Search the VMware Knowledge Base (KB)
Products:
View by Article ID

Logging in to the vCenter Server Appliance fails with the error: Failed to authenticate user (2147174)

  • 5 Ratings

Symptoms

  • Logging in to the vCenter Server Appliance Web Client and / or vSphere Client fails with the error:

     Failed to authenticate user

  • In the vmware-vpx/vpxd.log ( vCenter Server ) or vpxd/vpxd.log ( vCenter Server Appliance) file, you see entries similar to:

    YYYY-MM-DDT<TIME> info vpxd[7F80D2952700] [Originator@6876 sub=vpxLro opID=27db3f4e] [VpxLRO] -- BEGIN task-internal-1547326 -- SessionManager -- vim.SessionManager.login -- 52b5729d-d6dd-ce67-0216-dbc17f15e4a3
    YYYY-MM-DDT<TIME> error vpxd[7F80D2952700] [Originator@6876 sub=[SSO] opID=27db3f4e] [UserDirectorySso] AcquireToken exception: N9SsoClient27InvalidCredentialsExceptionE(Authentication failed: Invalid credentials)
    YYYY-MM-DDT<TIME> error vpxd[7F80D2952700] [Originator@6876 sub=User opID=27db3f4e] Failed to authenticate user <DOMAIN\Username>
    YYYY-MM-DDT<TIME> info vpxd[7F80D2952700] [Originator@6876 sub=vpxLro opID=27db3f4e] [VpxLRO] -- FINISH task-internal-1547326
    YYYY-MM-DDT<TIME> info vpxd[7F80D2952700] [Originator@6876 sub=Default opID=27db3f4e] [VpxLRO] -- ERROR task-internal-1547326 -- SessionManager -- vim.SessionManager.login: vim.fault.InvalidLogin

    --> Result:
    --> (vim.fault.InvalidLogin) {
    -->    faultCause = (vmodl.MethodFault) null,
    -->    msg = ""
    --> }
    --> Args:
    -->
    --> Arg userName:
    --> "DOMAIN\Username"
    --> Arg password:
    --> (not shown)
    -->
    --> Arg locale:
    -->


  • In the C:/ProgramData/VMware/vCenterServer/logs/sso/vmware-sts-idmd.log file, you see entries similar to:

    Native platform error [code: 40087][LW_ERROR_CLOCK_SKEW][Clock skew detected with active directory server]

    and/or:

    [YYYY-MM-DDT<TIME> vsphere.local        d5ee8f23-b216-4585-b829-6e4c671d6ede ERROR] [IdentityManager] Failed to authenticate principal [Username@DOMAIN] for tenant [vsphere.local]
    com.vmware.identity.interop.idm.IdmNativeException: Native platform error [code: -1765328347][null][null]

    Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.

Purpose

When logging in to the vCenter Server Appliance fails with the Failed to authenticate user error, ensure that the time is in sync between the vCenter Server machine, the domain controller in the domain it is joined to, and all domain controllers in trusted domains to resolve this issue.

Cause

This issue occurs when:
  • There is a time skew between the vCenter Server machine and the domain controller in the domain the Appliance is joined to, or any of the domain controllers that this domain controller trusts.
  • There are slow responses from Active Directory for authentication requests in Identity Manager.
  • Identity Manager itself is running slowly on the vCenter machine due to high CPU and/or memory usage.


Resolution

To resolve this issue, ensure that the time is in sync between the vCenter Server machine, the domain controller in the domain it is joined to, and all domain controllers in trusted domains.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 5 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 5 Ratings
Actions
KB: