Hello All,

As it"s mentionned inside the title, i don't really understand how the Authentication provider works on vRO.

I'm trying to make an AD group "vRO admin" as admin group on the authentication provider in order to give  them administrative right.

I can select my group, no problem but when i run "test login" ,with one menber of my vRO admin group it doesn't work, i got the message : "The user does not have administrative rights in vRealize Orchestrator. Login to the Orchestrator client depends on the user view permissions."

but after a lot of test, i discover that , if i set my ad user member of Administrator group on vCenter and change my Admin group to the administrator group, my test login works fine.

So i would like to know if it"s a normal behavior or if there is something wrong regarding my configuration.

Ps: I need those right to link my vRO with lifecycle manager.

Context :

AD group : vRO admin

AD user : vrslcm-vro-endpoint

vro version is 7.5

vcsa version is 6.5

AD User and group  are working fine, as i can be connected with on vro java console without issue.

2nd test :

• set user vrslcm-vro-endpoint@lab65.local menber of vCenter Administrator group
• Change Admin group to vSphere Administrator group

Thansk in advance,

Regards,