Every IT or security professional will tell you that you can’t effectively mitigate risks unless you know who’s doing what. Unfortunately, it’s still very common for users to share a single “administrator” login for certain tasks. Often this is because the software in question will not tie in to an existing directory (like AD) and it is cumbersome, at best, to maintain separate directories of users. Pile on the reticence to having to manage multiple passwords, common to users both inside and out of the IT department, and the “path of least resistance” is often to just give everyone the same account and trust they won’t break something. Thankfully, your VMware servers don’t have be this way, and it’s pretty easy setup:
- Log on to your ESXi box using the vSphere Client as an administrator.
- Highlight the ESXi server (not a guest) in the inventory list and switch to the Configuration tab. Under the “Software” heading, click the Authentication Services link.
- Click the “Properties…” link at the top right of the Configuration tab. Set the directory service type to Active Directory, enter your domain name, and click the “Join Domain” button. Just like joining a workstation to the domain, you’ll need to provide a domain admin’s credentials.