Error: "Login failed due to reason: USER_NOT_FOUND" after setting us Entra ID with 2 Factor Authentication
search cancel

Error: "Login failed due to reason: USER_NOT_FOUND" after setting us Entra ID with 2 Factor Authentication

book

Article ID: 430406

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Entra ID has been configured

  • The attributes have been configured per the attached PDF document in the following KB: Configuring Microsoft Entra ID for vCenter Server

  • After the above has been verified, the following errors are in the vCenter - /var/log/vmware/vc-ws1a-broker/federation-service.log

    2026-02-16T16:53:54,981 INFO  [VCENTER HOSTNAME]:federation (federation-business-pool-0) [CUSTOMER;-;###.###.###.###;999560b9-a0b6-4336-9d5a-da6aae752b75;-;da02a0f5-4a92-46a7-b0b3-7710db581b64] com.vmware.vidm.federation.login.processor.AuthResponseUserResolver - Fetching user for jit login context: ########-####-#####-####-########1b64 on attribute ExternalId=d6dc6caf-9f6a-4c92-adde-b369a78697b9, domains: [IDENTITY SOURCE DOMAIN] 
    2026-02-16T16:53:55,002 WARN  [VCENTER HOSTNAME]:federation (ForkJoinPool-2-worker-11) [CUSTOMER;-;###.###.###.###;999560b9-a0b6-4336-9d5a-da6aae752b75;-;da02a0f5-4a92-46a7-b0b3-7710db581b64] com.vmware.vidm.federation.login.processor.AuthResponseUserResolver - User fetching exception with nameId ########-####-####-####-########97b9, nameIdFormat ExternalId, and domains [IDENTITY SOURCE DOMAIN], user not found


Cause

In certain domain configurations it will be required for the vCenter service appliance to leave the active directory domain for Entra ID to work correctly.

Resolution

  1. Leave the active directory domain: Join or Leave an Active Directory Domain

  2. Try the authentication again through Entra
Powered by Wolken Software