Tagged: vmware

Managing ESXi Hosts with AD Credentials

As part of a security hardening exercise or indeed just because, it may be desirable to change the root account of your ESXi hosts to a complex password, bung it in a safe and let you admins connect via their AD credentials. To start with, join your ESXi hosts to your AD domain.  I have pre-created computer objects in my test environment. I have also created an ESX Admins AD security group which by default allows its members admin access to an ESXi host once it has been joined to the domain. To join the domain run the following powercli...


Blocking AD Logon Scripts

When starting a PoC or new VDI deployment, in terms of group policy, I want to isolate the new environment as much as possible.  I don’t want any existing user and computer settings applying.  Often, the project will involve optimization in this area (in this case the introduction of User Management products such as Citrix WEM or VMware UPM). I will block policy at the VDI OU level and create a loopback policy (REPLACE) so only settings from one place are applying.  I may well have to tackle enforced policy here too. However, this does not take login scripts defined...