I just upgraded with success my VCSA from 6.5 to 6.7 by deploying a new VM, however I can no longer login with AD credentials.
I have set my domain as my default identity source in SSO, however when watching the log file in /var/log/vmware/sso/websso.log I keep seeing it try and send the authentication to vsphere.local and not to the domain I have setup.
This is the type of error I'm getting:
[2018-04-19T14:34:25.514Z tomcat-http--37 vsphere.local a93d47bb-2929-41b7-a65e-9362e78ae502 INFO com.vmware.identity.SsoController] Welcome to SP-initiated AuthnRequest handler! The client locale is en_US, tenant is vsphere.local
[2018-04-19T14:34:25.515Z tomcat-http--37 vsphere.local a93d47bb-2929-41b7-a65e-9362e78ae502 INFO com.vmware.identity.SsoController] Request URL is https://vcenter.local/websso/SAML2/SSO/vsphere.local
[2018-04-19T14:34:25.562Z tomcat-http--37 vsphere.local 8c41acae-ffc5-4afb-9c77-262d108d41ae INFO com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authn request proxyCount= null set isProxying=false
[2018-04-19T14:34:25.567Z tomcat-http--37 vsphere.local 8c41acae-ffc5-4afb-9c77-262d108d41ae INFO com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authentication request validation succeeded
[2018-04-19T14:34:25.610Z tomcat-http--37 vsphere.local 8c41acae-ffc5-4afb-9c77-262d108d41ae ERROR com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [mzac@domain.com] for tenant [vsphere.local]
Does anyone have a similar issue or know how I can fix this?
Thanks!