This is a bit of strange issue which came after the vSphere 6.5 VCSA migration from Windows based vCenter server 5.5 and 6.0 versions. First of all I’d like to mention that we have tested this migration under couple of scenarios in many times in our test environment and we did not encounter similar issue in one of the tests. So, we were fully confident with the upgrade and we started this in our Production environment.
In this issue I’m not quite sure whether this is any environment specific issue or not because I was not able to find any online articles on the internet. Also, the opened support request with VMware BCS support is still open. The bad side of this issue is sometimes we lost entire permissions levels and we could not see any added permissions after the completion of the migration, but in some cases we could see the permission but those permissions were not working so we had to re-add them to get the access.
Also, VMware confirmed that there is no other way to restore the permission other than re-add them in the new vCenter server appliance. But, after doing couple of tests we were able to find a work around for this and I’m happy to confirm that this method is now working without issues. Anyone who knows any other method to restore the permissions or any other work around please let me know.
First step was configure existing Active Directory as a LDAP Server Identity Source while we keeping the Active Directory Integrated Identity Source before we start the Migration
Then remove the Active Directory Integrated Identity Source and test the user access. Start the Migration
Once the migration was completed identity sources was similar to this and set the created LDAP identity source as the default identity source
We had to remove the Local Identity source to avoid some connectivity issues and login latency for users.
Once we done these changes migration worked perfectly and we didn’t see any issues after that.
If you found this post as useful please rate the post and share it!