I have connect my vCenter with the Active Directory of my Company.For example i put some AD Users in in the Adminstrator Permission Roll same where the Local Administrator is but the AD User do not have the same Rights.
Did you apply global permissions also for AD user/group?
Yes i used the global Permissoin. And also propagate to child objects.
Can you tell me what rights AD user is missing compared to administrator account.
Vor Example:When i got to Administration - Users and Groups i got the Message "You have no privileges to view this object."But iam in the "Administrator" Roll.Iam also not able to Upload a VM because i got the error, that i do not have permission to the datastore.
can you share the screenshot of permissions for datastore and mention the user you are having issue with ? also screenshot of global permissions?
So actually i should have the same Right like the local Administator.With the local Administator i can also upload VMs so have permission the the datastore.
Please add your AD group to the vCenter SSO Group. Below article may help you. You need to login as administrator@vsphere.local to make this changes.
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-CDEA6F32-7581-4615-8572-E0B44C11D80D.html
die which SSO Group?Do you mean the Group "Administrators" oder more Groups?
under SSO you will find a group called Administrator. In that group, please add your AD user/Group.
There are many Admin groups.
use group named Administrators.
Hi,
Try with the group.
Create a group in AD, add some users there and then add this group to vCenter with Administrator permissions to child objects.
Login to vCenter with a user from that group and verify the permissions.