vCenter

 View Only
  • 1.  domain user unable to login after integration of AD and vCenter

    Posted Jan 09, 2020 06:41 AM

    i'm using vSphere 6.7U3 in my lab environment and has created a windows AD to integrate with the vCenter,

    however, after i configured the following three settings, the AD domain user still can't login to the vCenter:

    1. join the vCenter to AD and reboot

    2. set the domain as default identity source

    3. set the roles and "VM user" global permission to the domain users

    4. verified that the AD server's time/time zone is same as vCenter appliance's time/time zone and has rebooted the VCSA

    i'm sure i typed in the correct domain user account name and password but can't access the vCenter client webpage.

    (this domain account is able to access servers and workstations which are controlled by AD domain, and the password is correct.)

    by the way, i followed the instructions in this link to check the problem in vCSA but i couldn't figure out and doubt whether this is necessary to troubleshoot my case or not.

    can anyone help?



  • 2.  RE: domain user unable to login after integration of AD and vCenter

    Posted Jan 16, 2020 08:54 PM

    Hi,

    If you haven't already fixed it, I suggest you call vmware support. if you give them access, they connect and make all the necessary checks.

    ARomeo

    P.S. If you have already solved if you can enter the resolution in the post. Thank you.



  • 3.  RE: domain user unable to login after integration of AD and vCenter

    Posted Jan 19, 2020 02:49 PM

    Hi, I met same problem for VCSA 6.7U3b. After reinstall with VSCA 6.7U3a, everything is OK.

    Hope this is helpful.



  • 4.  RE: domain user unable to login after integration of AD and vCenter
    Best Answer

    Posted Jan 21, 2020 07:13 AM

    i believe i just solved it.

    after some tries i found that before the deployment of vCenter server, the FQDN host record must be established in the DNS server; when deploying the vCenter server, the FQDN need to be set as the hostname otherwise there will be issues.

    finally, the "global permission" and "users and groups" must be configured for the domain users so that they can login.