Quick Tip: Adding Active Directory to vSphere 5 SSO

If, like me, you are installing, burning, re-installing your lab set-up at the moment with the latest and greatest VMware releases, you’ll no doubt be going into battle with installing vSphere 5.1 and Single Sign-On.

There are several little idiosyncrasies with SSO that are well documented across the interweb, but one I came across hasn’t been posted much about. It concerns adding Active Directory.

If you install vSphere SSO as a local user, the domain you are connected to doesn’t automatically get interrogated and added to the SSO configuration, and needs to be added subsequently as an authentication domain. You can do this through the vSphere Web Client.

The quick tip I have for this is: When adding the authentication credentials to connect to the AD domain, use the credentials in the format ‘user@domain’ rather than ‘domain\user’, as the build I was installing when I came across this only allowed the former and not the latter format.

This foxed me for a little while until I worked it out – not least because the resulting error messages from the vSphere Web Client when trying the latter format are not exactly crystal clear as to where the error resides with the information being entered.

To get around this problem, either use the former format, or instead install vSphere as a domain connected user, as mentioned in the VMware vSphere documentation – vSphere Pre-Requisites:

http://pubs.vmware.com/vsphere-51/topic/com.vmware.vsphere.install.doc/GUID-C6AF2766-1AD0-41FD-B591-75D37DDB281F.html

Hope this saves someone some time if they come up against the same scenario I did!

Jeremy loves all things technology! Has been in IT for years, loves Macs (but doesn't preach to others about their virtues), loves virtualization (and does shout about it's virtues), and sometimes skis, bikes and directs amateur plays!

Leave a Reply

Your email address will not be published. Required fields are marked *