VMware Cloud Community
vova001
Contributor
Contributor
‎08-09-2019 01:25 PM

Permissions for the AD group do not apply

Hello

When I grant permissions for AD groups in vCenter 6.7 U2, permissions for some groups do not work, and users encounter the error: “Unable to login because you do not have permission on any vCenter Server systems connected to this client ".

But with other groups, permissions apply without problems and work well.

I do not find any differences in the groups whose members can connect to the vCenter and who cannot.

Any idea what this could be?

Thank you in advance.

VMware ESXi, 6.7.0, 13981272

VCSA Version: 6.7.0.32000  ; Build number 14070457

Domain and forest functional level is "Windows Server 2012 R2"

Tags (1)
Reply
0 Kudos
3 Replies
RajeevVCP4
Expert
Expert
‎08-09-2019 02:29 PM

VMware Knowledge Base

try this KB 1003872

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you
Reply
0 Kudos
Alex_Romeo
Leadership
Leadership
‎08-10-2019 01:21 AM

Hi,

Try to follow this article which is well explained, also applies to 6.7:

https://www.virten.net/2017/01/how-to-add-ad-authentication-in-vcenter-6-5/


Also try to insert a user who belongs to the group that does not allow login into the group that works, and execute the logjn, we see the result. The problem may depend on AD and not on the Vcenter.

Alessandro Romeo

Blog: https://www.aleadmin.it/
Reply
0 Kudos
vova001
Contributor
Contributor
‎08-12-2019 03:16 AM

Hello RajeevVCP4 and AlessandroRomeo68

Thank you for your reply

AD groups in the Vcenter have appropriate permissions.

For example, if I granted the same permissions to two groups "A" and "B", members from the one group "A" has access but members from the group "B" does not have access.

If I transfer a member from group "B" to group "A", that member will appear permissions.

I have a few AD groups which members do not have granted access and can't find the reason.

Reply
0 Kudos