1 Reply Latest reply on Apr 20, 2018 12:57 PM by ashwin_prakash

    VCSA 6.7 - Can't login with AD after upgrade!

    mzac23 Lurker

      I just upgraded with success my VCSA from 6.5 to 6.7 by deploying a new VM, however I can no longer login with AD credentials.

       

      I have set my domain as my default identity source in SSO, however when watching the log file in /var/log/vmware/sso/websso.log I keep seeing it try and send the authentication to vsphere.local and not to the domain I have setup.

       

      This is the type of error I'm getting:

       

      [2018-04-19T14:34:25.514Z tomcat-http--37 vsphere.local        a93d47bb-2929-41b7-a65e-9362e78ae502 INFO  com.vmware.identity.SsoController] Welcome to SP-initiated AuthnRequest handler! The client locale is en_US, tenant is vsphere.local

      [2018-04-19T14:34:25.515Z tomcat-http--37 vsphere.local        a93d47bb-2929-41b7-a65e-9362e78ae502 INFO  com.vmware.identity.SsoController] Request URL is https://vcenter.local/websso/SAML2/SSO/vsphere.local

      [2018-04-19T14:34:25.562Z tomcat-http--37 vsphere.local        8c41acae-ffc5-4afb-9c77-262d108d41ae INFO  com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authn request proxyCount= null set isProxying=false

      [2018-04-19T14:34:25.567Z tomcat-http--37 vsphere.local        8c41acae-ffc5-4afb-9c77-262d108d41ae INFO  com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authentication request validation succeeded

      [2018-04-19T14:34:25.610Z tomcat-http--37 vsphere.local        8c41acae-ffc5-4afb-9c77-262d108d41ae ERROR com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [mzac@domain.com] for tenant [vsphere.local]

       

      Does anyone have a similar issue or know how I can fix this?

       

      Thanks!