To resolve this issue in vCenter Server Appliance 5.5, use only the Use SPN option.
For more information on setting up an SPN, see
Creating and using a Service Principal Account in vCenter Single Sign-On 5.5 (2058298).
To resolve this issue in vCenter Server 5.5 installed on Window Server, join your Windows server running vCenter Server to the domain and then add the Active Directory (Integrated Windows Authentication) identity source to SSO:
Note: If vCenter Server and SSO are installed in separate systems per a custom install, join both systems to the domain.
- Join your Microsoft Windows server running vCenter Server to the domain. For more information, see the Microsoft TechNet article How to Join Your Computer to a Domain.
Note: The preceding link was correct as of September 19, 2013. If you find the link is broken, provide feedback and a VMware employee will update the link.
- Reboot the server for the changes to take affect.
- After the system is up and the services are started, add the Active Directory (Integrated Windows Authentication) identity source to SSO.
To add the Active Directory (Integrated Windows Authentication) identity source to SSO:
-
- Log into the vSphere Web Client as the SSO administrator, [email protected].
- Click Administration.
- If closed, expand Single Sign-On by clicking on the arrow to the left.
- Click Configuration.
- Click the Identity Sources tab.
- Click the Add Identity Source icon (
) under the options menu. - Select the Active Directory (Integrated Windows Authentication) option.
Note: If the Domain name field is not automatically propagated with the proper Windows DNS domain, enter the proper DNS domain.
- Select User machine account and click OK.
After the Active Directory identity source is configured, users from that domain can be added to vCenter Server.