Cannot add permissions for users Active Directory - the directory access error

Hi all

VCenter, connected as long as user with administrator privileges on the server, Active Directory running I am can be used to add permissions for domain accounts and just get errors:

Right-click on the data center & gt; Add authorization & gt; Select read-only & gt; Add users and groups & gt; Select the domain & gt; (the list is NOT populated with users)

Among users, enter my account of user AD & gt; Click on check names & gt; "The following names are not found: xxx".

Enter the AD user account in the search box & gt; Click Search & gt; "A general system error occurred: directory access error.

The only son I can find or KB articles relate to the modification of the period of Active Directory.  I did, but it did not help.

http://communities.VMware.com/thread/14150

http://KB.VMware.com/kb/1010094

Any ideas why I can't delegate permissions? I do not think we have group policies that are resticting access, but I don't know which of the log files I should I seek to find the real problem.

Thank you

Kevin

Windows Server 2003 R2 Standard Edition, vSphere Client 4.0.0 build 162856, vCenter Server 4.0.0 build 162856, ESXi 4.0.0 build 181792

The problem that I had was related to what service vCenter services were running as.  No doubt during the installation (for some reason that escapes me now) I had configured the VMware VirtualCenter Server and VMware VirtualCenter Management Web services run under the local administrator account.  Change these so they ran as system Local solved the problem, and then I have a list of domain users and assign them permissions.

Kevin

Tags: VMware

Similar Questions

  • Level of different privilege for users Active directory

    Hello

    We have integrated the Acs 4.1se with directory.now active windows, must be given some full privige of users some client devices, and show only level privilege to some devices.what is that the steps required in ACS and ACS customers. Also how long dynamic users will stay in ACSthanks in advance

    Also in acs an aaa client or user may not be a part of the group then one more.

    Kind regards

    ~ JG

  • Management of permissions for users on the network.

    Hello

    My question is General and related to xp and windows 7 as well.

    Can someone explain to me how to manage permissions for users on the network?  It's easy to do the job when I talk to local users, but I can't find a way to add computers to the dialog box object types. I have only options of theses: built-in security principals, users and groups. In the locations list, I see only my computer and cannot find how to add computers to all networks.

    Thank you

    For Windows XP, it makes a difference if "Simple file sharing" is enabled or disabled.  Simple file sharing is * always * activated if you have Windows XP Home Edition and it is the default setting in XP Pro.  Sharing files Simple enabled, * all * users who are connected to a network on your machine are forced to authenticate on the machine as the 'Guest' user - which means that you have no user authentication in Windows Home or XP Pro without disabling Simple file sharing.  This means that every network user has access only to files to the files which has permissions for the Guest user.

    If you have XP Pro and disable Simple file sharing, then you can ask users to authenticate on your local machine and give everyone access to its own set of file permissions.  If the user connects to a network computer that contains the same user name and password that the user is currently logged on the local computer, the authentication is automatic.

    "How to disable the file sharing simple and how to set permissions on a shared folder in Windows XP"

    <>http://support.Microsoft.com/kb/307874/en-us >

    HTH,

    JW

  • After you have configured remote access on Server 2003, I am unable to find the 'users Active Directory & computers'.

    am setting up remote access on the MS 2003 Server following the white paper, but can not find the 'users Active Directory & computers' to set the ip this part has been renamed or hidden somewhere?

    original title: MS Server 2003

    Post in the Windows Server Forums:
    http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer/

  • Add several domain in Active Directory

    Add several domain in Active Directory

    Hello vinod Thakur Linux,.

    Microsoft Communities is consumer related questions about Windows 8, Windows 7, Windows Vista and Windows XP. For questions about the field of issues related to Active Directory, it would be best to ask your question on the TechNet forum.

    Click here to transfer your question in TechNet for Windows Server in the Directory Services forum.  They will be able to solve your problem.

    Thank you

    Marilyn

  • Cannot add, remove, or edit contacts in the address book.

    Original title: address book problems

    On Windows XP, use Outlook Express, am not able to ADD, REMOVE, or EDIT contacts in my address book... not really sure WHY... any help will be GREATLY appreciated. Thank you very much.

    Hello

    Welcome to the Microsoft community!

    The description of your post, I see that you cannot add, remove, or edit contacts in the address book.

    Please, try the steps from the following link:

    An Outlook Express basic repair kit

    http://support.Microsoft.com/kb/2398839

    I hope that helps!

    Answer please if you need help on this page or the Windows problems.

    We will be happy to help you!

     

  • Cannot be getNodeWithProps. AppParameters treatment in the SOAP header error: AppParameters does not exist in the SOAP header.

    Hi all

    Cannot be getNodeWithProps. AppParameters treatment in the SOAP header error: AppParameters does not exist in the SOAP header.

    " < = xmlns:env env:Envelope ' http://schemas.xmlsoap.org/SOAP/envelope/ ' > < env:Header / > < env:Server env:Body > < env:Fault > < faultcode > < / faultcode > < faultstring > cannot getNodeWithProps.» AppParameters treatment in the SOAP header error: AppParameters does not exist in the SOAP header. "< / faultstring > < details > < DrmServiceException xmlns ="http://drm.webservices.epm.oracle"> < Message xmlns:ns2 ="http://drm.webservices.epm.oracle"xmlns =" "> cannot getNodeWithProps." AppParameters treatment in the SOAP header error: AppParameters does not exist in the SOAP header. "< / Message > < Code xmlns:ns2 ="http://drm.webservices.epm.oracle"xmlns =" "> 0 < / Code > < / DrmServiceException > < / details > < / env:Fault > < / env:Body > < / env:Envelope > "

    clues?

    Thank you

    Mady

    Hi Mady,

    Have you run a test of the DRM of this URL service section? Part of the SOAP message that must be sent to the web service DRM when calling the AppParameters is in the header of the SOAP message. This is the example that gives the URL:


    http://DRM.WebServices.EPM.Oracle">
    http://DRM.WebServices.EPM.Oracle ">http://localhost:5240 / Oracle/Drm/APIAdapter "
    http://DRM.WebServices.EPM.Oracle "> ProductVersion = 11.1.2 CultureName = US, TimeZoneOffset =-360"

    The error is just saying that the section of AppParamters doesn't seem to be there in the SOAP message that was received. How you call the web service DRM method that returns this error? It seems just that, however, it is called the AppParameters is missing in the SOAP message is sent to.

    Do you need some kind of common authentication method setting upward for Weblogic and Shared Services, but not necessarily OID. I mentioned a possibility without using an external LDAP directory here on a case where you set up a development environment Re: configuration of the DRM web service API

    Concerning

    Craig

  • Cannot add contacts for the 'To' and 'cc' Box when sending emails

    Original title: emails

    cannot add contacts to the area "to" or "cc" box when sending mail that I only get the option to add addresses to a small drop-down list when I click in these boxes. I tried to uninstall the application and reinstall but made no difference!

    If you click on the "To", "Cc" or "Bcc" once he frequently gives you used, click New and , it gives you the complete list.  You can switch backwards between them by clicking on


    A more permanent solution   For Outlook
    Gear
    Several e-mail settings
    Customize Outlook
    Advanced Privacy settings
    AutoComplete suggestions
    Give suggestions for anyone I contacted (contacts and non-contacts)
    Save

  • Team CC. Need to change the permissions for users

    I installed CC team on multiple computers, up to 15 or more.

    I did install the package to do this.

    I used the default settings which, among other things, do not allow users to update the applications. The Admin can do it alone.

    Now, I am facing the problem that users who use CC on their private computer cannot update certain programs, because the Admin has to do this.

    Is there a simple way to change the permissions so that they can be updated?

    Sigurdur Armannsson salvation,

    Please follow this link to activate the feature updates in applications.

    http://helpx.Adobe.com/Creative-Suite/KB/disable-auto-updates-Application-Manager.html

    Kind regards

    Abhijit

  • Multiple users Active Directory membership mapping group

    Hi all

    We got 4.2 ACS and two types of user access to our network:

    1_ we got some users in 'CiscoAdmins' Active Directory, corresponding group mapped Cisco ACS group is "switch Admins.

    2_ we also have some users in "VPN_Users' group Active Directory, corresponding mapped Cisco ACS group is"VPN_Users.

    In the "Command mapping" page on Cisco ACS 4.2, we put tte group 'CiscoAdmins' Active Directory mapping at the top "VPN_Users' Active Directory group mapping. So what happens is, if a user belongs to two "CiscoAdmins" and "VPN_Users" groups in Active Directory, users always goes in the "Switch_Admins" group in Cisco ACS.

    However for some users (who belong to two groups in Active Directory), we need to apply some IP allocation and specific authorization.

    The suggestiongs are welcome.

    Thanks in advance.

    Dumlu

    Yes, check ACS for belonging to the user group and it can determine if the user is a member of several groups and then map the corrosponding ACS group. Little additional material on the ACS group mapping

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/GrpMap.html#wp940538#wp940538

    -

    Note: Please rate the answer if it helped

  • Permissions for user Workflow in web display Interaction

    Hello
    I am a newbe to vmware Orchestrator,
    I do a stream of work that require user intervention.
    Everythings works fine, including the security.group attribute in the interaction of the user associated with an OperatorGroup in Active Directory.
    So right now, I want to use the web view where a single user can start the workflow and can respond to another user (member of the opertorGroup) to the workflow.

    Here begins the problem:

    If the user of OperatorGroup use the vCO Client to answer, everything is ok,
    But if try to use web display (weboperator), I find the workflow running in the waiting state, but once chosen correctly I do not see the "Answer" button but only a simple string 'Description' and nothing else.
    In the vCO server log, I found this error:

    ERROR [WebObject] property does not exist 'displayName' object WorkflowToken%2Cdunes%3A%2F%2Fservice.dunes.ch%2FWorkflowToken%3Fid%3D%2791808080808080808080808080808080BC80808001333462110581b675f900f65%27%26dunesName%3D%27WorkflowToken%27

    ERROR [WebObject] property does not exist 'description' object WorkflowToken%2Cdunes%3A%2F%2Fservice.dunes.ch%2FWorkflowToken%3Fid%3D%2791808080808080808080808080808080BC80808001333462110581b675f900f65%27%26dunesName%3D%27WorkflowToken%27

    If I try with a member of the user of the 'Oct Admin Group', it works...
    I tried to assign all permissions (view, run, inspect, Admin, delete) in the workflow and also in the folder OperatorGroup root, but nothing has changed.

    If I run the workflow to a user of the OperatorGroup, the web pages display correctly. (the 'reply' button is indicated).

    It seems there's a problem of the opinion weboperator filter when the running workflow with different credentials of the user running workflow.

    Can someone help me?
    How can I solve this problem?

    Thanks to advice.

    Simone Anastasio

    Using vCO 4.2.1? If so, please try the following:

    http://KB.VMware.com/kb/2016770

  • Naming Convention for user performed at the Complutense University of MADRID

    Hi all

    Are there specific rules for the naming convention for the assignment of user name in the University Complutense of MADRID 11 g? Is there a specific type of some special characters that cannot be used by the UCM in username?

    Thank you
    Saurabh Anand

    It is the same for the user name. This is a limitation of the underlying directory server. So your restrictions will be the result of the restrictions in the underlying system (AD or LDAP). in general, stick with single-byte characters and using something like the first initial and the name or rating first.last is fairly reliable

  • Cannot add Windows Vista PC to Windows 2008 domain. Error message: an attempt to resolve the DNS of a domain controller in the domain being joined has failed...

    When you try to add a new computer Windows Vista (hqseven) to a Windows 2008 network, I get the following error message... "An attempt to resolve the DNS of a domain controller in the domain being joined has failed. Ensure that this client is set to reach a DNS server that can resolve DNS names in the target domain. "Last year, I added two XP, a Windows 7 and another Vista box to the field.  I don't know why I can't add my new Windows Vista computer.

    I am able to get on the internet with the Vista PC. I can RDP to the domain controller (hqserver64) or any client. (using the name of host or static IP)  I can also do a ping of the domain controller (DC) or any another computer on my network using the host name.

    After initial search for information, I found the following error message when you do a nslookup from my new vista box.

    Nslookup mydomainname
    Server: hqserver64.mydomainname.net

    Address: 192.168.0.99

    hqserver64.mydomainname.NET cannot find mydomainname: Server failed.

    I do not understand why I suddenly get these error messages when I was able to reach this area in the past.

    Hello Stan Smith,

    Thank you for visiting the Microsoft answers community site. The question you have posted is related to Windows 7 in adomain of work environment and would be better suited to the TechNet community. Please visit the link below to find a community that will support what ask you

    http://social.technet.Microsoft.com/forums/en-us/w7itpronetworking/threads

    Hope this helps J

    Adam
    Microsoft Answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think

  • CUCM: Roles and permissions for Reset/restart of the phone or apply Config

    Can someone tell me what the authorization must be added to a role to allow a user to this role of restart/reset (or apply config - same thing really) a phone device?

    The popup once you press reset/retart or apply config shows just "user is not authorized to access this page."

    Thank you

    Ben.

    Hi Ben,

    What is your version CUCM? you use any custom for these end-users role which reset/restart?

    If so, please add privileges to read/set up-to-date for the resource ' Voice Mail pilot web pages "to the custom role and check.

    Please check this bug ID: CSCug29903

  • Cannot add text to additional images on the second page of brochure

    Greetings,

    I want to explain it, so there are many understand the problem that I have in InDesign CC.  I created a tabloid size for a company brochure.  The outside cover works perfectly, I can add multiple blocks of text and add text to all created frames.

    Now when I go inside the cover of this brochure, I can add text for the first block of text that was created without any problem.  When I create subsequent text frames, I can't have a fast blinking cursor inside one of the frames.  The slider appears across the page in the upper left corner of the booklet, instead of the image.  This happens for all the images I create after the first picture on this page.  I select the text layer and the image appropriate, then I go to the text tool and try to place the cursor inside the frame, and the text tool will not active there.  All text created will begin appearing in the upper left corner of the booklet where is the blinking cursor!  If I delete the first block of text on the inside cover, and then create all new text frames; I can't add text to one of the new executives either.  It almost as if text is limited to that very first image I created.

    Thank you

    Carl

    Good,

    I found a work around.  Honestly, I want that the Type tool to convert frames for text blocks.  This occurs on the outside cover, and not on the inside cover.  So what I've discovered, it was that the executives who were not automatically convert to text blocks, I could manually convert them by accessing the object > content > text.

    I have yet to understand why the Type tool will do it on a single page and not the other, but at least I can end this now!

    Thank you

    Carl

Maybe you are looking for