Unable to login to Cloud Director using custom LDAP setings when leveraging groups for controlling access.
search cancel

Unable to login to Cloud Director using custom LDAP setings when leveraging groups for controlling access.

book

Article ID: 387875

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • Creating a Role in Cloud Director and a role to a group "Enabling the Inherit" is causing access issues.
  • Cloud Director is configured using custom LDAP i.e different LDAP Server settings than the system LDAP.
  • Cloud Director is configured to use groups for controlling access.
  • If a user is in a group, the user is unable to login.
  • If the user is imported directly, the user is able to login

Environment

VMware Cloud Director 10.6.x

Cause

This issue occurs when the Tenant Organization or the assigned Role is missing one or more rights.

Resolution

1. Delete the imported LDAP group from the Tenant Portal and reimport.

2. From the Provider Portal, navigate to Cloud Resources > Organizations > Select the affected Tenant.

3. Inside the Tenant Portal, navigate to Administrator > Identity Providers > LDAP and click "Sync".

 

To allow Tenant users to sync LDAP, make sure to have the following permissions:

Rights bundles

Default right bundle:

- View the LDAP settings

- Manage the LDAP settings

- Edit Organization LDAP Properties

Publish to Tenant.

 

Global Roles

Organization Administrator / Or the Role which tenant user use

- View the LDAP settings

- Manage the LDAP settings

- Edit Organization LDAP Properties

Publish to Tenant.

 

 

 

 

Powered by Wolken Software