Now we have a working PSC and a working VCSA, and the whole set-up enabled for domain authentication. Next we should add a user (you) and if your using ESXi as your hypervizor then next post we’ll add your ESXi host to the VCSA, adding the host won’t be necessary if you’re using workstation.
But first it is important to know, you don’t technically need a directory service but most places will have one and usually it’ll be Microsoft’s Active Directory that’s why I’m including it in these posts.
So before you begin the below make sure you have an Active Directory account created for yourself.
1. If you aren’t already logged in, browse to the vSphere client, accepting any security errors (https://vcsa.domain:9443/vsphere-client), and login using administrator@your.vmwaredomain. In my case I left the SSO domain name as the default. administrator@vsphere.local
2. Select Home and then Hosts and Clusters
3. Select your VCSA server
3.1 Manage
3.2 Permissions
3.3 Then click the “+” icon.
4. Select Add
5. Select your Domain
5.1 Type in the name of the user account or group you want to search for.
5.2 Select the name
5.3 Select Add
5.4 Select OK
You should now see your user or group added to your VCSA. Depending on your permissions you should now be able to login do various bits and pieces.
Permissions can be added to items below the VCSA but it is important to note that permission propagate down the tree. So adding a user to the cluster will give that user rights to the cluster and all objects controlled by the cluster (unless explicitly denied), however this will not give you rights to the VCSA.