Using vCenter to Centralize User Authentication

A common issue I have seen lately is with smaller customers adopting a larger virtual environment is the use of individual host admins/users. When you only have a few starter ESX/ESXi hosts it can be easy to forgot to plan out a large deployment scenario as your environment starts to grow.

It really only takes a few moments to update an admin on a server or two. But what do you do when you have to manage 10 hosts? You would have to manually login and change all of these machines including adding users, changing your password, or making system changes. This can add a lot of time to simple tasks.

A good example of this: Lets say you currently have 2 hosts in their environment with 3 admins. Then add 3 more hosts and 2 more admins, now all of sudden you are managing 5 separate hosts and 5 admins. Imagine adding another 5 hosts?!

Fortunately managing individual login on separate ESX and ESXi hosts can be managed centrally with VMware vCenter Server.  This obviously greatly reduces the amount of time needed to manage multiple host and administrators on separate hosts.

Since vCenter Server is a Windows-based application it plays very well with Active directory and you can take the same approach of managing your user groups.  Once it is set-up, the authorized user can then login using the vSphere Client to either the vCenter Server that would connect to the ESX/ESXi host.

A thing to note about this set-up.

Once you have this process set-up, your organization should stick with it and be consistent. This is because the Wndows-based vCenter server doesn’t reconcile the user accounts with the local ESX/ESXi host’s database (they are completely separate).  This means if you create an account on a local ESX/ESXi host and then the admin tries to login with that through the vCenter Server it won’t recognize the user credentials the same is true if you made an account on the vCenter and you try and manage it through vCenter.

Hopefully this will save you some time!

vSphere installation Best Practice