As per the screenshot, AD is successfully enabled and I even got the operation is successful line after configuring the AD. But, I cannot see any groups where I can add permissions for users.
In order to use AD groups you need to add the AD domain to the "Identity Sources". Login to the Web Client as the SSO admin "administrator@vsphere.local", and select Administration -> Single Sign-On -> Configuration -> "Identity Sources" (tab)
André
Hi Abhishek, This is purely due to lack of Identity source. You need to add an Identity source to the Vcenter.
Login to Vsphere web client with administrator@vsphere.local
go to Home
go to Administration
then go to Configuration Tab
Then click on Identity source
Click on Add Button(+ sign)
Select the first option (Integrated mode with Windows)
it will pick up your domain name.
Press Ok and wait for a sec. It will start showing up Domain name in the Identity Source List.
Now go to Vcenter and click on Manage.
Select permission Tab and you will be able to see your domain there in the list.
-Thanks@ !
Hi,
Thanks for the info. This helped. But, I've got the identity source configured. But, now when I go to Administration -> Users & Groups -> Users and select the source to be the AD domain, the list fails in populating throwing this error "Error: Idm client exception: Failed to establish server connection".
Can you please help?
see this KB for creating SPN
VMware KB: Creating and using a Service Principal Account in vCenter Single Sign-On 5.5
re-add your identity source once again using this KB please. See if that helps.