Is AD authentication broken in Virtual Centre?
I'm trying to delegate access to our Virtual Centre, with limited success. I've created global groups in AD, and assigned roles to those groups in VC 2.5u2. The first two groups have been in use for a few months without any issues, but yesterday I added a third group and that's when the problems started. Checking VC this morning the third group had dissappeared, and when I try to add it back in again it displays in the search box using the AD description, not the group name. Mike Laverick states in his VI3 book that AD authentication doesn't really work, but I was hoping that was just out of date.Anyone finding similar issues? I guess I could revert to using local groups, but that's far from ideal.
I dont think Mike Is referring to virtual centre when he's talking about flaky AD authentication - its Ad authentication direct to the hosts that less than perfect.
try creating a local group on the VC and add the global groups into it. Assign the VC roles to the local groups.
Thanks - in the process of creating local groups I noticed that the 'pre Windows 2000' login name was incorrect in AD properties for the troublesome group. I've corrected that and so far it's working fine. Incidentally Mike's comments (on page 527) do refer to Virtual Centre not ESX hosts directly, and he states that using Global Groups directly doesn't always work. The book was written for v3 though and we've gone through a lot of patches and a significant upgrade since then.
looks up book
I sit corrected - however looking at my virtual centre I have AD groups assigned to a number of roles ( VC2.5 U3 ) with a good degree of sucess.