Hi,
i have vCenter 6.0 with last update U2.
The vcenter is joined in active directory, but i cannot login with domain\user, so i try delete identity (active directory) and add it again, after when i added identity i add user from domain to administrator group (perrmissions) but situation is same.. Cannot login, but password is 100% correct.
So i try leave AD, but i have error message:
The "Leave active directory" operation failed for the entity with the following error message.
Restart vCenter - same situation
Any advice please ???
THX !
so i resloved the problem. use: Active Directory as an LDAP Server
Hi Tom,
When you add your AD identity source you've added as an Active Directory (integrated Windows Authentication) ?
Domain name : yourdomain.net
Use Machine account is checked?
If so then you are done. I think the next part is where you may be having the real issue. How exactly are you assigning users to login? To assign a user or group Administrative permissions inside vCenter please perform/review the following steps:
1. Login with administrator@vsphere.local (for this example we will use the web client)
2. Select the vCenter server host name (this is the top level object where we will set permissions. You can get granular as each object has permissions/inheritance. For this we will keep it simple and assign full access.
3. With your hostname selected in the left pane - vcenter.domain.net - > click into the middle pane - Manage -> Permissions -> Plus sign
4. Click Add -> Select your DOMAIN from the list -> search for a user or group and add them. Click OK
5. Make sure the right side - Assigned role is set to administrator and Click OK.
Attempt to login with the account(s) you've added to that list.
Let me know the results or if you have questions!
-Brian
Hi,
1. logged with administrator@vsphere.local in Web Client
2.added Active Directory (integrated Windows Authentication)
3. domain name and use machine account is checked.
4. global permissions >Add > domain (domain.internal) > select user "kalabis" > assigned role > administrator > ok
same problem: Cannot complete login due to an inccorrect user or password - but password is 100% correct !!!
so i resloved the problem. use: Active Directory as an LDAP Server
Technically, you AVOIDED the problem you didn't solve it