Good day, all. In order to maintain a secure environment, I've been tasked with moving our vSphere Client identity provider from AD(IWA) to AD over LDAPS. I created a certificate on one of our DCs and configured AD over LDAPS and it connected properly using the url ldaps://DC01.xxxxx.xxxxx.net:636. When I go to Administration | SSO | Users and groups and select our domain, accounts from the domain are able to be browsed.
When I go to the permissions tab of an ESXi host of guest, I can select groups or users from our domain and assign them permissions. I can take a domain user account and give it administrator permissions over a host or guest. All seems right. Working as intended.
When I try to log on to the vSphere web client with any account that has valid permissions, I get "Invalid Credentials". I did not remove all roles and permissions from when it was set up as AD(IWA). could that be messing up the logon process?
All ideas are welcome. Thanks
Are you logging in using the UPN format? i.e user@domain.com ?
Are you logging in using the UPN format? i.e user@domain.com ?
I am now. Jeesh that is embarassing.
So it fixed already or not?
Thanks for assisting.
This solution worked.