VMware Cloud Community
spencewood
Contributor
Contributor

User permissions and LDAP

We have a group added from LDAP in our Chargeback Manager and they cannot see the hierarchies or the vCenter Servers that have been added into Chargeback Manager.  If you attempt to add a vCenter with one of these accounts it says that it is already there but you cannot see it. I have given everyone in this group admin rights and from what I can see they should have access to these but don't.  What needs to be changed in order for users to see these options?

Reply
0 Kudos
3 Replies
jddias
VMware Employee
VMware Employee

Did you give the group permissions to the hierarchy?  See below:

2013-07-17 15_29_55-vCenter Chargeback Manager.png

Visit my blog for vCloud Management tips and tricks - http://www.storagegumbo.com
Reply
0 Kudos
spencewood
Contributor
Contributor

Yes and even on the vCenter and when I log in with the LDAP account in that group I still cannot see any vCenters or hierarchy.

Reply
0 Kudos
mattslotten
Contributor
Contributor

We're having the exact same problem.  It appears that vCBM does not map the permissions from the user's group membership to the user... It allows the user to login but does not assign any roles with vCBM, even if the user's group has a role assigned.  The only workaround we've found thus far is to manually add the user's LDAP account and assign a role.  Quite clunky, might as well not even have LDAP authentication if it can't parse group memberships

Reply
0 Kudos