When attempting to change a user's password using the vSphere Client, the operation fails and an error is displayed.

Specifically, one of the following error messages is shown, depending on the method used for the password change:

1. When a user attempts to change their own password:
   After logging in with the domain user and selecting "Change Password" from the user menu, the following error is displayed:
   
   "Either no system domain user with the specified name exists, or the given password is not correct."
   
   
2. When an administrator attempts to change another user's password:
   After logging in as the SSO administrator (e.g., [email protected]), navigating to Administration > Single Sign-On > Users and Groups, and attempting to edit (change the password for) the target user, the following error is displayed:
   
   "No principal with specified name exists."

VMware vCenter Server

This issue occurs because the target user account belongs to an external Identity Source (such as Active Directory or OpenLDAP) rather than the vCenter Single Sign-On (SSO) local domain (e.g., vsphere.local).

This behavior is expected.

The vSphere Client is designed only to manage passwords for users residing in the vCenter Single Sign-On local domain. It does not have the capability to modify passwords for users belonging to external directory services.

To change the password for a user belonging to an external domain (e.g., Active Directory), you must not use the vSphere Client.

Instead, use the native password management methods provided by the external directory service (e.g., Active Directory Users and Computers, or the operating system's password change utility).