Category Archives: VMware
Building a straight-forward vSphere delegation model for running virtual Domain Controllers safely
When Active Directory Domain Controllers run as virtual machines on top of VMware vSphere, virtualization, storage and backups admins may be considered equal to enterprise admins in Active Directory, because they have the equivalent of physical access to Domain Controllers. Admittingly, you don’t want everyone to use root or administrator@vsphere.local to manage the virtualization platform, […]
Achieving Active Directory-as-a-Service with VMware vRealize Orchestrator
VMware’s vRealize Orchestrator is a product used by many virtualization admins to automate common tasks. Today, we’re looking at using vRealize Orchestrator to enable automation of common Active Directory tasks, so Active Directory admins may benefit from this solution using the publicly available blueprints for Active Directory. About vRealize Orchestrator vRealize Orchestrator helps simplify […]
Three ways to use Site Recovery Manager with virtualized Domain Controllers
One of the benefits of virtualizing machines is the built-in resiliency of the underlying virtualization platform. In many vSphere environments consisting of multiple datacenters, this resiliency is expanded with Site Recovery Manager. There are, however some things you’ll want to know about using Site Recovery Manager in combination with virtualized Domain Controllers. As usual, not […]
KnowledgeBase: If one of the address families on a dual stack Domain Controller is not enabled, adding VMware ESXi hosts to the domain might randomly fail
There is an issue in VMware ESXi 7.0, where adding ESXi hosts to Active Directory Domain Services fails randomly in networks with both IPv4 and IPv6 enabled. The situation In many environments, VMware vCenter environments or VMware ESXi hosts are added to Active Directory Domain Services to allow for single sign-on with domain accounts […]
Keeping virtual Domain Controllers apart on trusted VMware vSphere hosts
Virtualizing Domain Controllers introduces risks that are not present when running non-virtualized Domain Controllers. Two of these problems –running Domain Controllers on hosts with the wrong time and running all Domain Controllers on the same host –can be addressed with one VMware vSphere feature: VM/Host Rules. Additional challenges when running virtualized Domain Controllers We’ve […]
Protecting virtual Domain Controllers on vSphere with VM Encryption
In the previous post in this series, we looked at Virtualization-based Security and how it may benefit virtualized Domain Controllers. However, VMware vSphere 6.5 and newer versions of vSphere, offer one more feature to virtualized Domain Controllers that you might want to look into from both an Active Directory as a Virtualization Platform management point […]
Protecting virtual Domain Controllers on vSphere with Virtualization-based Security
VMware vSphere 6.7 offers the ability to enable virtualization-based security (VBS) for virtual machines. Let’s find out what kind of protection this setting provides, what’s needed to get it going and how to configure a virtual Domain Controller to use it. About Virtualization-based Security Virtualization-based Security (VBS) uses virtualization features to create and isolate […]
HOWTO: Secure VMware Horizon with Azure MFA through its NPS Extension
This week, one of my customers is switching to Azure multi-factor authentication as their only multi-factor authentication solution for their employees. As the organization leverages VMware Horizon, this implementation needs to be switched to Azure MFA as well. Here’s how we secured their VMware Horizon implementation with Azure MFA through the Azure MFA NPS Extension: […]
I’m awarded VMworld 2019 Distinguished Speaker
This morning, I received an e-mail message from Maryam Scoble: VMworld 2019 Distinguished Speaker Dear Sander, Congratulations on being named a VMworld 2019 Distinguished Speaker. This new program recognizes the hard work of VMworld speakers who maintain a survey score of 4.2 or higher, speaking at sessions with 150 attendees or more over […]
I’m a 2020 VMware vExpert
I’m proud to announce I am a 2020 VMware vExpert. This is my second vExpert award in a row, after I received it for the first time last year. It’s an honor to me to be a part of the team driving Active Directory virtualization on VMware vSphere with Deji Akomolafe and Matt Liebowitz. Thank […]
Login