These are the steps:
Pre-requisits:
Since you are adding to the domain, you need a name server to be able to resolve the Active Directoy domain controller or server that hosts the Master FSMO Role.
_ldap._tcp.dc._msdcs. DNSDomainName SRV resource record, which identifies the name of the domain controller that hosts the Active Directory domain.
Go to DNS and Routing, and put the hostname,, domain (as it shows in AD) and the IP of the DNS server that can answer for the SRV Record for the domain.
1. Go to Configuration --> Authentication Services, and then to Properties.
2. Choose "Active Directory" from the pull-down menu, and then put in your domain name, and click "Join Domain" it will then prompt you to put in credentials of a user that can add computers to the domain.
3. Go to Configuration --> Advanced Services and to Config, and scroll down to Config.HostAgent.plugins.hostsvc.esxAdminsGroup and add an Active Directory group that you want to be Administrators on this box.
4. SSH into the box, create a directory /var/lock/subsys, then restart the following services as such:
~ # mkdir /var/lock/subsys
~ # /etc/init.d/netlogond restart; /etc/init.d/lwiod restart; /etc/init.d/lsassd restart;
5. Now you should see the domain you added when you go to add a permission, as well as any trusts if you have that configured.
That's it. You can now login into this ESXi with your domain\username and your AD password.
However root/password will still work, so you may want to put a different password so no one that knew root before will access the ESXi host.
No comments:
Post a Comment