ESXi : enable-ad-auth

Information

Join ESXi hosts to an Active Directory (AD) domain to eliminate the need to create and maintain multiple local user accounts. Using AD for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced and reduces the risk of security breaches and unauthorized access. Note: if the AD group 'ESX Admins' (default) is created all users and groups that are assigned as members to this group will have full administrative access to all ESXi hosts the domain. Refer to the 'verify-admin-group' recommendation for more information.

See Also

https://www.vmware.com/files/xls/hardeningguide-vsphere5-5-ga-released.xlsx

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2

Plugin: VMware

Control ID: 7c094294d3edde54321ffe3bf134d403dfddfe97b3da1024a76faeb4b6dc61f7