VMware Cloud Community
andi303
Contributor
Contributor
‎06-09-2009 02:17 AM
Jump to solution

Access to AD groups, but not to users

Hello all,

Users and Groups are kept in seperate OUs in our Active Directory.

It seems that vCenter Server only accesses the OU with the group, therefore, I can only assign VM rights to groups.

Is there any solution to access more then one OU in the AD?

Thanks in advance,

Andreas

0 Kudos
1 Solution

Accepted Solutions
LarsLiljeroth
Expert
Expert
‎06-09-2009 05:38 AM
Jump to solution

Hi

VC does not access a single OU. It does a ldap query for all users and groups. So this could be a permissions issue.

The user starting the VC service might not have permissions to read the OU in witch your groups are located. ?

Have you tried to do search in the "assign permission" ?


// Lars Liljeroth

-

*If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

// Lars Liljeroth -------------- *If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

View solution in original post

0 Kudos
7 Replies
AndreTheGiant
Immortal
Immortal
‎06-09-2009 03:16 AM
Jump to solution

Which version of vCenter are your using?

Cause usally you can browse all users and groups stored both on local SAM and on AD.

Andre

**if you found this or any other answer useful please consider allocating points for helpful or correct answers

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
0 Kudos
AWo
Immortal
Immortal
‎06-09-2009 03:17 AM
Jump to solution

What is the maximum number of objects which VCenter Server is configured to display?

Users and groups should be shown independently from their location.


If you found this information useful, please consider awarding points for "Correct" or "Helpful" replies. Thanks!!


AWo

VCP / vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
0 Kudos
andi303
Contributor
Contributor
‎06-09-2009 05:23 AM
Jump to solution

Thanks for the help!

  • It's version 2.5.0

  • The maximum number of objects is set to the standard value (5000) which should be way enough.

Regards,

Andreas

0 Kudos
LarsLiljeroth
Expert
Expert
‎06-09-2009 05:38 AM
Jump to solution

Hi

VC does not access a single OU. It does a ldap query for all users and groups. So this could be a permissions issue.

The user starting the VC service might not have permissions to read the OU in witch your groups are located. ?

Have you tried to do search in the "assign permission" ?


// Lars Liljeroth

-

*If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

// Lars Liljeroth -------------- *If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
0 Kudos
LarsLiljeroth
Expert
Expert
‎06-09-2009 05:50 AM
Jump to solution

What if you just type the name in groups and press Check names ? .

// Lars Liljeroth

-

*If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

// Lars Liljeroth -------------- *If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
0 Kudos
andi303
Contributor
Contributor
‎06-09-2009 06:01 AM
Jump to solution

YES! That's the solution: the vCenter service was started as local system user. I've changed the user to one of my domain and everything works fine!

Thanks again for your help!

Andreas

0 Kudos
LarsLiljeroth
Expert
Expert
‎06-09-2009 06:19 AM
Jump to solution

Perfect.

NP


// Lars Liljeroth

// Lars Liljeroth -------------- *If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
0 Kudos