Adding vSphere Management Assistant to Active Directory

The vMA authentication interface enables users and applications to authenticate with the target servers by using vi-fastpass or Active Directory (AD). While adding a server as a target, the administrator can determine whether the target must use vi-fastpass or AD authentication. For vifastpass authentication, the credentials that a user has on the vCenter Server system or ESXi host are stored in a local credential store. For AD authentication, the user is authenticated with an AD server.

When you add an ESXi host as a fastpass target server, vi-fastpass creates two users with passwords on the target server and stores the password information on vMA:

• vi-admin with administrator privileges
• vi-user with read-only privileges

The creation of vi-admin and vi-user does not apply for AD authentication targets.

Here in this post, I will explain you the steps to add the vSphere Management Assistant AKA vMA to the Windows Active Directory Domain. Before proceeding with the addition of VMA to AD, make sure you have the domain and you have the user with the domain admin credentials.

So lets get started:

Here are the steps to add vMA to a domain:

  • From the vMA console, run the following command:

sudo domainjoin-cli join

  • When prompted, provide the Active Directory administrator’s password.
  • Restart vMA.
Make sure that the date and time settings on vMA, the domain controller and vCenter Server are identical. Check the time zone as well. However, a large skew in the time may cause authentication problems.

Leave a Reply