"Login failed due to invalid credentials" error in VCF Linked Mode
Article ID: 429269
Updated On:
Products
VMware vCenter Server
VMware Cloud Foundation
Issue/Introduction
- When logging into a VCF Linked Mode vCenter Server, administrators may see a banner stating: "Login failed due to invalid credentials for one or more vCenter Server systems."
- While the local vCenter inventory loads successfully, linked vCenter Server inventories fail to display.
Environment
VMware Cloud Foundation 9.x
Cause
- Local user accounts: - This is Expected Behavior. Local accounts (e.g., local OS users or unique local SSO users) do not have a valid security token that can be validated by peer vCenters in the federation. The remote vCenters reject the session, triggering the error.
- VCF SSO user accounts: - If VCF SSO is configured from VCF Operations for the affected vCenter, this issue may be observed when individual vCenter has not been logged into with the VCF SSO configured user account because the VCF SSO user provisioning on vCenter happens on the first login. This issue will be addressed in VCF 9.1
Resolution
- Local user accounts: This is expected behavior for local accounts in a Linked Mode environment. To resolve the error and view the inventory of all linked vCenter Servers: - Log out of the vSphere Client. - Log in using a VCF SSO / Directory User account (e.g., Active Directory User or the Global SSO Administrator) that has permissions assigned across the Global Permissions or specifically on all linked vCenter Server instances.
- VCF SSO user accounts:
- If you are already using VCF SSO user accounts and still not able to see other linked vCenters' inventories, then login with the affected VCF SSO user-account to every impacted vCenter in the linked group. (This activity will be required to be performed only once per VCF SSO user).
- If the issue persists, please follow KB422644 to reset the linking configuration.
Feedback
Yes
No
Powered by
