Question: How can I get "VCenter Group" type to allow vShield Manager access from the web page?
Background: When assigning an AD domain group the Enterprise Administrator role in vShield manager the domain account members are not allowed to login to vShield Manager
Notes:
* I have never had this working previously. I may be doing it incorrectly.
* I have added the group in the format of domain\group and granted it "Enterprise Administrtator" role in vShield Manager
* If I login to vShield Manager with an AD account that is a member of the domain group I receive the error "Please enter a valid username and password".
* If I add the same individual user account in the format of domain\username and grant it "Enterprise Administrtator" role vShield Manager allows the account to login.
* The AD group has been defined in vCenter itself by adding it to the permissions tab on the root object in vCenter with Administrator permissions.
add your AD domain group with FQDN of your domain to vShield Manager: domain.com\ad-group
Correct
This fixed the issue! Thanks for your reply!
Note:
The the vShield manager will allow you to use the format domain\username to grant access to individual users and they will receive the necessary access.
However, when specifying a group in the same way it will not work. You must use domains full fqdn domain.com\group in this case.
Not seeing how to mark this as correct and grant you the points? Anyone?
worked for me thanks
use fqdn domain.local\username using just domain\username doesn't work in 5.1.2