Tenable's scan of an ESXi host under vCenter Server management indicates a "No" for credential check. This signifies an unauthenticated scan, meaning the scan is performed without verified credentials.

VMware vCenter Server 6.x
VMware vCenter Server 7.x
VMware vCenter Server 8.x

When Tenable runs a scan on an ESXi host managed by vCenter Server, the scan report indicates an unauthenticated scan because the Credential Check status is marked as "No."

This issue occurs because vCenter is attempting to query the AD account/user on the LocalOS, which is set as the default in the Identity Provider. Since the account is not part of the local domain, vCenter identifies it as an invalid user, causing the scan report to show the Credential Check as "No."

In /var/log/vmware/sso/vmware-identity-sts.log

YYYY-MM-DDTHH:MM:SS INFO sts[71:tomcat-http--37] [CorId=########-####-####-####-############] [com.vmware.identity.interop.ossam.LinuxNativeAuthDbAdapter] Authenticating user [username]
YYYY-MM-DDTHH:MM:SS ERROR sts[71:tomcat-http--37] [CorId=########-####-####-####-############] [com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [username] for tenant [domain.local]
javax.security.auth.login.LoginException: User not found
        at com.vmware.identity.idm.server.provider.localos.LocalOsIdentityProvider.authenticate(LocalOsIdentityProvider.java:143) ~[vmware-identity-idm-server-7.0.0.jar:?]
        at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:3121) [vmware-identity-idm-server-7.0.0.jar:?]
        at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:10236) [vmware-identity-idm-server-7.0.0.jar:?]
        at com.vmware.identity.idm.client.CasIdmClient.authenticate(CasIdmClient.java:1302) [vmware-identity-idm-client-7.0.0.jar:?]
        at com.vmware.identity.sts.idm.impl.AuthenticatorImpl.authenticate(AuthenticatorImpl.java:91) [sts-7.0.0.jar:?]
        at com.vmware.identity.sts.auth.impl.UNTAuthenticator.authenticate(UNTAuthenticator.java:89) [sts-7.0.0.jar:?]
        at com.vmware.identity.sts.auth.impl.CompositeAuthenticator.authenticate(CompositeAuthenticator.java:54) [sts-7.0.0.jar:?]
        at com.vmware.identity.sts.auth.impl.CompositeAuthenticatorPerformanceDecorator$1.call(CompositeAuthenticatorPerformanceDecorator.java:68) [sts-7.0.0.jar:?]
        at com.vmware.identity.sts.auth.impl.CompositeAuthenticatorPerformanceDecorator$1.call(CompositeAuthenticatorPerformanceDecorator.java:65) [sts-7.0.0.jar:?]
        at com.vmware.identity.performanceSupport.PerformanceDecorator.exec(PerformanceDecorator.java:54) [vmware-identity-idm-interface-7.0.0.jar:?]
        at com.vmware.identity.sts.auth.impl.CompositeAuthenticatorPerformanceDecorator.authenticate(CompositeAuthenticatorPerformanceDecorator.java:65) [sts-7.0.0.jar:?]


YYYY-MM-DDTHH:MM:SS ERROR sts[71:tomcat-http--37] [CorId=########-####-####-####-############] [com.vmware.identity.idm.server.IdentityManager] Failed to checkUserAccountFlags principal [username] for tenant [domain.local]
YYYY-MM-DDTHH:MM:SS INFO sts[71:tomcat-http--37] [CorId=########-####-####-####-############] [com.vmware.identity.diagnostics.VmEventAppender] EventLog: source=[VMware Identity Server], tenant=[domain.local], eventid=[USER_NAME_PWD_AUTH_FAILED], level=[ERROR], category=[VMEVENT_CATEGORY_STS], text=[Failed to authenticate principal [username]. User not found], detailText=[User not found], corelationId=[########-####-####-####-############], timestamp=[1738770741356]
YYYY-MM-DDTHH:MM:SS ERROR sts[71:tomcat-http--37] [CorId=########-####-####-####-############] [com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [username]. User not found
javax.security.auth.login.LoginException: User not found
        at com.vmware.identity.idm.server.provider.localos.LocalOsIdentityProvider.authenticate(LocalOsIdentityProvider.java:143) ~[vmware-identity-idm-server-7.0.0.jar:?]

Set the Identity Provider (IWA, LDAP or LDAPs) to "Set as Default" to resolve this issue