Active Directory is used in creating user-based Identity Firewall rules.
Windows 2008 is not supported as an Active Directory server or RDSH Server OS.
You can register one or more Windows domains with an NSX Manager. NSX Manager gets group and user information, and the relationship between them from each domain that it is registered. NSX Manager also retrieves Active Directory (AD) credentials.
Once the Active Directory is synced to the NSX Manager, you can create security groups based on user identity, and create identity-based firewall rules.
Scale limits for Active Directory, Event Log Scraping, and IDFW can be found on the VMware Configuration Maximums page.
Prerequisites
The domain account must have Active Directory read permission for all objects in the domain tree. The event log reader account must have read permissions for security event logs. See Enable Windows Security Log Access for the Event Log Reader.