Joining the vCenter Appliance to AD Domain depending on the way your environment is set up.
If you have an external Platform Service Controller, then you will only be joining the PSC to the AD Domain. If you have an embedded vCenter Server Appliance, then we will add that to the Active Directory Domain.
Note: Joining the External Platform Services Controller or the Embedded vCenter Server Appliance to the Read-Only Domain Controller is unsupported. The Domain Controller needs to be a writable DC.
Prerequisites to Join to Active Directory Domain:
- The account used to login to the vCenter Server instance needs to be a member of SystemConfiguration.Administrators group in the vCenter Single Sign-On. administrator@vsphere.local is already the member of this group.
- Make sure that the system name of the appliance is an FQDN, which means during the deployment if IP Address was provided as system name, then you will be unable to join the appliance to an AD Domain.
Now that we know which type of appliance can be joined to an Active Directory Domain and the prerequisites that need to be taken care of to add the appliance to AD Domain, let us look at the procedure to do so.
Log in to the vSphere Web Client using the administrator@vsphere.local account to the vCenter Server instance.
The default address is https://IP-or-FQDN/vsphere-client
In my environment, I have an external Platform Services Controller appliance to which a vCenter Server appliance is registered. Therefore, we will be adding the External Platform Services Controller instance to the AD Domain.
Navigate to Administration > System Configuration > Nodes > Select the External PSC instance.
Click on Manage tab > Settings > Active Directory. Click on the Join Button which will bring up a wizard.
The operation silently succeeds and you can see that the Join button turned to Leave.
You need to now right-click the node you edited and select Reboot to restart the appliance so that the changes are applied.
For those who are interested in doing this from the command line, use domainjoin-cliutility to join the External PSCs to an AD Domain.
And if you are also having Platform Services Controller High Availability Setup, you would receive the following error in the GUI and have to add the PSC to AD Domain from the command line. I have articles for PSC HA Load Balancer setup here, here and here.
Take an SSH session to the External PSC and log in using the root credentials.
Type shell to bring up the shell prompt and type the below command to join the PSC to AD Domain.
/opt/likewise/bin/domainjoin-cli join lab.local administrator@lab.local‘Password’
Reboot the appliance to make sure that the changes take effect.
reboot
You have successfully added the Externa; PSC to AD Domain.
No comments:
Post a Comment