To setup Windows Active Directory authentication run the following command replacing “mydc01″ your domain controller name. Replace “mydomain.com” with your domain name.
You can add redundancy by adding multiple domain controllers by running the command again with the other server names
/usr/sbin/esxcfg-auth –enablead –addomain=mydomain.com –addc=mydc01.mydomain.com –krb5realm=mydomain.com –krb5kdc=mydc01.mydomain.com –krb5adminserver=mydc01.mydomain.com –krb5enable
/usr/sbin/esxcfg-auth –enablead –addomain=mydomain.com –addc=mydc02.mydomain.com –krb5realm=mydomain.com –krb5kdc=mydc02.mydomain.com –krb5adminserver=mydc02.mydomain.com –krb5enable
To add users from active directory that will be allowed to login to the ESX server running the following command, again adding more by rerunning the command. It is not necessary to add the “@mydomain.com” after each domain user.
/usr/sbin/useradd esxadmin1
/usr/sbin/useradd esxadmin2
You should now be able to log into the ESX server with the your domain users credentials added via SSH and to the VMWare client.
How can I get around the problem of spaces in the Windows user name?
I’ve tried: useradd John Doe Admin
but keep getting told it’s invalid.