VMware : How to setup Windows Active Directory authentication on ESX 4.0

To setup Windows Active Directory authentication run the following command replacing “mydc01″ your domain controller name. Replace “mydomain.com” with your domain name.
You can add redundancy by adding multiple domain controllers by running the command again with the other server names

/usr/sbin/esxcfg-auth –enablead –addomain=mydomain.com –addc=mydc01.mydomain.com –krb5realm=mydomain.com –krb5kdc=mydc01.mydomain.com –krb5adminserver=mydc01.mydomain.com –krb5enable
/usr/sbin/esxcfg-auth –enablead –addomain=mydomain.com –addc=mydc02.mydomain.com –krb5realm=mydomain.com –krb5kdc=mydc02.mydomain.com –krb5adminserver=mydc02.mydomain.com –krb5enable

To add users from active directory that will be allowed to login to the ESX server running the following command, again adding more by rerunning the command. It is not necessary to add the “@mydomain.com” after each domain user.

/usr/sbin/useradd esxadmin1
/usr/sbin/useradd esxadmin2

You should now be able to log into the ESX server with the your domain users credentials added via SSH and to the VMWare client.

One thought on “VMware : How to setup Windows Active Directory authentication on ESX 4.0

  1. Pete says:

    How can I get around the problem of spaces in the Windows user name?

    I’ve tried: useradd John Doe Admin
    but keep getting told it’s invalid.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.