Adding an AD user to an existing SSO group does not get reflected on other vCenters.
Article ID: 312181
Updated On:
Products
VMware Cloud Foundation
VMware vCenter Server
Issue/Introduction
When it has an Active Directory configured as the external identity source and when AD users are made members of the existing SSO groups.
Symptoms:
The addition of a new AD user to one of the existing SSO groups on a vCenter, does not get reflected on other vCenters in the ELM. This happens only when the AD user/group is added for the very first time in the SSO domain.
Symptoms:
The addition of a new AD user to one of the existing SSO groups on a vCenter, does not get reflected on other vCenters in the ELM. This happens only when the AD user/group is added for the very first time in the SSO domain.
Environment
VMware vCenter Server 7.0.3
VMware vCenter Server 8.0.2
VMware vCenter Server 6.7.x
VMware Cloud Foundation 4.4.1
VMware vCenter Server 8.0.2
VMware vCenter Server 6.7.x
VMware Cloud Foundation 4.4.1
Cause
Replication of group membership of the added AD users does not occur for the very first time, with the current design.
Resolution
VMware is aware of this issue and working to resolve this in a future release.
Workaround:
Remove and add the AD user again to the same group.
Workaround:
Remove and add the AD user again to the same group.
Feedback
Yes
No
Powered by
