Joining vSphere 6 Platform Services Controller Appliance to an Active Directory domain via the command line

Written by Sam McGeown
Published on 3/9/2015 - Read in about 2 min (223 words)

With a Platform Services Controller appliance deployed as part of a vCenter Server installation, either integrated as part of the vCSA or as a separate PSC appliance, you can easily join the PSC to an Active Directory domain using the Web Client.

When you’ve deployed the PSC as the single sign on layer of a distributed vRealize Automation deployment, you don’t have the vSphere Web Client to configure it in the same way. This means that you can’t add an integrated Active Directory identity source to the default tenant, either using the PSC machine account or an SPN for Kerberos.

Joining the PSC to the domain is actually a really simple operation, it uses the Likewise command line domainjoin-cli in exactly the same way as you do for ESXi 6.0 hosts.

Log into your PSC as the root user via SSH or the console, then run the command (I used “find / -name domainjoin-cli" to locate the executable):

domainjoin-cli join <domain> <user> <password>

Reboot the PSC node to take effect, if you are using multiple nodes make sure you join all of them to the domain. You may also need to create an SPN for the load balancer URL for PSC, as per KB2090617.

As you can see below, you can then configure the integrated Active Directory identity source for the default tenant:

Share this post