Configuration details | - Within vCenter vSphere, go to Menu using the hamburger menu icon > Administration > Single Sign On > Configuration.
- Select Identity Sources and click ADD.
- Select Active Directory over LDAP. Follow the link for guidance on using LDAPS settings to connect to the organizational AD server: Active Directory over LDAP and OpenLDAP Server Identity Source Settings.
- Go to Administration > Access Control > Global Permissions.
- Click + to add a role.
- Select the domain of the AD server, type in an AD user, select a role such as Administrator, and select Propagate to children.
- Click OK.
|
Verification steps | - Log out of vCenter to go back to the log in page.
- Enter in the AD username, followed by the AD domain that was added in the configuration steps (such as user@organization.com). Enter in the AD password for the user.
- Click Login and confirm successful authentication.
|
Helpful tips | - Make sure vCenter can resolve the FQDN of the AD server.
- Have the CA signing certificate of the AD server certificate ready to upload to vCenter.
- Confirm host and network firewalls allow LDAPS connections.
- Using LDAPS protects credentials over the network.
|