VMware Cloud Community
lvaibhavt
Hot Shot
Hot Shot
‎02-14-2018 08:33 PM

Exception Mode is not working as expected in Lockdown mode

Hi All,

I have tried all the possible combinations however exception users in lockdown mode does not seem to work. I have seen few articles online as well but they doesn't seem to help

These are the steps that I've tried

  • Joined esxi domain to AD
  • Joined vCenter to AD and added AD as identity source
  • from VC --- highlighted esxi --- choose exception user as an AD account
  • enabled strict lockdown mode

When I try to login to esxi directly via url https://esxIP/ui and enter the AD credentials .... it returns permission denied error

exception.PNG

on the vcenter for the esxi this is the setting that I have configured

exception 02.PNG

Any suggestions where am I going wrong ? Thanks

Reply
0 Kudos
1 Reply
parmarr
VMware Employee
VMware Employee
‎02-26-2018 02:29 AM

Please see the VMware documentation : https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.security.doc/GUID-30A3063D-8E50-466...

As per this, Exception users are host local users or Active Directory users with privileges defined locally for the ESXi host. Users that are members of an Active Directory group lose their permissions when the host is in lockdown mode. So you have give permissions locally on the host

Sincerely, Rahul Parmar VMware Support Moderator
Reply
0 Kudos