VMware vCenter Server 4.x/5.x login fails with the error: A general system error occurred: Authorize Exception
Article ID: 341623
Updated On:
Products
Issue/Introduction
- You are unable to log in to VMware vCenter Server, even though vCenter Server services are running
- You were previously able to log in to vCenter Server, but are no longer able to.
- A local admin account can log in, though domain users cannot.
- You see the error:
A general system error occurred: Authorize Exception
Environment
VMware VirtualCenter 1.3.x
VMware vCenter Server 5.5.x
VMware VirtualCenter 1.1.x
VMware VirtualCenter 2.0.x
VMware vCenter Server 4.0.x
VMware vCenter Server 5.0.x
VMware vCenter Server 5.1.x
VMware VirtualCenter 1.4.x
VMware VirtualCenter 1.2.x
VMware VirtualCenter 2.5.x
VMware VirtualCenter 1.0.x
Cause
- vCenter Single Sign-On Identity Source is not configured correctly.
Note: Applicable only to vSphere 5.1 and vSphere 5.5.
- vCenter Server is disconnected from the Active Directory (AD) domain controller.
- vCenter Server is unable to resolve its DNS.
Resolution
vCenter Single Sign-On Identity Source
Lost connectivity to the AD domain controller
To confirm that vCenter Server has lost its link to the AD domain controller, review the local Administrators group on the vCenter Server host and ensure that your domain administrator AD group was added. If the Security ID (SID) is displayed and not the group name, this can indicate that vCenter Server has lost its link to the domain controller.
To resolve this issue, remove vCenter Server from the Active Directory domain and re-add it.
Note: Before removing the vCenter Server from the domain, ensure that the local admin user has administrator rights to the vCenter Server, as this removes all domain rights. You may also want to document all domain rights so you can re-apply them after you rejoin the domain. As a best practice, take a backup of the vCenter Server database prior to removing the domain.
VMware vCenter Server permissions are removed for domain users when vCenter Server is removed from the domain and re-added. To prevent permissions from being removed:
- Stop the VMware VirtualCenter Server service. For more information, see Stopping, starting, or restarting vCenter services (1003895).
- In services.msc, set the Startup type to Disabled.
- Remove the vCenter Server from the domain.
- Reboot vCenter Server.
- Verify that the VMware VirtualCenter Server service is stopped.
- Add vCenter Server back into the domain.
- Restart vCenter Server.
- Set the Startup type of the VMware VirtualCenter Server service to Automatic (Delayed) or Automatic (Delayed Start).
Note: Doing this allows time for the SQL service start up. It may be necessary to restart all vCenter Server services except Single Sign On.
- Restart the VMware VirtualCenter Server service. For more information, see Stopping, starting, or restarting vCenter services (1003895).
DNS resolution
Additional Information
How to stop, start, or restart vCenter Server services
After making a change or restarting vCenter Single Sign-On server system, vCenter Server 5.1.x fails to start
vCenter Single Sign-On does not auto-discover trusted domains if domains are added manually
Configuring a vCenter Single Sign-On 5.1 Identity Source using LDAP with SSL (LDAPS)
VMware vCenter Server 4.x/5.x ログインが次のエラーで失敗する: A general system error occurred: Authorize Exception
VMware vCenter Server 4.x/5.x 登录失败并显示错误:出现常规系统错误: 授权异常
Feedback
