Hi,
i have a strange behavior of vCAC 6.0.1 with entitlements. If i add only AD groups to an entitlement, the related catalog item will not show in the catalog. If i add a user direct to the entitlement it works. The user is member of the group.
To say it short. Groups doesn't work in entitlement - Users works fine.
This problem is not about searching! I know there is a known bug. I can search the ad groups in entitlement, because the ad groups are part of business groups, but it has no effect for the catalog.
Environment is vCAC 6.0.1 with vCAC Identity Appl. , Windows 2012 for IaaS, Windows 2012 R2 AD (Domain is also 2012 R2 !!!).
I found one error in log at the identity appliance, but i'm not sure if this is related:
com.vmware.identity.idm.InvalidPrincipalException: Group [svc-vmware-CC01] could not be found for tenant [vbc]
at com.vmware.identity.idm.server.IdentityManager.findGroup(IdentityManager.java:3241)
at com.vmware.identity.idm.server.IdentityManager.findGroup(IdentityManager.java:8836)
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
at sun.rmi.transport.Transport$1.run(Unknown Source)
at sun.rmi.transport.Transport$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
also strange is that "svc-vmware-CC01" is a user and not a group.
Thanks.
Kai