Hi there,
I have an issue that I can't handle. Getting an ‘Access Denied, You do not have access to this service. Contact your administrator for assistance’ error when logging into the portal using domain users/admins even after adding the group to the tenant and IAAS admin groups and to various business groups etc. Login using local acounts is fine and searching domain users works a treat.
Any ideas? Cheers
Hi All,
Thanks for the help. I have done this issue. Let me explain the condition. Before I test login user domain, I have synced the AD and the AD's group I want to add and vRA could find the user on the groups I have synced. But, when I test user domain to login, it can't/
I solved this issue by re-add directory. In my client's enviroment there are two active directories and come out to one domain. The first try I point the vRA to sync with AD thru domain, it's failed to login. The second try I point the vRA thru FQDN of the AD, it's succeed and runs normal until now.
Cheers
did you change the domain on logon?
If you are using vIDM (which came with vRA7.x) you need to do a SYNC in order to get the new AD users created.
Go to "Administration / Directories management / Directories", locate your directory and click on the button "sync now". Then try to log in again.
You can manage the frequency for automatic syncs editing the directory and clicking on "Sync Settings"
If you are using the "Select all" checkbox to synchronise members of AD groups from a specific DN, when the group membership changes, you need to check the "select all" checkbox again and synchronise. This will ensure all modifications in AD group membership is synchronised with vIDM.
Hi All,
Thanks for the help. I have done this issue. Let me explain the condition. Before I test login user domain, I have synced the AD and the AD's group I want to add and vRA could find the user on the groups I have synced. But, when I test user domain to login, it can't/
I solved this issue by re-add directory. In my client's enviroment there are two active directories and come out to one domain. The first try I point the vRA to sync with AD thru domain, it's failed to login. The second try I point the vRA thru FQDN of the AD, it's succeed and runs normal until now.
Cheers