I have installed Orchestrator on a vm that is separate from my vCenter servers ( have several and some of them are linked). When I did the install I set it up to use AD for authentication. I assigned a group to which I am a member as the administrative group. Now I want to grant access to another group so they can manage their own workflows etc. They have rights in vCenter to manipulate vm's in a particular cluster. They can login to vCenter with no issues and work with their vm's. However when they attempt to login to the orchestrator client they are denied.
I am using ESXi 5, vCenter 5 update 1, and Orchestrator 4.2.1 build 555.
Is there another place I'm suposed to set permissions for this group so they can be "users"?
Thanks
Dan
Not sure if you have already done it but you also need to specify the access rights for the new group in context of vCO.
Go to "My Orchestrator/Permissions" click "Add Access Rights" and search for the new group that you want to add.
Specify the Access Rights and click "Select".
You can also take a look here http://communities.vmware.com/message/1616865.
Hope this helps!
It looks like you have setup admin group but have you set up a "Group Lookup Base" or a "User Lookup Base" as explained in the documentation:
Thanks Igor for the reply. I do have both a group base and user base configured. I've had them since day one. Any other thoughts?
Also I'm not using ssl or the global catalog.
Not sure if you have already done it but you also need to specify the access rights for the new group in context of vCO.
Go to "My Orchestrator/Permissions" click "Add Access Rights" and search for the new group that you want to add.
Specify the Access Rights and click "Select".
You can also take a look here http://communities.vmware.com/message/1616865.
Hope this helps!
Thanks igaydajiev. That was what I was missing. I had added them under Authorizations not My Orchestator.