Examice

Exam 2v0-2123 All QuestionsBrowse all questions from this exam

Question 67

Following a merger with another company, an administrator is tasked with configuring an identity source for VMware vCenter so that all vSphere administrators can authenticate using their existing Active Directory accounts. Each company has user accounts in their own Active Directory forests.

The following additional information has been provided:

The corporate policy states that only Windows-based machine accounts are allowed in Active Directory.

Which action should the administrator take to configure vCenter Single Sign-On (SSO) to meet this requirement?

Configure SSO to use Active Directory over LDAP as the identity source.

Configure SSO to use OpenLDAP as the identity source.

Join the vCenter Server Appliance to the LDAP domain.

Configure SSO to use Active Directory (Integrated Windows Authentication) as the identity source.

Correct Answer: A

To configure vCenter Single Sign-On (SSO) in a way that allows all vSphere administrators to authenticate using their existing Active Directory accounts across different forests, the administrator should use 'Active Directory over LDAP' as the identity source. This method is suitable for environments that require integration with multiple Active Directory forests. Additionally, given the corporate policy that only Windows-based machine accounts are allowed in Active Directory, 'Active Directory over LDAP' is the correct method. Integrated Windows Authentication (IWA) has been deprecated in recent versions, making this option less favorable.

Discussion

mkhlszfOption: A

A "The Active Directory over LDAP identity source is preferred over the Active Directory (Integrated Windows Authentication) option. The OpenLDAP Server identity source is available for environments that use OpenLDAP." https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-98B36135-CDC1-435C-8F27-5E0D0187FF7E.html

atinivelliOption: A

a because of depreciation

Coombeg99Option: A

I believe "A" is correct. Integrated Windows Authentication is now depreciated (from v7). "The Active Directory over LDAP identity source is preferred over the Active Directory (Integrated Windows Authentication) option." https://kb.vmware.com/s/article/78506

Mtb514Option: A

Integrated Windows Auth is depreciated in v8

DizzzyDOption: A

This was my answer, passed with 452

ZodiussteveOption: A

Active Directory over LDAP. vCenter Single Sign-On supports multiple Active Directory over LDAP identity sources. Key: multiple ADs https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-1F0106C9-0524-4583-9AC5-A748FD1DC4C5.html

Coombeg99Option: A

Agree - I believe "A" is correct here due to the depreciation of IWA from v7.

michael24Option: D

Answer is correct.

michael24

I answered A on the test, passed with 428.

hoboonhua

what is your answer, A or D?

lafegob

A Integrated Windows Auth is depreciated in v8