Problem with vCenter Appliance 5.5 and Active Directory 2012

After an upgrade of 2 of our domain controllers to windows 2012 we were not able to login to our vcenter with our AD credentials. Luckily I made a backup script in the past for our vcenter which involves rebooting the vcenter appliance every day. The problem only occured the next day after te AD 2012 domain controllers were added to the domain, when the vcenter was rebooted by way of my daily backup script

I knew there was an SSO problem. So I first tried to add the SSO again but this returned an error

“Operation failed for the entity with the following error message.  Trying to store native AD information, however machine is not properly joined. “

To solve it I did the following steps

  1.  Perform again the AD authentication by doing this-    Log on to the appliance with root account https://nameofvcenter:5480/
    –    Go to authentication menu and uncheck AD integration
    –    Reboot appliance
    –  remove AD object of you vcenter from AD domain with Active Directory Users and Computers
    –  Wait a few minutes and add it back to the domain but don’t forget to check the box – preWindows 2000 account
    –    Log on to the appliance with root account https://nameofvcenter:5480/  and check authentication with an AD domain account credential
    –    Reboot again

    After reboot
    2)   reconfigure  SSO
    –    Use the webclient (https://nameofvcenter:9443/vsphere-client/#  and logon with Administrator@VSPHERE.LOCAL
    –    Go to  Administration- Single Signon – Configuration
    –    remove the FQ
    –    Click on + to add it  again and choose AD domain and don’t forget to set is as the default


This should solve it

Be the first to comment

Leave a Reply

Your email address will not be published.