Authenticating with Single Sign On using the vSphere Web Client fails with the error: Invalid user credentials provided.
search cancel

Authenticating with Single Sign On using the vSphere Web Client fails with the error: Invalid user credentials provided.

book

Article ID: 305828

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:

  • You are unable to authenticate with Single Sign On (SSO) using the vSphere Web Client
  • The vSphere Web Client reports the error:

    Invalid User credentials provided

  • Other users are able to log in successfully
  • You see the error:

    Cannot complete login due to an incorrect user name or password

  • At the time of the attempted log in, the imsTrace.log file reports an error similar to:

    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: ########, problem 2001 (NO_OBJECT), data 0, best match of:

    'OU=Users,DC=domain,DC=local'



Environment

VMware vCenter Server 5.1.x

Cause

This issue occurs when SSO queries Active Directory and is unable to find the user account that was specified.

Resolution

To resolve this issue, the Identity Source must be configured to read the user account from Active Directory.
 
To configure the Identity Source:
  1. Log in to the vSphere Web Client as admin@System-Domain.
  2. In the left pane, click Administration.
  3. Click Configuration under Sign-On and Discovery.
  4. Select the Identity Source configured for your domain.
  5. Update the Base DN for Users and Base DN for groups to a location where the domain user accounts exist.
Note: You may also specify the entire domain. For a domain such as example.com, this appears as DC=example,DC=com.



Powered by Wolken Software