To authenticate your vCenter users with Active Directory for Single Sign-On (SSO) follow the method below. This will work for VMware vSphere versions 6.0 and 6.5. You will first need join the vCenter server to the domain.
1. Open your vCenter web client and go to Administration > System Configuration > Nodes > Click on the IP of your node.
2. Click on the Manage tab
3. Click Active Directory and then click join
4. Enter your domain details and domain admin credentials then click OK. You do not need to enter organisational unit details (it will use the default computers OU).
5. Right click on the node and click reboot
6. Open your vCenter web client again
7. Login as Single Sign-On Administrator (usually something like Administrator@vsphere.local)
8. Go to Administration > Single Sign-On > Configuration
9. Click on the Identity Sources tab and click the green + to add an identity source
10. The domain details should auto populate then click OK
11. The Identity sources should be populated with your domain details
12. Go to Access Control > Global Permissions and click + > Add a domain user as the Administrator role and click OK.
13. Go to Users and Groups and click the Groups tab. Under group members click + to add and select your domain admin account.
14. Logout of vCenter and refresh the page. Download and install the Client Integration Plugin.
15. Check the box for ‘Use Windows Session Authentication’ and click OK
