Upgrade to appliance 6.5 failed to bring over AD permissions and join AD
everything on the migration worked except the joining to ad I think it is because we use 2 factor authentication and it looks like the permission didn't come over what can be done?
I joined the appliance to the domain through the console and it joined fine. But none of my AD groups or users migrated. So I added them manually, the groups do not work but the users do
Why not build out a new VCSA? and then just move your host into that vCenter and retire the old? That way everything is clean and you are not bringing any potential baggage with you.
That is can't show a list of the AD accounts and when I add the user name manually in this fashion AD\username that user can login but has minimal access even as a administrator. When I remove the individual user account and try to use an AD security group it says I do not have permissions
Yes I am going to remove the users I manually added, leave the domain from the UI, delete the machine from AD, rejoin the domain and then reboot, What about the identity source, does that need to be removed?
The identity source was there even after it failed to join the domain, and I never removed it before I manually joined the domain. I would assume it is necessary to remove the machine account from AD as well
Just to verify, when you do the domainjoin-cli that is joining the vcsa to the domain. You will need to still join the vcsa to AD and then add the identity source.
