The motive of this article is to provide a plan of action incase we want to find the activity of a domain user on vCenter 

VMware vCenter Server 8.0x

1. Find if the user is there in Users and Groups.
   • Log in with the vSphere Client to the vCenter Server.
   • Specify the user name and password for [email protected] or another member of the vCenter Single Sign-On Administrators group.
     If you specified a different domain during installation, log in as administrator@<domain>.
   • Navigate to the vCenter Single Sign-On user configuration UI.
     • From the Home menu, select Administration.
     • Under Single Sign On, click Users and Groups.
     • Find the domain the user is a part of from the domain drop-down menu.
   • For more information: Managing vCenter Single Sign-On Users and Groups
2. Check global permissions for any permissions assigned to this user.
   • Log in to the vCenter Server Web Client as an administrator.
   • Navigate to Administration > Users and Groups.
   • Click on Global Permissions.
   • Filter with the username to find if there is any global permission assigned
   • For more information: Understanding Authorization in vSphere
3. Find if the user has any active sessions on vCenter currently.
   
   • Log in to the vCenter Server Web Client as an administrator.
   • In inventory click on the vCenter
   • Navigate to Monitor>Task and Events > Sessions
   • Filter with the name of the user in the list
4. Verify though logs for any past login attempts
   • grep the username in the following logs:
     • grep "<username>" /var/log/vmware/sso/vmware-identity-sts*.log
     • grep "<username>" /var/log/vmware/vpxd/vpxd-profiler*.log