Highlighted
MarkyP99
6 Indium

Unisphere for VMax - AD Group Authentication

Hello,

I am looking to move away from using individual accounts on Unisphere (1.6.2.4) and use AD authentication groups instead.

I have deleted my account from Unisphere, created an AD group, added that group to Unisphere and assigned the appropriate arrays with a monitor role group. I then added myself to the AD group. All good so far.

I can then log into Unisphere  but I cant see any arrays at all now. I would expect to have monitor rights for the arrays that I assigned to the AD group.

I've tried this on different instances that we have with the same results. Any tips?

Thanks

0 Kudos
2 Replies
8 Krypton

Re: Unisphere for VMax - AD Group Authentication

Out of curiosity, have you tried creating a User with the same rights as the Group (i.e. a User with Monitor role for the required arrays)?  In this case, set the User to use Authority : LDAP-SSL and the authentication domain of your AD.

2016-02-15 17_18_40-#0xzsbfvcx0365 - Internet Explorer.png

Repeat for each user in the LDAP group.  Once the user logs out and logs in again to Unisphere, they should see the required arrays with the appropriate roles. 

No matter what we've tried, we've been unable to make the Group role work with LDAP.  Let us know if that helps!

Karl

0 Kudos
MarkyP99
6 Indium

Re: Unisphere for VMax - AD Group Authentication

Hi Karl,

We have been using single user authentication previously but as I would like to simplify things I want to start using AD groups. The function is there, but doesnt appear to work.

Using AD groups would make things easier when trying to automate a break glass process where users can be automatically move between a standard and elevated AD groups via an online form.

0 Kudos