When signing into a vCenter 5.1 server, accounts local to the vCenter server may login without any problems, but domain accounts may fail with “Cannot complete login due to an incorrect user name or password.”
I ran into this issue and will detail how I resolved it. Before that however, I believe I had the issue because I installed vCenter 5.1 using a local account as I had no domain access at the time of the installation as my Active Directory identity source was not created for the SSO feature. Thus, I had to manually add an Active Directory identity source using the VMware vSphere Web Client.
1. Login to the VMware vSphere Web Client using the admin account created when installing the SSO feature.
2. Go to Administration | Sign-On and Discovery | Configuration
3. On the Identity Sources tab, click the green plus icon:
4. On the Add identity source screen, enter the following :
Identity Source Type – Active Directory
Name – Anything you want to refer to this Identity source as (typically domain name)
Primary Server URL: ldap://:3268
Secondary Server URL:
Base DN for users: DC=,DC=int
Base DN for groups: DC=,DC=int
Authentication Type: Password and then specify an AD user account
5. Click Test Connection to verify connectivity and then OK to save the new identity source.
That should do it. I thought I was going to have to add the AD Domain to the “Default Domains” list, however, after a few minutes I was able to login to vCenter using the vSphere client.