Content Library Not Visible in to specific AD group in vCenter Server
search cancel

Content Library Not Visible in to specific AD group in vCenter Server

book

Article ID: 382970

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Users belonging to an AD group cannot view content libraries in vCenter Server, despite having appropriate role assignments. This prevents template deployment and other content library operations.

Environment

- vCenter Server 7.x or newer
- Active Directory authentication
- Role-based access control implemented
- Content libraries configured

Cause

The issue occurs when global permissions for the AD group are not properly configured in vCenter Server, even if appropriate roles are assigned at other levels.

Content library permissions must be defined at the global permissions level as you can see from the diagram anything lower in the hierarchy is ignored. 

Resolution

  1. Navigate to vCenter Server global permissions:
    1. Log in to vCenter Server as an administrator
    2. Go to Administration > Access Control > Global Permissions

  2. Add global permissions for the AD group:
    1. Click the + icon to add a new permission
    2. Search for and select the AD group
    3. Assign the appropriate role
    4. Click OK to save

  3. Verify the configuration:
    1. Have an affected user log out and back in
    2. Confirm content library visibility is restored
    3. Test template deployment functionality

Additional Information

Powered by Wolken Software