Have you ever wondered if it is possible to skip creation of local user on each ESXi host and use only one account to rule them all?

If yes then I have good news for you – you can use Active Directory together with VMware ESXi. I will show you how you can do it in few steps.


In order to successfully authenticate Active Directory in ESXi hosts you must have:

  • Correct DNS servers configured on ESXi hosts
  • Your Active Directory account should have rights to add Computer objects in Active Directory

ESXi configuration

  1. Login to ESXi using root account.
  2. Navigate to Configuration \ Authentication Services
    ESXi Active Directory Authentication 1
  3. Click Properties and change Local Authentication to Active Directory.ESXi Active Directory Authentication 2
  4. Enter domain name, click Join Domain and give User name and password for valid user account which can join computers to Active Directory.
    ESXi Active Directory Authentication 3
  5. You are done! Your ESXi server is added to Active Directory domain.
    ESXi Active Directory Authentication 4
  6. Now you need to assign user or group to specific role in ESXi. In order to do this navigate to Home \ Inventory \ Permissions and click Add Permission.
    ESXi Active Directory Authentication 5
    Select appropriate role (Administrator, Read-Only, No access) and provide user or group name.

Social Media

Wojciech Marusiak

Cloud Solution Architect at Microsoft
I am an innovative and experienced IT professional with over 13 years in the IT industry.

My experience and skills have been proven by leading vendor certifications like AWS, Alibaba Cloud, VMware, and Microsoft. I contribute to the IT community and I received VMware vExpert 2014 - 2019, vExpert Pro and VMware vExpert NSX 2017 Award.

My blog - was voted #76 in Top vBlog 2018 contest!

Do what you love, and you’ll never work another day in your life.
Wojciech Marusiak
Social Media