Hi There,
I have a vCAC 6.1 distributed configuration, we are just using the Default Tenant for all of our users. Our Identity Store is configured to use Native Active Directory.
When I create a business group, when selecting users for the specific roles, if I enter and AD group name, no results are returned. However is I enter a user account name the account is returned.
Any idea as to how I can resolve this would be greatly appreciated.
Kind Regards
Dean
Here is what works and VMware knows this is an issue, you have to put in the FQDN of the group. So if you have a group called vmware-administrators you would put in vmware-administrators@corp.local. Don't bother trying to hit the search button just type that group fqdn in the entry box and click okay at the bottom and it will resolve it and put it in the permissions.
I'd also like to point out that, in other areas AD groups do resolve correctly e.g. in tenant configuration, I can specify a group Tenant Administrators, and Infrastructure Administrators
I would open a ticket regarding this issue, resolving AD group names didn't work in 6.0 either. Just paste the AD Group name and press ok, it will be added to whichever role you assign it too. You can later search and assign it to your entitlements, searching for group names works there.
Here is what works and VMware knows this is an issue, you have to put in the FQDN of the group. So if you have a group called vmware-administrators you would put in vmware-administrators@corp.local. Don't bother trying to hit the search button just type that group fqdn in the entry box and click okay at the bottom and it will resolve it and put it in the permissions.
This workaround doesn't appear to work. Typing in the FQDN to the box, and clicking add, it says to correct the highlighted errors, and the box named is highlighted, however there is no way to add data to it directly without the search.
Where are you trying to enter the group name? If you are in Business or Fabric groups as long as you enter the group name as group@local.com (whatever the proper domain is) and then click okay at the bottom of the screen which saves the information then it should be fine because the search button will not work for groups. Can you find regular users?
I have logged a ticket with VMware I will get back to you when they get back to me. However I do think just pasting the fqdn of the group into the box does actually work correctly, as I have tested this.
I just went through this exercise with vCAC 6.1. Here is the process I got to work:
1. Add the fqdn of the security group (ie. groupname@sub.domain.com) to the Business group by just putting the name in the field and clicking ok - do not hit enter or click the search icon as this will fail.
2. On the entitlement, make sure the correct Business group is selected in the drop down menu at the bottom.
3. Start typing the name of the group that you added to the business group in the users & groups field and it will resolve.
It would be nice if VMware would fix this.
Same here - add the security group (search does not resolve), click OK and it added. Thanks for the tip!!
I must apologise for the delay in response. The official response from VMWare was this was indeed the case, you need to copy and paste the group into field.
Not sure if they are planning to fix this.
very annoying.
I just tried this on 6.1.0 build 2077124, and it will in no way add the group.
any solution to this ?