You can use the --passthroughauth command-line argument to log in to a vCenter Server system (vCenter Server version 2.5 Update 2 or later).
Using --passthroughauth passes the credentials of the executing user to the server. If the executing user is known by both the machine from which you access the vCenter Server system and the machine running the vCenter Server system, no additional authentication is required.
If SDK commands and the vCenter Server system run on the same machine, a local account for the executing user works. If they run on different machines, then the executing user must have an account in a domain trusted by both machines.
SSPI supports a number of protocols. By default, it selects the Negotiate
protocol, which indicates that client and server attempt to find a mutually supported protocol. Alternatively, you can use --passthroughauthpackage to specify another protocol supported by SSPI. Kerberos, the Windows standard for domain-level authentication, is commonly chosen.
If the vCenter Server system is configured to accept only a specific protocol, specifying the protocol to vSphere SDK for Perl commands with --passthroughauthpackage might be required for successful authentication to the server. If you use --passthroughauth, you do not have to specify authentication information in any other way. For example, to run connect.pl on the server, you can use the following command at the command line.
<command> <login_params> --passthroughauth
See the Microsoft Web site for a detailed discussion of SSPI.
The following example connects to a server that has been set up to use SSPI. When you run the command, the system calls vminfo.pl with the --vmname option. The system does not prompt for a user name and password because the current user is known to the server.
vminfo.pl --server <vc_server> --passthroughauth --passthroughauthpackage "Kerberos" --vihost my_esx --vmname <name>