[VMC on AWS] vCenter login issues with AD users
search cancel

[VMC on AWS] vCenter login issues with AD users

book

Article ID: 329623

calendar_today

Updated On:

Products

VMware Cloud on AWS

Issue/Introduction

To clarify why certain AD users are unable to log into Cloud vCenter after entering their credentials.

Symptoms:
Customers may experience a blank screen or unresponsiveness when attempting to log in to Cloud vCenter as an AD user. The browser may load for a few minutes and hangs, then results in a blank screen.

Cause

This can be caused when AD authentication takes a very long time searching the nested groups recursively in the OnPrem AD server, causing the token acquisition to time out after a certain amount of time for the user.

Resolution

Customers will need to verify and compare the nested group memberships of the individual users in the OnPrem AD server. It is recommended to reduce the nested groups associated with the user or alternatively create a separate set of users on the AD server with minimal nested groups to enable faster authentication and login. 

Workaround:
Login using [email protected].

Additional Information

Impact/Risks:
This is expected behavior and customers will be not be able to login to Cloud vCenter with their AD user as the timeout value cannot be increased.