 new HTML5 client is available with may enhancements  , VMware is working on to reach 100 %  for all the functions are fully supported by HTML5 client .

In this post I am sharing  configure  vCSA6.7 to an Active Directory Domain From HTML Client and other options available  there  ,additionally command to join , dis-join and verify domain status .

Join AD Domain

  • Open vSphere HTML Client
  • Login as Single Sign-On Administrator or a user with global permissions.
  • Navigate to Administration >Configuration

From Identify Sources Tab you can verify available domain and by default Only SSO  and Localos will be available

  • Navigate to Tab Active Directory Domain and Click on Join AD
  • Add the Domain Name and Username and Password has permission to join to Active Directory and Click Join

Note:-  You have to reboot the Appliance to apply the changes

When the appliance is back online it will be part of Active Directory domain but you have to the domain to identity sources

  • Login to vCenter with SSO Admin account Navigate to Administration >Configuration->Identity Sources

  • Select ADD IDENTITY SOURCE and  Select Use machine account and click OK

And you can view your domain is listed on the identity Source tab

Additionally you can do below  configuration form same window

  • Remove  the Joined Domain
  • Create Login Message
  • Smart Card Authentication
  • Policies – Password Policy , Lockout Policy and Token Policy

Next add a Permission from Active Directory

Navigate to the Object , here I choose vCenter – > Permission -> Select the “+” symbol to add permission

From User Option Select the Domain Name

Search the Desired Username

Select the desired Role  and select the Propagate to Children Option and Click OK

Join to AD Domain using CLI

Also you can perform joining to active directory from command line

  • Connect to the vCenter Server Appliance with SSH
  • Activate the bash shell

#Command> shell

  • Use the domainjoin-cli tool to join , dis-join and verify status of domain

Join to AD using CLI

# /opt/likewise/bin/domainjoin-cli join [domain] [user name] [password]

Note:-As a security reason you have to add only username and it will prompt for password and it won’t be visible

Verify the Domain status form CLI

Dis-join from a Domain From CLI 

Rajesh Radhakrishnan

Recent Posts

NAKIVO Backup & Replication v10.8 Released With New Features

Nakivo has released its new Backup and Replication solution Nakivo v10.8, which includes support for…

2 years ago

Oracle Cloud VMware Solution and Features

Oracle Cloud VMware Solution (OCVS) provides a customer-managed, native VMware-based cloud environment hosted in Oracle…

2 years ago

Vinchin Backup and Recovery Review

Vinchin is a professional provider of data protection solutions for enterprises. It provides a series…

2 years ago

VMware Cloud Disaster Recovery (VCDR) Solution Deployment And Configuration Part 2

In my previous blog post, I have explained about VMware Cloud Disaster Recovery (VCDR) Onboarding and…

2 years ago

How to Deploy vRNI Cloud With VMC on AWS

vRealize Network Insight helps you build an optimized, highly available, and secure network infrastructure across…

2 years ago

This SysAdmin Day, WIN with Hornetsecurity!

Can you believe it's here again? SysAdmin Day is back, and with it comes endless gratitude…

2 years ago