6.7
Table Of Contents
- vCenter Server Appliance Configuration
- Contents
- About vCenter Server Appliance Configuration
- vCenter Server Appliance Overview
- Using the Appliance Management Interface to Configure the vCenter Server Appliance
- Log In to the vCenter Server Appliance Management Interface
- View the vCenter Server Appliance Health Status
- Reboot or Shut Down the vCenter Server Appliance
- Create a Support Bundle
- Monitor CPU and Memory Use
- Monitor Disk Use
- Monitor Network Use
- Monitor Database Use
- Enable or Disable SSH and Bash Shell Access
- Configure the DNS, IP Address, and Proxy Settings
- Configure the System Time Zone and Time Synchronization Settings
- Start, Stop, and Restart Services
- Configure Update Settings
- Change the Password and Password Expiration Settings of the Root User
- Forward vCenter Server Appliance Log Files to Remote Syslog Server
- Configure and Schedule Backups
- Using the vSphere Client and vSphere Web Client to Configure the vCenter Server Appliance
- Join the vCenter Server Appliance to an Active Directory Domain
- Leave an Active Directory Domain
- Add a User to the SystemConfiguration.BashShellAdministrators Group
- Edit Access Settings to the vCenter Server Appliance
- Edit the DNS and IP Address Settings of the vCenter Server Appliance
- Edit the Firewall Settings of the vCenter Server Appliance
- Edit the Startup Settings of a Service
- Start, Stop, or Restart Services in the vCenter Server Appliance
- View the Health Status of Services and Nodes
- Edit the Settings of Services
- Export a Support Bundle
- Using the Appliance Shell to Configure the vCenter Server Appliance
- Access the Appliance Shell
- Enable and Access the Bash Shell from the Appliance Shell
- Keyboard Shortcuts for Editing Commands
- Get Help About the Plug-Ins and API Commands in the Appliance
- Plug-Ins in the vCenter Server Appliance Shell
- Browse the Log Files By Using the showlog Plug-In
- API Commands in the vCenter Server Appliance Shell
- Configuring SNMP for the vCenter Server Appliance
- Configuring Time Synchronization Settings in the vCenter Server Appliance
- Managing Local User Accounts in the vCenter Server Appliance
- User Roles in the vCenter Server Appliance
- Get a List of the Local User Accounts in the vCenter Server Appliance
- Create a Local User Account in the vCenter Server Appliance
- Update the Password of a Local User in the vCenter Server Appliance
- Update a Local User Account in the vCenter Server Appliance
- Delete a Local User Account in the vCenter Server Appliance
- Monitor Health Status and Statistics in the vCenter Server Appliance
- Using the vimtop Plug-In to Monitor the Resource Use of Services
- Using the Direct Console User Interface to Configure the vCenter Server Appliance
- Log In to the Direct Console User Interface
- Change the Password of the Root User
- Configure the Management Network of the vCenter Server Appliance
- Restart the Management Network of the vCenter Server Appliance
- Enable Access to the Appliance Bash Shell
- Access the Appliance Bash Shell for Troubleshooting
- Export a vCenter Server Support Bundle for Troubleshooting
8 Click OK to join the vCenter Server Appliance to the Active Directory domain.
The operation silently succeeds and you can see the Join button turned to Leave.
9 Right-click the node you edited and select Reboot to restart the appliance so that the changes are
applied.
Important If you do not restart the appliance, you might encounter problems when using the
vSphere Web Client.
10 Navigate to Administration > Single Sign-On > Configuration.
11 On the Identity Sources tab, click the Add Identity Source icon.
12 Select Active Directory (Integrated Windows Authentication), enter the identity source settings of
the joined Active Directory domain, and click OK.
Table 3‑1. Add Identity Source Settings
Text Box Description
Domain name FDQN of the domain. Do not provide an IP address in this text
box.
Use machine account Select this option to use the local machine account as the
SPN. When you select this option, you specify only the
domain name. Do not select this option if you expect to
rename this machine.
Use Service Principal Name (SPN) Select this option if you expect to rename the local machine.
You must specify an SPN, a user who can authenticate with
the identity source, and a password for the user.
Service Principal Name (SPN) SPN that helps Kerberos to identify the Active Directory
service. Include the domain in the name, for example,
STS/example.com.
You might have to run setspn -S to add the user you want to
use. See the Microsoft documentation for information on
setspn.
The SPN must be unique across the domain. Running
setspn -S checks that no duplicate is created.
User Principal Name (UPN) Name of a user who can authenticate with this identity source.
Use the email address format, for example,
jchin@mydomain.com. You can verify the User Principal
Name with the Active Directory Service Interfaces Editor
(ADSI Edit).
Password Password for the user who is used to authenticate with this
identity source, which is the user who is specified in User
Principal Name. Include the domain name, for example,
jdoe@example.com.
On the Identity Sources tab, you can see the joined Active Directory domain.
vCenter Server Appliance Configuration
VMware, Inc. 21