When executing the audit-esxi-8.ps1 script from the vSphere Security Configuration and Hardening guidelines, hosts joined to Active Directory (AD) return a false negative result.

• Joined Host Result:
  [FAIL] <hostname>: Active Directory integration is not configured correctly (<DOMAIN>)


• Unjoined Host Result:
  [PASS] <hostname>: Active Directory integration is configured correctly ()

The above result Active Directory integration is not configured correctly is returned  because the host is joined to an Active Directory domain for user authentication. In accordance with the vSphere Security Configuration Guide, joining an ESXi host to an Active Directory domain is no longer recommended. Refer to the VMware vSphere Security Configuration Guide 8.0.3 for the most up-to-date list of active security controls

• vSphere Security Configuration Guide 8.0.3 Resource Center
• Broadcom Knowledge Base - ESXi Security Best Practices