I had a similar problem.

A and PTR records are fine.

I found if I used the netbios name instead of the FQDN I was able to use my session credentials.

If I used FQDN I had to type in my credentials.

Thanks for the reply

I have tried the following:

hostname.example.com

hostname

IP Address

None of these have produced a successful login for some reason.

Did you try this? kb.vmware.com/kb/1029531 

Yeah: A-Record and PTR were set like the article suggested but none of them could solve my problem.

I suppose you didn't understand the problem correctly...

Everybody here can login into ESX by entering manually the Domain\username and the password. The problem is that we want to login by using the checkbox "use windows session credentials" which fails all the time!

Everybody here created a A record to resolve the hostname and a PTR record to resolv the IP like this kb article is proposing (kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1029531) but the login with the windows session credentials is still not working!

No, I gave up.

I have an alias in the start menu which provides the username as domain\username when I activate the sphere client (saves a little typing). And the domain authentication does, in fact, work; but I gave up on "use Windows Session Credentials."

I have a sneaking suspicion that it might work when I bring a working vSphere server into the mix. But currently all we have is the Client and ESXi.

Don't know if anyone is still having this issue, but here is my scenario, and what I found...

I have my ESXi machine joined to my domain: DOMAINA.COM

Domain A has a trust with Domain B, Domain C and Domain D

I can log into the ESXi box manually with any credentials from any of those domains

When I run the client as a user from DOMAIN A, the checkbox works just fine.

If I run it as a user from any of the other 3 domains, it fails.

So, I think it is something to do with the way that the domain trust works, and how the credentials are passed into the client login screen.

Hope this helps someone...

JP

Hi V,

Your issue solved the Problem! Thank you for the great work!

Greetings from Vienna, Werner

This is on ESXi 5.0, connecting from a Windows 7 client

I followed your tip to set the domain name before (re-)joining the domain, but it still doesn't work for me

I tried the FQDN (something like 'mydomain.local'), as well as the old netbios domain name (MYDOMAIN).

A and PTR records of the ESXi host both exist, and it is a member of the same domain as the win7 box.

I can log in by entering domain\username and password, but the "Use Windows session credentials" checkbox doesn't work (using the same domain account).

I do get the error message as in the KB article (the one that lists the cause as the missing PTR record): "VpxClient.SSPI.SSPIException: InitializeSecurityContext failed.. Error Code = '80090303'."

Something else I discovered: I have to add the AD user accounts directly in 'permissions' on EXSI.  The 'esx admins' group exists, but adding a user account to that group in the domain isn't enough, the account still cannot log on.  It seems to connect initally, but it hangs and times out at "loading inventory".

The error message that is given at the end isn't always the same: usually it is "the connection to the ESXi host was lost while (...)", but I've also seen something about the session having become invalid (don't remember the exact wording of either message).

After adding the user account straight instead of via a group, that problem disappeared.

I was having the same issue, I was able to solve it by enabling scratch config in advanced settings of vsphere client.

Good luck!

I am away on vacation and will be returning Tuesday June 12th. I will have limited access to phone and email.

Sehr geehrte Absender, ich bin derzeit nicht im Büro. In dringenden Fällen wenden Sie sich bitte an office@oberlaa-wien.at. Danke.

Mit süßen Grüßen

Ing. Werner Bodansky

Informationstechnik und Brandschutz