- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
vCenter 5.1.0b Use Windows session credentials - does not work
Hi,
since last night we have a vCenter problem in our environment. We use vCenter 5.1.0b with the new SSO Server for two trusted Active Directory Domains. The construction runs about 1,5 month without any problem. The vCenter is installed in Domain A. Since last night no user from domain B can use "Use Windows session credentials" to login. No changes were made in the last few days. If a user put in her loginname and password manual - he can login without any error. If an user want to login from domain A he can use the SSO option without any issue.
I checked VMware KB 2035510 but the update wizzard configured the SSO server correct.
We found no points for troubleshooting these problems. We found no warnings or errors in our Windows Server 2008R2. The SSO logs were fine.
Does anybody have an idea to troubleshot the problem.
Kind regards
derhoeppi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Although you mentioned the KB article, can you confirm the user configured for Domain B is not locked out and the password has not expired?
André
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
the user(s) in domain B are unlocked and the password is not expired. The problem has any user from domain B.
The viclient.log from the vSphere client is showing "Method Invocation Error Vmomi.SessionManager.LoginBySSPI - 5".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To clarify, I'm not talking about the users who try to logon, but the user you used to add the domain to SSO, which needs at least read access to the AD on Domain B. Although I can't tell you for sure what the error message you mentioned means, error 5 usually points to "access denied".
André
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
the problem is very strange. After one night the problem came to us and one night later the problem is solved without any doing. Very strange but we think it was a time synchronization problem. We have som time deviation about 30 seconds in our domain. We solve that problem and synchronize our systems but this problem doesn't solved our sso problem at this time.
This thread can be closed.
derhoeppi