For security reasons, an administrator removes a user from the Active Directory domain used by
all ESXi hosts for authentication. At the time the user is removed they are actively logged into an
ESXi 5.x host through the vSphere Client.
What is true regarding this scenario?
A.
The user immediately loses connectivity to and permissions on the host.
B.
The user retains permissions and connectivity to the host for up to 24 hours.
C.
The user retains permissions on the host until the host is rebooted.
D.
The user retains permissions on the object until the next time the user logs in to vCenter
Server.
Very tricky
ESXi host based users via AD:
“Users who are logged in and are removed from the domain keep their host permissions until you restart the host.”
vCenter based users via AD:
“Users who are logged in and are removed from the domain keep their vSphere permissions until the next validation period. The default is every 24 hours.”