I am considering an installing VMware vCenter Server Appliance for our pretty small production environment. After some time playing around it, I have narrowed down a number of questions that I need clarifications with. Can I somehow integrate my AD with the VSCA, so certain users will be able to manage VMware vCenter? An expanded version of this question: Will it be possible if I am running PSC separately from the vCenter itself? And last but not least, how to modify VSCA session timeout value? Any inputs are appreciated.
Asked
Active
Viewed 77 times
6
-
1AD integration is very simple, just read the documentation and try to use AD groups to define roles rather than users-to-roles, there's no difference whether you use a separate PSC or combined VCSA, you can change the session timeouts but they tend to reset with updates. – Chopper3 Nov 20 '17 at 12:08
1 Answers
6
I'm not so sure about the previous versions of VSCA, but you can easily join VSCA v6.5 to Active Directory Domain. It will allow central management for groups and users within existing AD, so you'll be able to give them permissions to manage your vSphere infrastructure. And yeah, the integration will be possible even in case you're running vCenter separately. The important thing here is that you'll need to join only the platform controller service to AD, not the vCenter itself.
To answer your last question, the timeout can be modified here: /etc/profile.d/tmout.sh. Find the detailed guidelines in this article: https://www.starwindsoftware.com/blog/vmware-vcenter-server-appliance-vcsa-and-after-install-tricks
Net Runner
- 5,626
- 11
- 29