{"id":666,"date":"2013-02-24T13:00:59","date_gmt":"2013-02-24T13:00:59","guid":{"rendered":"http:\/\/emtunc.org\/blog\/?p=666"},"modified":"2013-06-15T13:05:43","modified_gmt":"2013-06-15T12:05:43","slug":"vcenter-5-1-single-sign-on-failure-to-authenticate-active-directory-users","status":"publish","type":"post","link":"https:\/\/emtunc.org\/blog\/02\/2013\/vcenter-5-1-single-sign-on-failure-to-authenticate-active-directory-users\/","title":{"rendered":"vCenter 5.1 Single Sign On Failure to Authenticate Active Directory Users"},"content":{"rendered":"<p>After a painstaking few months with the fairly buggy release of vCenter 5.1 and new counterpart module called Single Sign On (how did this ever get past QA I will never know), there is finally light at the end of the tunnel.<\/p>\n<p>If you were having trouble adding active directory users or groups via the vSphere client to manage your hosts via vCenter, it is likely you face the same issue with single sign on (SSO).<\/p>\n<p><!--more--><\/p>\n<p>The errors below are what users saw and what were in a number of logs on the vCenter server:<\/p>\n<ul>\n<li>Users receive the error &#8220;Cannot complete login due to an incorrect user name or password&#8221; on the vSphere client<\/li>\n<li>&#8220;The authentication server returned an unexpected error: ns0:RequestFailed: Internal Error while creating SAML 2.0 Token. The error may be caused by a malfunctioning identity source&#8221;<\/li>\n<\/ul>\n<p>The instructions to implement the fix can be found in one of the new KB articles released by VMWare <a title=\"Logging in to the vSphere Web Client fails with the error: ns0:RequestFailed: Internal Error while creating SAML 2.0 Token\" href=\"http:\/\/kb.vmware.com\/selfservice\/microsites\/search.do?language=en_US&amp;cmd=displayKC&amp;externalId=2043070\" target=\"_blank\">here<\/a>.<\/p>\n<figure id=\"attachment_672\" aria-describedby=\"caption-attachment-672\" style=\"width: 715px\" class=\"wp-caption alignleft\"><a href=\"http:\/\/emtunc.org\/blog\/wp-content\/uploads\/2013\/02\/vc51ssoresolution.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-672\" alt=\"vCenter 5.1 SSO AD Autnehtication Resolution\" src=\"http:\/\/emtunc.org\/blog\/wp-content\/uploads\/2013\/02\/vc51ssoresolution.png\" width=\"715\" height=\"282\" srcset=\"https:\/\/emtunc.org\/blog\/wp-content\/uploads\/2013\/02\/vc51ssoresolution.png 715w, https:\/\/emtunc.org\/blog\/wp-content\/uploads\/2013\/02\/vc51ssoresolution-300x118.png 300w\" sizes=\"auto, (max-width: 715px) 100vw, 715px\" \/><\/a><figcaption id=\"caption-attachment-672\" class=\"wp-caption-text\">vCenter 5.1 SSO AD Autnehtication Resolution<\/figcaption><\/figure>\n<p>For more details and context, see my <a title=\"vCenter 5.1 SSO and failure to successfully authenticate users\" href=\"http:\/\/communities.vmware.com\/thread\/430780\" target=\"_blank\">original thread on the VMWare forums<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>After a painstaking few months with the fairly buggy release of vCenter 5.1 and new counterpart module called Single Sign On (how did this ever get past QA I will never know), there is finally light at the end of the tunnel. If you were having trouble adding active directory users or groups via the [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1],"tags":[93,95,96,94,71],"class_list":["post-666","post","type-post","status-publish","format-standard","hentry","category-tech","tag-active-directory","tag-single-sign-on","tag-sso","tag-vcenter","tag-vsphere"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1trTO-aK","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/666","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/comments?post=666"}],"version-history":[{"count":9,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/666\/revisions"}],"predecessor-version":[{"id":669,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/666\/revisions\/669"}],"wp:attachment":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/media?parent=666"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/categories?post=666"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/tags?post=666"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}