Description of problem:
The group "Everyone" has been given the "UserRole" permissions so that they may log in and view the VM Pool. Users are not even able to log into the portal and are going the "User is not authorized" message preventing them from getting to the pool. Specifying individual AD users grants them access without issue.
Actual results:
User prevented from logging in
Expected results:
User can log in and launch VM from pool
Additional info:
This occurred to a 3.2 setup after upgrading from 3.1. Updating to 3.2.1 did not change anything.
Itamar,
The customer has responded with the following:
"Regarding the update from Itamar in the BZ, this is not accurate. There is no "Everyone" group in AD. Adding "Domain Users" also does not work, if that was his intention. It seems that AD groups are not being properly enumerated."
Could this be linked to bug 980521?
I'm pretty sure there is an everyone group in windows, but it has been a while and i may be confusing local server groups with AD ones.
domain users would have the same effect - yes.
and yes, seems like you should request 3.2.z for bug 980521.