The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Active Directory users with customized UPN user names cannot use Windows session credentials to log into the vSphere Client or vSphere Web Client (2036529)
- You cannot log into the vSphere Web Client.
- You cannot log into the vSphere Client.
- vCenter Single Sign On is installed on a Windows system.
Use Windows Session Authenticationoption is selected during login.
- Attempting to log in using the vSphere Client or vSphere Web Client fails with the pop-up message:
Provided credentials are not valid
email@example.com be customized to be
Active Directory users with these custom suffixes cannot log into the vSphere Web Client using Windows session credentials when vCenter Single Sign On is installed on a Windows system.
- For example, in the
imsRuntimeAudit.logfile located in
C:\Program Files\VMware\Infrastructure\sso server\, you see messages similar to:
2012-09-21 07:28:30,570, 1ed8d6200100007f06edfadabc610d7a,05c709320100007f21453d728d1866b0,,
Later on, you see the session returns
testuser@domain. This indicates that the domain name is not following UPN standards, and can cause the session to not be accepted by the vSphere client or web client.
- Following the session, you notice the domain name change:
2012-09-24 17:23:41,833, 7a19d5af0100007f1df41e934778df5c,05c709320100007f21453d728d1866b0,,127.0.0.1,
This is a known issue and a fix is currently being investigated by VMware Engineering for inclusion in a future release.
To work around this issue, use one of these options:
- Log in without selecting the Use Windows Session Authentication option in the vSphere Client or the vSphere Web Client.
- When vCenter Single Sign On is installed on a Windows system, Active Directory users with custom suffixes must log into the vSphere Web Client or vSphere Client using their user name with the non-customized domain name as a suffix.
Note: If you encounter similar issues after upgrading to vCenter Server 5.1.0b, see AD users with customized UPN user names cannot log into vCenter Server after upgrade to vSphere 5.1.b (2044150)
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.