I understand that the orginal identity source is automatically configured to use "Authentication type" reuse session. When I add additional identity sources it seems I need to use password.
Just trying to determine specfically what account is being used to browse the tree for the original identify source. I think I read somewhewre it uses the machine account but, I wanted to verify and perhaps get more detail on that specific process.
So not sure if its the admin account you used on first configuration of SSO
If you unsure of what the master password is for that account take a look at the link enclosed in the thread below
Did you see http://communities.vmware.com/message/2205417
Thanks for the links. I suspect it's the machine account that is used to create the initial AD identity source. I just haven't found documentation confirming it.
With respect to creating a 2nd Secure LDAP identity source, does anyone know if the certificate exported from the primary Domain Controller sufficient to cover the whole Domain (i.e. will the LDAPS identity source still function properly with the secondary Domain Controller while the primary is down).