Cannot login user Domain\Account@IPAddress: no permission
Permissions assigned at the vCenter host level do not allow for ESXi Host Client login. vCenter permissions only apply to vCenter and not direct to host.
Active Directory permissions need to be assigned by logging in as root to the host and adding permissions on a per host basis for a user or group.
Assign permissions at the host level for an ESXi host joined to an Active Directory Domain.
https://<ESXiHostname>/ui
Add user for Host
", enter the User or Group like DOMAIN\UserID or GroupID

Administrator
and check box to "Add as group
" if the ID is a group.