Symptoms:

• The RDS on VMware Installer was deployed and the installation was successfully initiated.
• The RDS Edge Router device displays the following VPN status on the console:
   
  Status: IKE SA authenticated; IPsec SA authenticated; VPN tunnel is up.
   
• The RDS Connector repeatedly deploys and is then destroyed.
• An Active Directory account was specified as the Administrator Username in the vCenter Configuration section of the web interface of the RDS on Vmware Installer.

VMware Database Management Essentials 1.x

During the deployment of RDS on VMware, additional SSO users are created based off of the SSO domain used for the Administrator Username in the vCenter Configuration section of the web interface of the RDS on Vmware Installer. If the SSO domain is from an Active Directory identity source, attempts to create accounts in this domain will fail and the configuration will not be completed.

This is a known limitation impacting VMware Database Management Essentials 1.0 and additional validation will be included in a future release to prevent this from occurring.

Workaround:
In order to successfully deploy RDS for VMware, create an administrator user account in an identity source that is local to the SSO instance with the appropriate permissions. Once that has been completed, restart the onboarding process and specify this account as the Administrator Username in the vCenter Configuration section of the web interface of the RDS on Vmware Installer.

For additional information regarding the required administrative privileges for onboarding RDS on VMware, please review the 'Complete the Prerequisites' section of the Amazon Relational Database Service on VMware User guide:

Getting Started with RDS on VMware

For details regarding user management in SSO, please refer to the following:

Managing vCenter Single Sign-On Users and Groups