Integrating Active Directory with VMware vSphere SSO

Integrating Active Directory with VMware vSphere SSO

One item I see mentioned fairly often, either in relation to personal labs or production environments, is the integration of vSphere SSO with Active Directory. Configuring vSphere’s SSO/AD integration via LDAP is a simple process, more so thanks to vSphere 6.5.

1. Login to the VMware vSphere Web Client using the vCenter Single Sign-On user credentials configured as part of the VMware vCenter Server installation.

sso_ad_integration_01

2. Browse to Administration > Single Sign-On > Configuration and click the Identity Services tab.

sso_ad_integration_02

3. Click the Add Identity Source icon, select Active Directory as an LDAP Server, and click Next.

sso_ad_integration_03

4. Configure the new identity source accordingly and click Next.

sso_ad_integration_04

5. Confirm the summary and click Finish.

sso_ad_integration_05

6. Select your new identity source and click the Set as Default Domain icon.

sso_ad_integration_06

Next, we’ll add an Active Directory Security Group to the vSphere Global Permissions, enabling us to test SSO functionality.

7. Browse to Administration > Access Control > Global Permissions, and click the Add Permission icon.

sso_ad_integration_07

8. Via the Add Permission wizard, click Add.

sso_ad_integration_08

9. Select your domain, recently added via the LDAP identity source, and add the required security group.

sso_ad_integration_09

10. Your added security group will now display, allowing you to logout and back in utilising your domain credentials.

sso_ad_integration_10

Leave a Reply

Your email address will not be published. Required fields are marked *