This is a design constraint. vCenter Server relies on the MS authentication model and ADS behaviour.
To add the impacted users to the Log on as a batch job local policy:
- Click Start > Run, type gpedit.msc, and click OK.
- Click Computer Configuration.
- Double-click Windows Settings.
- Double-click Security Settings.
- Double-click Local Policies.
- Double-click User rights Assignment.
- Right-click Log on as a batch job and choose Properties
- Click Add User or Group to add the user.
- For changes to take effect, you need to update the group policy.
- Click Start > Run, type cmd, and click OK.
- Run the command:
gpupdate
The impacted users who are not members of the Local Administrators group should be able to view the inventory of all vCenter Servers that are part of the same linked mode group.
- If the changes are not picked up and the issue persists, run this command:
gpupdate /force
- If the issue persists, follow steps 1-10 to add Anonymous in the logon batch job.
- If these steps do not resolve the issue, contact an Active Directory Administrator or Microsoft for further assistance.