Windows Integrated Authentication #180
Comments
get-help about_server_authentication -fullTOPIC Authenticating with a vSphere or vCloud server. SHORT DESCRIPTION When connecting to a vSphere or vCloud server, you need to authenticate by providing valid credentials. PowerCLI follows a certain logic for authenticating a server session. When you connect to a server with the Connect-VIServer or Connect-CIServer cmdlets, you can provide either a user name and password through the User and Password parameters, or a PSCredential object through the Credential parameter. If you provide both User/Password and Credential, the cmdlet accepts only the value of the Credential parameter and discards the User and Password parameters. LONG DESCRIPTION AUTHENTICATING USING A PSCREDENTIAL OBJECT When you run the Connect-VIServer or Connect-CIServer to establish a server connection, you can use the Credential parameter to provide a PSCredential object that contains credentials for the specified server. If the provided credentials are not valid, the cmdlets show an error message. AUTHENTICATING THROUGH THE USER AND PASSWORD PARAMETERS Instead of providing a PSCredential object, you can directly specify a user name and password through the User and Password parameters of Connect-VIServer or Connect-CIServer. If you specify only the User parameter without providing a value to Password, the cmdlet searches the credential store for credentials that correspond to the specified server and user. If such a credential is found, the cmdlet uses it to authenticate with the server. If no such a credential is found, you are prompted to provide credentials. If you run Connect-VIServer or Connect-CIServer without specifying the User, Password, or Credential parameters, the cmdlet searches the credential store for available credentials for the specified server. If only one credential object is found, the cmdlet uses it to authenticate with the server. If none or more than one PSCredential objects are found, the cmdlet tries to perform a SSPI authentication. If the SSPI authentication fails, the cmdlet prompts you to provide credentials. Note: If PowerCLI runs in a non-interactive mode, Connect-VIServer and Connect-CIServer will not prompt you for new credentials after the server authentication fails. To try to authenticate using new credentials, run the cmdlet again. Send feedback to docfeedback@vmware.com | Copyright (C) VMware, Inc. All rights reserved. Protected by one or more U.S. Patents listed at http://www.vmware.com/go/patents. |
|
Based on PowerCLI help above, I don't think connect-viserver automatically uses the credential of current user. Instead, the credential must be defined and stored previously by some other commands. |
|
Here is more information about credential store of powercli |
|
|
|
Would you please run Get-VICredentialStoreItem and see if there is any stored credential? |
|
"When Windows Integrated AD is configured on the vCenter Server, than it's possible to connect without to have to type username and password." |
Is there an option to make windows authentication work on webcommander.$env:username I get back the machine user (Servername$ ).
When I run Connect-VIServer from the Windows Server with Powercli I can connect without having to type username and password, because the current user credentials are used to connect to my vcenter.
However on webcommander it's not working.
When I run from webcommander the PS script whoami I get back my username (Domain\user) , but if I type
Maybe I have to configure IIS or webcommander to passthrough the current user credentials.
Any help would be great.
Thanks in advance
Davide
The text was updated successfully, but these errors were encountered: