Verify Authentication to NSX by Using an Active Directory User Account for Identity and Access Management for VMware Cloud Foundation

Verify that you can authenticate to NSX with a user account that is a member of an Active Directory security group.

Validate the integration with Active Directory and that you can authenticate in NSX Manager with an Active Directory user account assigned a NSX role. See Personas in Identity and Access Management for VMware Cloud Foundation and your VMware Cloud Foundation Planning and Preparation Workbook.

You perform this procedure for the following personas.


Persona	Component Role
Cloud Admin	Enterprise Admin
VI Admin	Network Engineer
Network Admin	Enterprise Admin
Auditor	Auditor


Expected Outcome
You can successfully log in to NSX Manager with an Active Directory user account with access based on a security group and you can perform tasks according to the expected privileges and permission scope.

Procedure

Log in to NSX Local Manager for the management domain at https://<management_domain_nsx_local_manager_fqdn>/admin with an Active Directory account assigned an NSX role.
Browse the user interface and verify that you can access all required menus based on the expected permissions for the role.
Repeat the procedure for all NSX Local Managers and NSX Global Managers for each workload domain type.

What to do next

If you encounter issues while performing this procedure, use the following troubleshooting tips:


Troubleshooting Tips
Ensure that there is network connectivity to the Active Directory domain infrastructure. Ensure that the NSX Manager integration with Active Directory is operational. Ensure that the user account is a member of the Active Directory security group with the assigned the role. Ensure that the Active Directory user account is an active account and is not locked.