It is recommended to register your NSX deployment with your corporate domain. This allows NSX to map user and group information and also the associations that allow you to create security bindings based on these relationships.

Register a domain to your NSX Manager with the following procedure:

1. Log in to the vSphere webclient and navigate to Home | Networking & Security | NSX Managers. Select your NSX Manager, and go to the Manage | Domain tab:
   
2. Click the + sign to add a new domain.
3. Enter a fully qualified Domain Name.
4. Specify the domain controller that the domain needs to be synchronized with. Select the protocol.
5. Enter the user credentials for the account and click Next.
6. Select Use Domain Credentials if you want to authenticate using the LDAP server.

7. You can additionally select Yes or No for the security event log segment. This step is used by Active Directory Event Log Scraper, which allows you to configure the identity firewall, where firewall rules are tied to your Active Director users. This logging allows NSX to detect when a user has logged in to a specific machine so those security policies can be applied. In the Security Event Log Access page, select either CIFS or WMI for Connection Method to access security event logs on the specified AD server and change the port number if required:

8. Click Next and click Finish when done.

By default, all domains are synchronized automatically every three hours. Under NSX Managers | Name columns | Manage tab, click on the appropriate synchronization technique. While delta synchronization synchronizes only changed AD objects, a full synchronization does a complete refresh of all AD objects.