Search the VMware Knowledge Base (KB)
View by Article ID

Logging in to vSphere Client 5.1 fails with the error: The server took too long to respond (2038918)

  • 36 Ratings

Symptoms

  • After upgrading to vCenter Server 5.1, you are unable to log in to the vSphere Client or the vSphere Web Client, you see the error:

    The command has timed out as the remote server is taking too long to respond

  • Operations time out and vCenter Server tasks appear to be slow.
  • Identity source is set to a large domain with many Organizational Units (OUs) and users.
  • If you change the Base DN to a smaller OU in the AD identity source configuration of SSO after logging into Web Client as the SSO Administrator, you are able to log in.

Cause

This issue may occur if:
  • SSPI calls take a long time for the SSO server to complete.
  • SSO server completes the results, but the client times out before it receives results from SSO.
  • Base DN for users/groups is set to the root of the domain.
  • When you log in from vSphere Client using Windows session authentication, some calls in SSO take unusually long time due to which vSphere Client times out with the error The command has timed out as the remote server is taking too long to respond. This impacts other logins from vSphere Client or Web Client intermittently.
  • If you check AD identity source configuration in SSO after logging into webClient as SSO administrator, Base DN is set to the root of the domain without using AD's Global Catalog Server URL.

Resolution

To resolve this issue, update the Identity source for the SSO Active Directory object to utilize the Global Catalog Server URL.

To update the Identity source for the SSO Active Directory object to utilize the Global Catalog Server URL:

  1. Log in to SSO via the vSphere Web Client as the admin@system-domain user.
  2. Navigate to Administration > Sign-On and Discovery > Configuration > Edit the Identity source for the Domain.
  3. Modify the Primary Server URL:

    • Global Catalog address

      For example:

      ldap://global_server:3268

      Note: specify the port 3268 for the Primary Server URL, otherwise it defaults to port 389 which may impact login via SSO

    • Secure Global Catalog address

      For example:

      ldaps://global_server:3269


  4. You may be required to enter the password if the authentication type is set to Password.
  5. Click OK.

See Also

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 36 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 36 Ratings
Actions
KB: