VMware vSphere

 View Only

  • 1.  vCenter / Active Directory user group sync

    Posted Oct 12, 2020 10:26 AM

    VCSA 6.7 U3

    Hi. I have the VCSA joined to AD via Integrated Windows Authentication. Synchronization of group membership from Active Directory to the VCSA is very slow - approx. 50 minutes.

    For example, I add a user to the 'Full Admin' AD group. It will take approximately 50 minutes for AD/VCSA to sync and grant the full admin permissions on user login.

    NTP is configured for the ESXi hosts / Domain Controllers / VCSA and I've verified all are consistent.

    Is there a value somewhere set for the AD/VCSA sync?

    Is there a way I can force the sync ?

    Thanks in advance.



  • 2.  RE: vCenter / Active Directory user group sync

    Posted Oct 13, 2020 12:55 PM

    This is expected .. Only way is by restarting VCSA :smileyhappy:

    thanks,

    MS



  • 3.  RE: vCenter / Active Directory user group sync

    Posted Oct 18, 2020 09:54 AM

    Hey JudgementDay​,

    I recommend you to switch to Active Directory over LDAP as this Integrated Authentication will be deprecated in the following versions: vSphere 7 - Integrated Windows Authentication (IWA) Deprecation - VMware vSphere Blog

    Try to change the method before configuring everything so in the future will be easier.