vSphere 5.1 SSO and Cross-domain Authentication

Last week I was installing vSphere 5.1, which includes the SSO component in an environment with a Forest domain and many child domains. I noticed some very strange behavior when setting up permissions within vCenter when using universal security groups that existed at the forest root domain, but had members from child domains.

I submitted an SR to VMware and got notified today that they are looking into the issue with RSA and that a fix will be released at a later time. In the meanwhile, they have published a KB (within the last 30 days) describing the scenario and a work-around.

The knowledge base article is KB2037410. I believe a fix is being developed, but I can’t speak to it at this time.

Leave a Reply

Your email address will not be published. Required fields are marked *