How to add an ESXi Host to an Active Directory Domain

This is a basic tutorial explaining how to add an ESXi Host to a directory service, like Microsoft’s Active Directory, to simplify the administration and security of the ESXi hosts.

As prerequisites, you need:

  • The ESXi host DNS server must resolve AD Domain controller and Domain Name
  • The ESXi host name must be fully qualified with the domain name of the Active Directory forest, for example, esxtest1.contoso.local
  • The time between the AD server and the ESXi Host should be syncronized

Before specifying the Active Directory credentials you need to add the ESXi host to the domain controller.

The operation is quite simple. Open your vSphere Web Client and select Hosts and Clusters from the Home menu:

How to add an ESXi Host to Active Directory

Choose the ESXi Host:

How to add an ESXi Host to Active Directory

Press Join Domain:

How to add an ESXi Host to Active Directory

Specify the credentials of a domain administrator:

How to add an ESXi Host to Active Directory

Let’s check if Directory Services Type is listed as Active directory:

How to add an ESXi Host to Active Directory

Also you can verify if the Host joined the AD from Active Directory Users and Computers of Windows Server:

How to add an ESXi Host to Active Directory

Open the vSphere Client and log in with the root credentials:

How to add an ESXi Host to Active Directory

Select the ESXi host from the left pannel, select the configuration tab. Click the Authentication Services link. Verify that Directory Service Type and Domain Settings are listed properly:

How to add an ESXi Host to Active Directory

Now, let’s add the permission, right-click on the white space and choose Add Permission from the context menu. When an Assign Permission window will be open press Add:

How to add an ESXi Host to Active Directory

Now you can use the pull-down menu to select the domain:

How to add an ESXi Host to Active Directory

Use the pull-down menu under User And Groups to select the Shows Groups First option, choose an administrative group and click Add:

How to add an ESXi Host to Active Directory

Now you can see the Active Directory user’s group enabled:

How to add an ESXi Host to Active Directory

You can try to log in in your vSphere Client with an AD User:

How to add an ESXi Host to Active Directory

Comments