I have just recently joined our vCenter 6.5 Appliance with Embedded PSC to our domain to get it setup for Smartcard Authentication instead of username and password. Joining the appliance to the Domain went fine with no issues. I then logged into the the URL for the PSC, https://hostname.domain.com/psc/ and logged in with our vCenter SSO admin account. I configured the Single-Sign On Configuration for Smart Card Authentication to Enabled and added the the Trusted CA certificates necessary that our Smart Cards use. Following that I added the Identity Source of our Domain using Active Directory (Integrated Windows Authentication), I attempted LDAP but the Active Directory Server as LDAP kept rejecting. In the PSC and vSphere Web Client I have been able to add Domain Users to to the Single Sign-On Users and Groups, adding them to the local SSO Domain groups. I then went into Access Control > Global Permissions on the Web Client and added the Domain Users that way as well and assigning Roles. I then tried the Use Smart Card to login and I get the HTTP Status 400 Error, any help would be appreciated.