Skip to content

Vmware VCSA 5.5 AD

October 1, 2013
  1. Open vSphere Web Client (https://<ADDRESS&gt;:9443/vsphere-client)
  2. Login as  administrator@vsphere.local
    Password (Windows): Set during installation
    Password (VCSA): “vmware”
  3. Navigate to Administration > Single Sign-On Configuration
  4. webclient_administration sso55-configuration
  5. (If there is no Single Sign-On configuration you are probably not logged in as administrator@vsphere.local)
  6. Click the green + sign to add an identity source
  7. Select Identity Source Type:
    A) Windows based vCenter Server 5.5:
    Active Directory (Integrated Windows Authentication)
    sso5-ad-integratedB) vCenter Server Appliance 5.5 (VCSA):
  8. sso5-ad-ldap
  9. Click OK
  10. Back at Identity Sources your AD should appear in the list and from now on you are able to assign vCenter permissions to users and groups from your active directory. When you are using the Integrated Windows Authentication, trusted domains are also available. The functionality is very similar to vSphere 4.x and vSphere 5.0
  11. Select you Active Directory and click the “world with arrow” button to make AD to your default domain.
  12. You should get an warning telling you that ”This will alter your current default domain. Do you want to proceed?”. This is okay, as you can only have one default domain.
  13. That’s it. You can now set permissions and authenticate against active directory with vCenter Server 5.5 though SSO.

To change the vCenter Server SSO configuration with other users than administrator@vsphere.local, you have to add them to the Administrator Group within SSO:



No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: