Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

Troubleshooting vCenter Server Appliance configuration with an external vCenter Single Sign On server (2033737)

Details

During configuration when you are configuring a vCenter Server Appliance to work with an external Single Sign On server, problems can occur if the users are not set up correctly. The most common problems show one of  the following errors.
  1. Failed to authenticate the SSO administrator user.
  2. The user or group supplied for default vCenter administrator does not exist.
  3. Possible duplicate registration of a service with SSO detected.

Solution

  1. If you receive the  Failed to authenticate the Single Sign On Administrator user error, there are several possible solutions.
    1. Re-enter the user name, using e-mail style qualification, for example, user@domain.
      If you are logging in as root, enter the user name as root@localos.
    2. Verify that the user account is not locked or disabled.
      Log in to the Web Client with the same user name as the one that generated the error message. If the user account is locked or disabled, any other Single Sign On administrator can unlock or re-enable the user account. If necessary, create additional Single Sign On administrator accounts. 
    3. Review /var/log/vmware/sso/utils/sso_servicecfg.log to locate the initial error message.
      This can provide details about the cause of the error and the corrective action to take.
  2. If you receive an error that the user or group does not exist, re-enter the user name, using the qualified name. 
    Only operating system users can log in using     unqualified  user names. All other users must be qualified. For example, you can use the unqualified root or Administrators user names, but for domain user names use DOMAIN\Domain Admins (Domain Admins@Domain) or SYSTEM-DOMAIN\admin (admin@System-Domain).
  3. A duplicate registration error can be caused by legacy Application Users created on the appliance during a prior registration.
    These     Application Users must be deleted manually. Use these steps to determine the users to delete.
    1. Log in to the client as the Single Sign On administrator.
    2. From Administration, navigate to SSO Users and Groups and select the Application Users tab.
    3. Locate and delete all application users that are associated with the appliance you are configuring. In this instance you will delete the user account that have the IP address of the appliance in the name or description.
    4. See vSphere Security for details about deleting application users.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 2 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 2 Ratings
Actions
KB: