Solved – vRealize Automation / vCloud Automation Center 6.x Fabric And Business Groups Will Not Allow Active Directory Groups To Be Assigned
Ever have one of those days? I have a customer who’s about to go into production with their vRealize Automation environment. He called this morning with the simplest of questions – “How do I add an AD group instead of a user in my Business Group roles”? After about a half hour of troubleshooting to no avail, I decided to escalate…to Google. Come to find out this is a known issue with vRA/vCAC 6.x. There are two or three posts out in the blogosphere that mention the issue, but there’s a pretty big omission in the workaround, which is the reason for this post. I don’t want anyone else to feel like the guy above after they waste a couple of hours like I did in figuring out how to implement this relatively simple fix.
Let me back up and show what I’m talking about:
Turns out the auto-complete for AD groups in both ‘Business Groups’ and ‘Fabric Groups’ does not work. This is a known bug in vRA/vCAC 6.x. The workaround simply states to “type the valid AD group name in it’s entirety and hit <ENTER>”.
Sounds simple enough, but that didn’t work either. “Loading” would appear for a few seconds then timeout and never drop the entry to the line below to show that it was accepted. I tried distinguished names, tried adjusting my AD search strings, created AD group names with no spaces, but never could get that slimy sucker to take.
UNTIL – I entered it into the line below the search field directly and hit ENTER.
This worked! And after an additional bit of testing I found that it does do a validation check against AD (fictitious group caused an error). You’ll see in the graphic above it’ll take spaces in the group name as well.
I can’t comment on the validity of this post outside of vRealize Automation v6.1.0 build 2041200, but this was a frustrating one that had a very simple resolution that left me with an “L” on my forehead.