Still working in the lab and this issue has irritated me. So I am sharing.
I upgraded my VCSA to 6.0 Update 1b and a short time later I could not log in. Not sure if it was related to the upgrade or not. I tried using the SSO account and I could log in fine. I thought maybe the domain, or the Identity Source might be missing or corrupt somehow. But both looked fine.
Here is some of the things I did.
- Removed and added back the Identity Source.
- Removed the Identity Source and domain and added them back. After a restart of course.
- I removed the Identity Source, domain, and computer object in AD. Another restart of course.
- I checked the ssoAdminserver.log and it was very busy, and lots of data. But I could not see any errors. This log BTW can be found in the /storage/log/vmware/sso folder.
- I found this VMware article that seemed to be perfect for me. However, after I worked my way through it there was nothing I needed to change or improve. All my ‘stuff’ was good.
However, I saw this interesting SRM related article from Chris. Reading between the lines it really seemed to be something I could get an idea from. However, I did not remember how to fill in the LDAP settings to connect to AD. I found that in this article. You really only need the screenshot from that article, so here is mine:
So everything is working now. For whatever reason, my Integrated Windows Authentication connection decided to not work, and after trying a number of things, I have the ability to work using my AD credentials again. I should mention that once I had the LDAP connection working I could see my AD account / group in permissions. Nothing lost. And definitely thanks Chris!
=== END ===