Firewall section is greyed out when Enterprise administrator role is applied to the AD group

search cancel

Firewall section is greyed out when Enterprise administrator role is applied to the AD group

book

Article ID: 321253

calendar_today

Updated On:

Products

VMware NSX Data Center for vSphere

Issue/Introduction

When the Enterprise Administrator role is given for an AD group (Users and Domains > Users > Identity User > Specify vCenter Group) and the user who belongs to the AD group logs in and locks a firewall section, you experience this symptom:

The locked section is greyed out for the user after page refresh.

Environment

VMware NSX Data Center for vSphere 6.4.x

Cause

This issue occurs because the locked by user details rendered for UI API and the firewall backend API do not match.

Resolution

This is a known issue affecting VMware NSX Data Center for vSphere 6.4.2 and later versions.

Currently, there is no resolution.

Workaround:

Give the Enterprise Administrator role to users directly (Users and Domains > Users > Identity User > Specify vCenter User) instead of the AD group.

Feedback

thumb_up Yes

thumb_down No