• VMware Identity Manager (vIDM) is configured in NSX.
• NSX shows the local log in page instead of the vIDM log in page.
  NSX local log in page: https://<NSX_Manager_or_VIP>/login.jsp?local=true
• It is not possible to limit what accounts can utilize the NSX manager local interface...i.e. limit only local accounts to that interface and restrict all others (directory services, etc...)
• Entering vIDM credentials in the NSX local log in allows the user to authenticate.
• If MFA is configured in vIDM, using the local log in doesn't fulfil the MFA requirement.

• VMware NSX
• VMware NSX-T Data Center

Authenticating with vIDM credentials using the local log in page validates the credentials in vIDM. However, MFA requirements are not fulfilled, if configured.

Since NSX 4.2.1, the default log in page shown is the local log in page, even if vIDM is configured.

The local login page can be accessed in earlier versions of VMware NSX and VMware NSX-T Data Center by manually typing it in.

This is a known issue impacting VMware NSX.

This issue is resolved in VMware VCF/NSX 9.0.

Workaround:

It is recommended that users with vIDM credentials click on the link "Sign in with VIDM" before authenticating.

Logging in to NSX Manager