The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Troubleshooting Single Sign On based vSphere Web Client 5.0.x login errors (2033253)
- The provided credentials are not valid.
- The user account is locked.
- The vCenter Single Sign On server fails to respond.
- The vCenter Server administrator permissions are not valid to edit Single Sign On configuration.
The provided credentials are invalid
- Verify that you entered the correct user name and password and that the case is correct.
- Provide a fully qualified domain name in the format <user-name>@<domain-name> or <NETBIOS-Domain-Name>/<user-name>.
- Verify that your password is valid. An expired password results in the same error for invalid credentials.
- If you are certain that the user name and password are valid, perform the applicable solution.
- If you log in with a user from the System-Domain, request the Single Sign On administrator to reset your password through the vSphere Web Client. By default the password for all users in the System-Domain expire in one year.
- If you are the Single Sign On administrator, reset your password from the Single Sign On server console.
- If you log in with a user from an Active Directory or LDAP domain, follow your corporate policy to reset the expired password.
The user account is lockedIf the number of failed attempts exceeds the maximum number of allowed failed authentication attempts (three by default), your account is locked.
- If you log in with a user name from the System-Domain, ask your Single Sign On administrator to unlock your account.
- If you log in with a user from an Active Directory or LDAP domain, ask your Active Directory or LDAP administrator to unlock your account.
- Wait until your account is unlocked. By default, the account is unlocked for users in the System-Domain after 15 minutes.
The Single Sign On server fails to respondThe error Failed to communicate with the vCenter Single Sign On server <server-address>. The server might have failed to respond or responded in an unexpected way indicates that connectivity to your Single Sign On server is lost. This can be due to one of the following reasons.
- The Single Sign On server is working correctly but there is no network connectivity to it.
- The Single Sign On server is not running. Verify that the Single Sign On server is working by checking the status of the vCenter Single Sign On (Windows) and vmware-sso (Linux) services.
vCenter Server administrator permissions are not valid by default on Single Sign OnvCenter administrators are not Single Sign On administrators by default. If a vCenter administrator must also be a vCenter Single Sign On administrator, use the vSphere Web Client to make that administrator a member of the Administrators group. See the vSphere Security Guide for details.
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.