"Invalid Credentials" error while logging into VC using AD credentials
search cancel

"Invalid Credentials" error while logging into VC using AD credentials

book

Article ID: 407574

calendar_today

Updated On:

Products

VMware vCenter Server VMware vCenter Server 8.0

Issue/Introduction

Facing error : 'Invalid Credential'

VC added to Domain and LDAP also configured and due to which there could be intermittent issue to login in VC with AD LDAP user.

Even after removing the the LDAP unable to login with IWA user.

Websso.log :

GMT\",\"description\":\"User covmw-ent06ecorp.target.com@#.#.#.# failed to log in with response code 401\"
,\"eventSeverity\":\"INFO\",\"type\":\"com.vmware.sso.LoginFailure\"}


rovider.activedirectory. ActiveDirectoryProvider]
2025-07-16T09:26:08.765Z ERROR websso[40:tomcat-http -- 2] [CorId=e6a37a5d-4650-4fd2-9514-47e445f2fcd3] [com.vmware. identity.idm.server.ServerUtils] Exception 'com. vmwa
re. identity. idm. IDMLoginException: Native platform error [code: 851968][null][null]'
com.vmware. identity. idm. IDMLoginException: Native platform error [code: 851968][null][null]
at com.vmware. identity. idm. server. IdentityManager.authenticate(IdentityManager. java:3244) ~[libvmware-identity-idm-server. jar :? ]
at com.vmware. identity.idm. server. IdentityManager.authenticate(IdentityManager.java:10530) [libvmware-identity-idm-server. jar :? ]
at com.vmware. identity.idm. client. CasIdmClient.authenticate(CasIdmClient. java:1303) [libvmware-identity-idm-client. jar :? ]
at com.vmware. identity.samlservice. impl. CasIdmAccessor.authenticate(CasIdmAccessor. java:470) [libwebsso, jar :? ]
at com. vmware. identity. samlservice. impl. AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter. java:95) [lib

Environment

VMware vCenter Server 7.0VMware vCenter Server 8.0

Resolution

Note : Please take the snapshot/Backup of the VC before before start the activity.

Please follow the below POA once in order :

  • Run this command to disjoin the Appliance from the domain:

    /opt/likewise/bin/domainjoin-cli leave

 

  • Remove computer account of vc from AD

 

  • Reboot the VC.

 

  • Run this command to join the Appliance to the domain:

    /opt/likewise/bin/domainjoin-cli join domain.com Domain_Administrator Password

 

  • Run this command to query the domain join status of Appliance:

    /opt/likewise/bin/domainjoin-cli query

 

  • Run this command to restart the vCenter services or reboot the VCSA:

    service-control --stop --all
    service-control --start --all
Powered by Wolken Software