Symptom

Role-Admin Group is left blank when mapping multiple dcnm roles to different AD Groups. This is not intuitive and no configuration example indicates that this is possible.

Conditions

Mapping dcnm roles to multiple ad groups is not intuitive.

Workaround

Example: AD Group - DCNM Role dcnm - network-admin dcnm-operators - network-operator Current way to accomplish multiple role to different AD group. Host: ds.cisco.com Port: 389 [ ] SSL Enabled Base DN: DC=cisco,DC=com Filter: CN=$userid,OU=Employees,OU=Cisco Users Determine Role By: [ ] Attribute [x] Admin Group Map Role Admin Group: Map To DCNM Role: dcnm:network-admin;dcnm-operators:network-operator Suggested change: Host: ds.cisco.com Port: 389 [ ] SSL Enabled Base DN: DC=cisco,DC=com Filter: CN=$userid,OU=Employees,OU=Cisco Users Determine Role By: [ ] Attribute [x] Admin Group Map Map To DCNM Role: dcnm:network-admin;dcnm-operators:network-operator If single map: Host: ds.cisco.com Port: 389 [ ] SSL Enabled Base DN: DC=cisco,DC=com Filter: CN=$userid,OU=Employees,OU=Cisco Users Determine Role By: [ ] Attribute [x] Admin Group Map Map To DCNM Role: dcnm:network-admin

Further Problem Description