VCSA 6.7 U3
Hi. I have the VCSA joined to AD via Integrated Windows Authentication. Synchronization of group membership from Active Directory to the VCSA is very slow - approx. 50 minutes.
For example, I add a user to the 'Full Admin' AD group. It will take approximately 50 minutes for AD/VCSA to sync and grant the full admin permissions on user login.
NTP is configured for the ESXi hosts / Domain Controllers / VCSA and I've verified all are consistent.
Is there a value somewhere set for the AD/VCSA sync?
Is there a way I can force the sync ?
Thanks in advance.
This is expected .. Only way is by restarting VCSA
thanks,
MS
Hey JudgementDay,
I recommend you to switch to Active Directory over LDAP as this Integrated Authentication will be deprecated in the following versions: vSphere 7 - Integrated Windows Authentication (IWA) Deprecation - VMware vSphere Blog
Try to change the method before configuring everything so in the future will be easier.