• After upgrading the local managers to to 4.2.1 or above, the Active Directory (AD) users face authentication error.
• AD users cannot log in to any NSX manager. The authentication with the Local User (Admin) works fine.
• The Access Denied page URL displays error message code:
  ErrorMessageCode=noroles
• When the role binding is applied directly to the user, the login works fine.
• However, when role bindings are assigned to an LDAP group (the user is a member of), the login results in an authorization error and the below could be observed in the logs:
  
  root@NSX-Manager: /var/log# tail -f syslog | grep -i username 
2024-12-24T10:10:10.974Z NSX-Manager.domain.local NSX 76567 SYSTEM [nsx@6868 comp="nsx-manager" errorCode="MP401" level="ERROR" subcomp="manager"] User [email protected] with groups [] and incoming roles null is not authorized to access API with rbac_feature utilities_backup having required_permission read.

VMware NSX

LDAP User Login on NSX Standby Global Manager Fails with Authorization Error
Error "Access Denied" received by AD Users login message after upgrade