vCenter

 View Only
  • 1.  AD Permissions issue in vCenter

    Posted Apr 17, 2015 01:57 PM

    Running vSphere 5.5U2 with SSO and Windows AD authentication

    Here is my issue:

    Some customers only needs access to a particular cluster or vApp.  Ideally, instead of adding their actual AD account, I just put them in a security group that has whatever level of access they need.  So I put user "A" into security group "B" and give security group "B" permissions in vCenter.  I give them "Read-only" access to the vcenter server and datacenter and do not check "propagate to child....."  Then I give security group "B" the appropriate rights to the cluster they need and keep propagate checked.  This fails.  They cannot log in

    However, if I skip putting them into a security group and just use their individual AD account, it works no problem.  Is there something I am missing here because its been an issue for a LONG time.  Ive tried "googling" and can never find a solution.

    Thanks in advance!!



  • 2.  RE: AD Permissions issue in vCenter

    Posted Apr 17, 2015 02:03 PM

    have you some printscreens of your actual permissions configuration?

    normally you can also work with active directory security groups...



  • 3.  RE: AD Permissions issue in vCenter

    Posted Apr 17, 2015 02:11 PM

    I'd rather not do screenshots as this is a production environment;)  Just wondering if anyone else has had this issue and if they fixed it.