Home » VMware » 2V0-621 v.2 » Which two actions will accomplish this?
An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newly deployed vCenter Server Appliance (VCSA).
Which two actions will accomplish this? (Choose two.)
A. Use a Service Principal Name (SPN) to configure the Identity Source.
B. Use a Domain administrator to configure the Identity Source.
C. Join the VCSA to Active Directory and configure the Identity Source with a Machine Account.
D. Create a computer account in Active Directory for the VCSA and configure the Identity Source.
Correct Answer: AC
Explanation/Reference:
Explanation: A-) Configuring Active Directory as Identity Source for use with SSO 6.0 can be done in 2 ways a. Use the Machine Account(Any AD Account) b. Use with Service Principal Name b.Prerequisites :1. A domain account with domain administrator privileges is required when assigning a SPN to an account. 2. A domain account withdomain user privileges is a minimum requirement for the account to be used as the SPN account. c.https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.security.doc/GUID-4D24C6E8-63F5-4E35-862E-B59A03703254.html?resultof= %2522%2573%2570%256e%2522%2520
C-) VCSA- If you want to configure permissions for users and groups from an Active Directory domain to access the vCenter Server components, you must join its associated embedded or external Platform Services Controller instance to the Active Directory domain. https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.vcsa.doc%2FGUID-08EA2F92-78A7-4EFF-880E-2B63ACC962F3.html