VCF Operations User/Group Import Fails With “Users search in VCF SSO failed”
search cancel

VCF Operations User/Group Import Fails With “Users search in VCF SSO failed”

book

Article ID: 419960

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

When attempting to import users or groups in VCF Operations under Access Control for the VCF SSO configuration, the import fails with the error: 
“Users search in VCF SSO failed"

Environment

VCF Operations 9.x

Cause

This issue occurs because Single Sign-On (SSO) is not enabled for the VCF Operations appliance in Fleet Management. Without SSO being enabled and configured with the VCF Identity Broker, VCF Operations cannot query or import users/groups from VCF SSO.

Resolution

To resolve the issue, enable SSO for the VCF Operations appliance and then perform the user/group import.
  • Enable Single Sign-On (SSO) for VCF Operations
    • Log in to the VCF Operations UI as a local admin: https://<VCF_OPS_FQDN_OR_IP>/ui
    • In the left navigation pane, go to: Fleet Management > Identity & Access
    • In the Identity & Access pane, select: VCF Management > Operations appliance
    • Under Enable Single Sign-On, click Continue.
    • When the Role Assignment Required dialog appears, check: “I confirm that I understand the requirement to perform role assignments in order to enable SSO for the selected component(s).”
    • Then click Continue.
    • On the Configure Component page, select the VCF Identity Broker from the dropdown list.
    • Click Configure.
    • When the Role Assignment Required dialog appears again, confirm the checkbox and click Continue.

  • Import Users/Groups in VCF Operations
    • Log in to VCF Operations as a local admin: https://<VCF_OPS_FQDN_OR_IP>/ui
    • Navigate to: Administration > Control Panel > Access Control
    • Go to the User Accounts or User Groups tab.
    • Click the horizontal ellipsis (⋯) next to the Add button and select: Import from Source
    • In the Import page, set the Import From field to: VCF SSO
    • Use the Search Prefix field to find users or groups, then click Finish.
    • After the users and/or groups appear in the Access Control list, select the entry.
    • Click the vertical ellipsis (⋮) and choose Edit.
    • Under Assign Roles and Scope, assign the appropriate roles and scopes.
    • Click Save.

Additional Information

Powered by Wolken Software