Hello All,
As it"s mentionned inside the title, i don't really understand how the Authentication provider works on vRO.
I'm trying to make an AD group "vRO admin" as admin group on the authentication provider in order to give them administrative right.
I can select my group, no problem but when i run "test login" ,with one menber of my vRO admin group it doesn't work, i got the message : "The user does not have administrative rights in vRealize Orchestrator. Login to the Orchestrator client depends on the user view permissions."
but after a lot of test, i discover that , if i set my ad user member of Administrator group on vCenter and change my Admin group to the administrator group, my test login works fine.
So i would like to know if it"s a normal behavior or if there is something wrong regarding my configuration.
Ps: I need those right to link my vRO with lifecycle manager.
Context :
AD group : vRO admin
AD user : vrslcm-vro-endpoint
vro version is 7.5
vcsa version is 6.5
AD User and group are working fine, as i can be connected with on vro java console without issue.
2nd test :
Thansk in advance,
Regards,
Hello,
I continued my test and just to share it with you, it's also work if you create a new local group ( inside vsphere.local) and set your AD's vRO admin group inside.
I tested it and users inside vRO admin group have administrative rights.
so it's seems it's not possible to set an AD group directly into Admin group on vRO provider even if vRO found it.
Regards,
Hello,
I continued my test and just to share it with you, it's also work if you create a new local group ( inside vsphere.local) and set your AD's vRO admin group inside.
I tested it and users inside vRO admin group have administrative rights.
so it's seems it's not possible to set an AD group directly into Admin group on vRO provider even if vRO found it.
Regards,