To replace the Workspace ONE Access authentication provider with Active Directory over LDAP in NSX Manager, you must remove the existing Active Directory security group assignments before adding them again using the Active Directory over LDAP authentication provider.
UI Procedure
- Log in to NSX Local Manager for the management domain at https://<management_domain_nsx_local_manager_fqdn>/login.jsp?local=true as admin.
- On the main navigation bar, click System.
-
In the left pane, click
. -
Click on ellipsis for the Group or User group name and select Delete.
-
Repeat the procedure for each NSX Local Manager in each workload domain.
-
Repeat the procedure for the NSX Global Managers of the management domain and each workload domain.
PowerShell Procedure
-
Start PowerShell.
-
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-m01-nsx01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-m01" $nsxEnterpriseAdminGroup = "[email protected]" $nsxNetworkEngineerGroup = "[email protected]" $nsxAuditorGroup = "[email protected]"
-
Perform the configuration by running the command in the PowerShell console.
Undo-NsxtVidmRole -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -principal $nsxEnterpriseAdminGroup Undo-NsxtVidmRole -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -principal $nsxNetworkEngineerGroup Undo-NsxtVidmRole -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -principal $nsxAuditorGroup
- Repeat the procedure for each NSX Local Manager in each workload domain.
- Repeat the procedure for the NSX Global Managers of the management domain and each workload domain.