Active Directory is used in creating user-based Identity Firewall rules.
Windows 2008 is not supported as an Active Directory server or RDSH Server OS.
You can register one or more Windows domains with an NSX Manager. NSX Manager gets group and user information, and the relationship between them from each domain that it is registered. NSX Manager also retrieves Active Directory (AD) credentials.
You can register an entire AD (Active Directory) domain to be used by IDFW (Identity Firewall), or you can synchronize a subset of a large domain. Once a domain is registered, NSX synchronizes all AD data required by IDFW.
Once the Active Directory is synced to the NSX Manager, you can create security groups based on user identity, and create identity-based firewall rules.