Join VCSA 6 to Active Directory Domain

From VCSA 6, joining the appliance to domain falls under Platform Service Controller and if you have an external PSC, you probably have to take a quick look at this KB.

Login to web client with a user who is a member of SystemConfiguration.Adminitrators group in the vCenter Single Sign-On. In my case i am using Administrator@vsphere.local

From the Navigator, click on Administration and then click on the System Configuration.


Once in the System Configuration, click on Nodes, which displays the vCenter, click on that and select Manage from the right pane, now click on the Active Directory and then click on Join.


Now enter the details of the domain and optional OU.


Click OK and reboot the appliance for the changes to apply.

Now to enable an Active Directory user to be able to login to VCSA, Identity Source must be set to Active Directory. Navigate to Administration and then Configuration under the Single Sign On. Under the Identity Source tab click the green plus to add one.


Select Active Directory and click on OK. If you have an external PSC not joined to domain, you will have to use the Active Directory with LDAP and fill out all the details manually.


You should now see our domain as one of the Identity sources, click on the globe icon to make this the default domain.

Now its time to grant the required permissions on vCenter for the AD users. Use the Access Control section under the Administration for the same.

Hope this post was informative. Thanks!