Error: "vCenter Single Sign-On server failed to connect to or failed to authenticate to the service at the specified URL"
search cancel

Error: "vCenter Single Sign-On server failed to connect to or failed to authenticate to the service at the specified URL"

book

Article ID: 315248

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • WebClient shows below error message when tries to edit the Identity Source configuration
    The vCenter Single Sign-On server failed to connect to or failed to authenticate to the service at the specified URL
  • Unable to edit an LDAP identity source with a primary and secondary LDAP server configured when the primary LDAP server goes offline (is down)
  • WebClient log will show below error message:
    [YYYY-MM-DDTHH:MM:SS] [ERROR] http-bio-9090-exec-4171 70120929 100959 200696 com.vmware.vsphere.client.sso.admin.SsoMutationProvider apply(ManagedObjectReference, IdentitySourceSpec) com.vmware.vsphere.client.sso.admin.exception.SsoBackendException: The vCenter Single Sign-On server failed to connect to or failed to authenticate to the service at the specified URL
             at com.vmware.vsphere.client.sso.admin.exception.TypedExceptionTransformer.transform(TypedExceptionTransformer.java:102)
             at
    Log location:
    Windows vCenter Server - %ProgramData%\VMware\vCenterServer\logs\vsphere-client\logs\vsphere_client_virgo.log
    VCSA - /var/log/vmware/vsphere-client/logs/vsphere_client_virgo.log
  • Identity Manager log will show below error message:
    [YYYY-MM-DDTHH:MM:SS] vsphere.local 0b9776db-####-####-####-##########9a WARN ] [LdapErrorChecker] Error received by LDAP client: com.vmware.identity.interop.ldap.WinLdapClientLibrary, error code: 81
    [YYYY-MM-DDTHH:MM:SS] vsphere.local 0b9776db-####-####-####-##########9a ERROR] [WinLdapClientLibrary] Failed ldap_bind_s().
    com.vmware.identity.interop.ldap.ServerDownLdapException: Server Down
    LDAP error [code: 81]
            at com.vmware.identity.interop.ldap.LdapErrorChecker$43.RaiseLdapError(LdapErrorChecker.java:599)
            at com.vmware.identity.interop.ldap.LdapErrorChecker.CheckError(LdapErrorChecker.java:826)
            at com.vmware.identity.interop.ldap.WinLdapClientLibrary.CheckError(WinLdapClientLibrary.java:804)
            at com.vmware.identity.interop.ldap.WinLdapClientLibrary.ldap_bind_s(WinLdapClientLibrary.java:293)

    Log location:
    Windows vCenter Server - %ProgramData%\VMware\vCenterServer\logs\sso\vmware-sts-idmd.log
    VCSA - /var/log/vmware/sso/vmware-sts-idmd.log

Resolution

This issue is resolved in:

  • VMware vCenter Server 6.0 Update 3c
  • VMware vCenter Server 6.5 Update 1d.

Workaround:

Remove and re-add the Identity Source with correct URLs

  1. Login to Webclient
  2. Click on Home -> Administration
  3. Click on Configuration -> Identity Sources
  4. Select Identity Source and Click on Delete button
  5. Recreate the Identity Source with the correct LDAP Server information, follow VMware Doc Article in Related Information

Additional Information

Add a vCenter Single Sign-On Identity Source:

Powered by Wolken Software