Cannot perform tasks requiring directory search after adding an OpenLDAP directory as an Identity Source in vCenter Single Sign-On
Article ID: 307575
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
After adding an OpenLDAP directory as an Identity Source in vCenter Single Sign-On (SSO), you experience these symptoms:
After adding an OpenLDAP directory as an Identity Source in vCenter Single Sign-On (SSO), you experience these symptoms:
- You experience difficulties searching for Users, Groups, or both when adding permissions or other tasks that require a directory search
- You are unable to log in to the vSphere Client or vSphere Web Client
- Logging in to the vSphere Client or vSphere Web Client fails with the error:
Invalid username or password.
Environment
VMware vCenter Server 5.1.x
VMware vCenter Server 5.5.x
VMware vCenter Server 5.5.x
Resolution
When configuring OpenLDAP as an identity source, there are specific OpenLDAP schema requirements for SSO to validate these credentials. Ensure that your OpenLDAP Directory Service meet these requirements.
For more information, see OpenLDAP schemas supported in VMware vCenter Single Sign-On (2064977).
Additional Information
For more information, see:
- Definition of the inetOrgPerson LDAP Object Class
- Lightweight Directory Access Protocol (LDAP): Schema for User Applications
Note: The preceding links were correct as of January 18, 2013. If you find a link is broken, provide feedback and a VMware employee will update the link.
Single Sign-On (SSO) Open LDAP authentication fails with the error: Parsing Subject FailedOpenLDAP schemas supported in VMware vCenter Single Sign-On
Feedback
Yes
No
Powered by
