| Local Properties | ||
Managed Object Types | Data Object Types | All Properties | All Methods |
The vSphere API supports Microsoft Active Directory management of authentication for ESX hosts. To integrate an ESX host into an Active Directory environment, you use an Active Directory account that has the authority to add a computer to a domain. The ESX Server locates the Active Directory domain controller. When you add a host to a domain, you only need to specify the domain and the account user name and password.
There are two approaches that you can use to add an ESX host to or remove a host from an Active Directory domain.
To take advantage of ESX host membership in an Active Directory domain, grant permissions on the ESX host to Active Directory users and groups who should have direct access to management of the ESX host. Use the UserDirectory.RetrieveUserGroups method to obtain information about Active Directory users and groups. After retrieving the Active Directory data, you can use the AuthorizationManager.SetEntityPermissions method to set the principal property to the appropriate user or group.
By default, the ESX host assigns the Administrator role to the "ESX Admins" group. If the group does not exist when the host joins the domain, the host will not assign the role. In this case, you must create the "ESX Admins" group in the Active Directory. The host will periodically check the domain controller for the group and will assign the role when the group exists.
Properties
Name | Type | Description |
---|---|---|
info | HostAuthenticationManagerInfo |
Information about Active Directory membership.
|
supportedStore | ManagedObjectReference[]
to a HostAuthenticationStore[] |
An array that can contain managed object references to local and
Active Directory authentication managed objects.
|
Methods
Methods defined in this Managed Object |
---|
None |
Top of page | Local Properties | ||
Managed Object Types | Data Object Types | All Properties | All Methods |