florindespa
Enthusiast
Enthusiast

vCenter 6.0 WebClient- Invalid login when using "Use windows authentication"

Hi,

Maybe someone can help me. I'm having issues logging in with "Use Windows Authentication" in WebClient. Manually typing the password works.  Some information:

- vCenter 6.0 U3 on Windows 2008 R2 (Embedded PSC)

- The Client Integration plugin is loaded successfully in the browsers.

- Tested browsers - IE 11 & Chrome

- I'm trying from the vCenter itself , with the service account with which vCenter services run ( same domain )

- Being the same domain, Identity source is Active Directory ( Integrated Windows Authentication )

This situation happens on more vCenters 6.

Now comes the funny part - from another server ( an older Windows ( vCenter 5.5, but not important in this case )  , same domain , same Windows OS ) I've just installed the same Client Integration Plugin and I am able to connect to the remote vCenter 6 via Web Client with USe Windows Authentication .

  My only explanation is that there is a local policy /setting or something strictly related to the local OS that prevents this from working locally on the vCenter 6 servers, but I do not know exactly which one. I've compared with some tools the policies from the old vCenter 5.5 and the new vCenter 6.0 and could not find differences  .

Errors in the vmware-sts-idmd.log when I try to log in locally with Use Windows..:

[2018-05-11T21:01:55.715+02:00 vsphere.local        315d74c8-9f83-4539-aae8-9d7c9aade7eb INFO ] [VmEventAppender] EventLog: source=[VMware Identity Server], tenant=[vsphere.local], eventid=[GSS_AUTH_FAILED], level=[ERROR], category=[VMEVENT_CATEGORY_IDM], text=[Failed to authenticate gss token], detailText=[com.sun.jna.platform.win32.Win32Exception: The logon attempt failed

....................................................

], corelationId=[315d74c8-9f83-4539-aae8-9d7c9aade7eb], timestamp=[1526065315711]

[2018-05-11T21:01:55.716+02:00 vsphere.local        315d74c8-9f83-4539-aae8-9d7c9aade7eb ERROR] [IdentityManager] Failed to authenticate gss token

com.sun.jna.platform.win32.Win32Exception: The logon attempt failed

..............................................

[2018-05-11T21:01:55.717+02:00 vsphere.local        315d74c8-9f83-4539-aae8-9d7c9aade7eb ERROR] [IdentityManager] Failed to authenticate gss token for tenant [vsphere.local]

[2018-05-11T21:01:55.718+02:00 vsphere.local        315d74c8-9f83-4539-aae8-9d7c9aade7eb ERROR] [ServerUtils] Exception 'com.sun.jna.platform.win32.Win32Exception: The logon attempt failed'

com.sun.jna.platform.win32.Win32Exception: The logon attempt failed

........................................

I already have a VMware case on this.

Thank you.

0 Kudos
2 Replies
florindespa
Enthusiast
Enthusiast

Anyone, any hints or something ? Smiley Happy

0 Kudos
RajeevVCP4
Expert
Expert

This is not vmware issue , you required check your windows (security/system) logs

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you
0 Kudos