We are attempting to configure our new VROPs 6.0 environment using best practices however there are some additional questions.
We have gone into Administration --> Authentication sources and added our domain as one of the authentication sources. Then I go to Access control --> groups --> import group. I am able to import the group, however when I add/remove members to the group I do not see the membership changes reflected.
Question 1 - Shouldn't the group membership sync automatically with AD when users are added or removed?
Secondly, I am able to log in using my DOMAIN\username account after selecting DOMAIN.local as my authentication source. When go to Access control --> User account I see 5 accounts (FIVE accounts!). Four list the source type as Virtual Center - VC and the last one has the source time of Virtual Center group.
Question 2 - Are ANY of these accounts the one I'm actually logged in to? Which account is the one I should be granting permissions to? Can I safely delete the others?
1 - group membership will update automatically. Its on a 15 minute sync i believe.
2 - every user who's a member of the group you imported will have a new "user" object created for them. You can assign roles and object access to the "group" or "users".
I dont know about deleting other accounts...
1 - group membership will update automatically. Its on a 15 minute sync i believe.
2 - every user who's a member of the group you imported will have a new "user" object created for them. You can assign roles and object access to the "group" or "users".
I dont know about deleting other accounts...
Did you enable auto-sync on the LDAP host config?
Thanks Pizzle, you are correct, the membership was reflected after 15 minutes.