Q: 10
An administrator must configure identity access for VMware vSphere Foundation (VVF) to allow
admin accounts from the enterprise Active Directory domain corp.local to log in using domain
credentials. Security requires authentication to use the default Active Directory protocol, without
federation.
Which configuration step is required to enable Active Directory users to authenticate to vCenter?
Options
Discussion
Option D is right here. The question says use "default Active Directory protocol" and no federation, so it's got to be AD over LDAP. Setting up SAML or OIDC would involve federation, which isn't allowed per the requirements. Pretty sure that's what VMware expects unless I'm missing something subtle.
D. not C. LDAP matches the scenario requirements for direct AD auth with no federation.
Option D "Active Directory over LDAP" is the default protocol, no federation needed for corp.local, so that's the right config in vCenter imo.
A is wrong, D. You need to set up Active Directory over LDAP since the question says no federation and just use the standard AD protocol. That's how vCenter connects directly for auth in this scenario, I think.
D imo. B is tempting but federation isn't allowed by the scenario.
Probably D. The question is clear about not wanting federation and just using the default AD protocol, which points to Active Directory over LDAP. Pretty sure that's the most direct setup-open to debate if anyone sees different logic.
B looks right to me, since SAML is often used with enterprise Active Directory setups for authentication. Pretty sure some exam reports mention needing SAML config in vCenter, at least in past versions. Official guide might help clarify this.
D tbh here. It directly supports Active Directory auth without federation, which is exactly what the scenario asks for.
C/D? I picked C since OpenID Connect is used with modern setups and feels more flexible, but probably falling for the federation trap here. LDAP is the traditional way, right? Not fully sure.
B
Be respectful. No spam.
