VMware Cloud Community
Tartassa62
Contributor
Contributor
‎06-23-2021 04:04 AM

After upgrade to VCSA 7.0.2b I get login failure using Active Directory Domain credentials

Hello guys ,

after upgrade vCenter from 6.7 to 7.0u2b , I 'm not able to loggin using AD credentials.

I have tried to do a lookup test to AD , and it respond correctly. Addin an user on AD domain , I see it on VCSA but i'm not able to login.

Any idea ?

Thanks.

Maurizio 

Reply
0 Kudos
6 Replies
TheSleepyAdmin
Enthusiast
Enthusiast
‎06-23-2021 05:12 AM

Hi Tartassa62 

Have you checked the SSO logs to see if there are any errors. The log should be under /var/log/vmware/sso/ on the appliance. I usually check vmware-identity-sts.log or websso.log to try find any logon errors. 

Reply
0 Kudos
sonisi
VMware Employee
VMware Employee
‎06-23-2021 07:00 AM

Hi Tartassa62, 
Can you try logging in with the domain name included(user@domain or DOMAIN\user) ?.

Reply
0 Kudos
Ank_S
Enthusiast
Enthusiast
‎06-23-2021 09:59 AM

Hello Maurizio,

 

1) Try to login with the local admin account and verify if the AD user has required permission to login to the vCenter.

    a) Select the vCenter object in the Inventory.
    b) Select the permission tab.
    c) Verify the user/group permission

 

2) Remove the user/group from the permissions tab on the vCenter and re-add it back again.

 

 

Reply
0 Kudos
jondercik2020
Contributor
Contributor
‎07-01-2021 09:53 AM

Is the VCSA domain joined? I believe that domain joining the VCSA was deprecated in 7.0.2 and you have to do LDAP(s).

Jim

Reply
0 Kudos
Tartassa62
Contributor
Contributor
‎07-05-2021 12:28 AM

Hello , 

I have solved the problem , by following this procedure :

  • Log in to the Platform Services Controller Appliance as root and activate the bash shell.
    2. Leave the domain by running the /opt/likewise/bin/domainjoin-cli leave command.
    3. Reboot the appliance.
    4. Delete the computer account on the Active Directory.
    5. Log in to the appliance again and enable the bash shell.
    6. Join to the domain by running the following command /opt/likewise/bin/domainjoin-cli join domain-name domain_admin_user
    for example: /opt/likewise/bin/domainjoin-cli join vmware.com administrator
    7. Reboot the appliance

Thanks for your answers.

Maurizio

 

Reply
0 Kudos
Adams875
Contributor
Contributor
‎07-05-2021 02:29 AM

VMware vCenter 7 memory requirements are slightly higher than the memory requirements for vCenter 6.7. For example, requirements for a tiny deployment size are 10 GB of memory for vCenter 6.7 and 12 GB for vCenter 7.

mypremiercreditcard
Reply
0 Kudos