Hi all,
I need some help on setup new vcenter 5.5. I'm able to login with administrator@vsphere.local. I'd able to add in identity source for Active Directory via the "active directory" or by LDAP. Also, able to added AD domain groups or users and permission. However when I cannot login to vsphere. I tried to deleted and re-added Identity source AD but no prevail. One of the webclient error:
"The authentication server returned an unexpected error: ns0:RequestFailed: Group was not found: GroupSID= 'S-1-........' The error may be caused by a malfuntioning identity source."
Thanks for reading.
Joe
Hi Joe,
See if this helps VMware KB: Unable to log in to vCenter Server with the vSphere Client or vSphere Web Client
I think this article is referring to local user in a domain joined computer. My issue is AD domain user login.
Thank you.
Hi,
This should help
Thanks,
Avinash
This KB is applicable only for 5.1
Regards,
Sree
Does this happen with all the users from domain?. When the user logs in the SSO tries to fetch information of all the groups associated with the user. Some of the groups are not reachable which may result in this error. To test you can remove the user from all the group which it is a part of (except domain users and VC permission group).
Regards,
Sree
Hi
Welcome to the communities.
Unexpected error don't say about specific problem
First check all connectivity , port before proceeding any changes.
This issue is resolved in vCenter Server 5.5.0a. For more information about this version, see the VMware vCenter Server 5.5.0a Release Notes. You can download the latest release from the VMware Download Center.
To work around this issue on vSphere 5.5 GA (Build Number 1312298), replace the %WINDIR%\System32\idm.dll file on all systems running vCenter SSO 5.5 with the idm.dll file attached to this KB article.
Note: The attached idm.dll file is provided by VMware. It has been tested and verified by VMware engineering. If you experience issues after replacing the dll file, contact VMware Technical Support.
To replace theidm.dll file on the Windows Server 2012 running SSO 5.5:
Start the VMware Secure Token Service on the vCenter SSO server. For more information on starting services, see Stopping, starting, or restarting vCenter services (1003895). This step also starts the VMware Identity Management Service.
After replacing the dll and restarting services, the initial AD login may take longer than normal to authenticate.