To use the vSphere Authentication Proxy service for authentication, you must install the service on a host machine.
You can install the vSphere Authentication Proxy on the same machine as the associated vCenter Server, or on a different machine that has a network connection to the vCenter Server. The vSphere Authentication Proxy is not supported with vCenter Server versions earlier than version 5.0.
The vSphere Authentication Proxy service binds to an IPv4 address for communication with vCenter Server, and does not support IPv6. vCenter Server can be on an IPv4-only, IPv4/IPv6 mixed-mode, or IPv6-only host machine, but the machine that connects to vCenter Server through the vSphere Client must have an IPv4 address for the vSphere Authentication Proxy service to work.
- Verify that you have administrator privileges on the host machine where you install the vSphere Authentication Proxy service.
- Verify that the host machine has Windows Installer 3.0 or later.
- Verify that the host machine has a supported processor and operating system. The vSphere Authentication Proxy supports the same processors and operating systems as vCenter Server.
- Verify that the host machine has a valid IPv4 address. You can install vSphere Authentication Proxy on an IPv4-only or IPv4/IPv6 mixed-mode host machine, but you cannot install vSphere Authentication Proxy on an IPv6-only host machine.
- If you are installing vSphere Authentication Proxy on a Windows Server 2008 R2 host machine, download and install the Windows hotfix described in Windows KB Article 981506 on the support.microsoft.com Web site. If this hotfix is not installed, the Authentication Proxy Adapter fails to initialize. This problem is accompanied by error messages in camadapter.log similar to Failed to bind CAM website with CTL and Failed to initialize CAMAdapter.
- The location where you will install the vSphere Authentication Proxy, if you are not using the default location.
- The IP address or host name, HTTP port, and credentials for the vCenter Server system that the vSphere Authentication Proxy will connect to.
- The host name or IP address to identify the vSphere Authentication Proxy host machine on the network.
- On the host machine where you will install the vSphere Authentication Proxy service, install the .NET Framework 3.5.
- Install vSphere Auto Deploy.
You do not have to install Auto Deploy on the same host machine as the vSphere Authentication Proxy service.
- Add the host machine where you will install the authentication proxy service to the domain.
- Use the Domain Administrator account to log in to the host machine.
- In the software installer directory, double-click the autorun.exe file to start the installer.
- Select VMware vSphere Authentication Proxy and click Install.
- Follow the wizard prompts to complete the installation.
During installation, the authentication service registers with the vCenter Server instance where Auto Deploy is registered.
When you install the vSphere Authentication Proxy service, the installer creates a domain account with appropriate privileges to run the authentication proxy service. The account name begins with the prefix CAM- and has a 32-character, randomly generated password associated with it. The password is set to never expire. Do not change the account settings.
What to do next
Configure the host to use the authentication proxy service to join the domain.