I have configured the Authentication to IP Addresses, FQDN's and DOMAIN but all are still unacceptably slow.
For the Prism Role mapping, I have configured AD Groups and Single Users and the logon is still super slow.
There was a post about change recursive authentication to be off; however, there was no command string associated with NCLI.
Anyone experiencing this issue? Would like to know the best practice for configuration AD Authentication.
Thanks for any assistance...
Best answer by hatchda
NOTE: Do not use Nested AD Groups and only explicitly add the users to the AD Group you want grant User/Cluster/Read Roles to.
Configure Authentication Configuration:
Configure Role Mapping:
Remember you can only have one ROLE Type (Viewer/User Admin/Cluster Admin) per LDAP Type)
Execute the following command on a CVM:
ncli authconfig edit-directory name=NAME group-search-type=NON_RECURSIVE directory-type=ACTIVE_DIRECTORY connection-type=LDAP directory-url=ldap://TEST.org:389 domain=TEST.org