So you’ve installed your ESX servers and installed vCenter along with its SSO, Inventory Services and Web Client, you’ve even installed the Windows vSphere UI just because that’s what you’re used to and now when you’re connecting to your new environment your getting a “You do not have permission to login to this server”
So with this new version of vSphere you need to enable access for your domain users/groups so that they have access to vCenter.
To get you up and running fast follow these simple steps. for best practices configuring SSO please reference the VMware documentation.
1. Login to the Web client “https://client-hostname:9443/vsphere-client” with email@example.com using the password of what ever you configured SSO password as. *Note you can only configure SSO using the Web Client*
2. Navigate to vCenter Servers > Manage > Permissions, click on the + to add a user
3. Now add your Domain user or group that you would like to have access to vCenter along with the permissions required and click on OK.
4. Try and login with the user you just configured and you should now have access to the Web client or the Windows vSphere UI.
vSphere-land.com is out their to ask your opinion about the Top Virtualization Blogs which have helped you in the Past Year to Learn, Explore & Master the Virtualization Technology & the related Eco-system.
If my Blog has helped you in your journey of Virtualization, I would of course be grateful if you did spend a VOTE for me on their survey.
You can VOTE by clicking on the following link.
38 thoughts on “vSphere 5.5 & 6.0 how to add domain users to SSO”
Finally! The only website that has a good explanation for this! Thank you!
Thanks for this article… I spent the majority of my day trying to figure this out until I ran across this!
Agree with Kirk, this is poorly explained by VMWare (their documentation always has too much filler, I don’t know why they can’t get to the point!) Thanks for this.
Straight to Point! Very good! Thanx a lot!
Okay, I am struggling. I got logged in to do what you said above, but I do not have a Manage option under vCenter Servers. Am I missing something.
You’re using the correct credentials as noted in step 1. Right ?
The server name is fcss-vcenter and I am logging on as that local Domain Administrator ie. fcss-vcenter\Administrator
You should be logging on to the web client with firstname.lastname@example.org which is the default credential when you configured SSO. Follow step 2 when you’re in and you should be fine.
This is great, Thanks for posting. I too could not figure out until I read your this short article.
That does not appear to work correctly. I am beginning to think there may be an installation issue. Is there a problem with just going ahead and reinstalling vSphere 5.5 vCenter server installation?
Hmm sounds like an installation issue. Guess it wouldn’t hurt to start again.
Do I just install over top or do I need to do some uninstall first?
personally I would remove and start again. I think the issue is with SSO installation so you would have to remove all,
Perfect! Thanks for posting this. The VMware documentation and KBs had me going in the wrong direction. This post is spot on! Thanks.
I redid everything to no avail. This server was installed from scratch due to a lost server, so I have no Inventory. Could that be why I do not have the Manage option?
One thing that doesn’t work at least for me is adding a domain user to the “Administrators” group under SSO. I have to add the domain user explicitly to the vCenter server permissions. Domain lookups routinely fail as well. 5.5 seems a little buggy
Thanks. This was exactly what I was looking for.
Worked me dude!! 10 installs thought i had missed a trick!!
i spent much time to troubleshoot this, and found yo!
Thanks a lot
Thank you so much for this… saved me a lot of time and headaches !!
Thx so much
It really helpful
You Rock! Thank you!!
Thank you sir!!
Really clear, good information and got me logging in with my network creds, after one thing, maybe I missed it when adding my account but when I added my account at first I didn’t see the default setting of No Access, but after modifying that, was good to go. Great information, will be back.
Great post u…you saved me a lot of time….
Thanks so much! A lot of guides left this step out when setting up AD authentication and it is not very obvious.
Glad it was helpful to you.
It’s November, more than a year out from when you posted this and it STILL proves to be valuable information and helpful.
Great post!!!! saves a lot of time.
Thanks a lot it is work for me ……
Great Post.. Could you help me integrate vCenter Server appliance with AD. I’m already using an AD for authentication. Is there anything else I have to do so that users from the domain can be given permission to access vcenter ?
Thanks a Lot is it work for me after lost hours
It really helpful
Thanks a lot! Incidentally, your post was referenced from here: https://communities.vmware.com/message/2304274.
Thanks. This works for me as well.
Thanks mate. I’ve been following this tutorial to install VMWare View https://www.youtube.com/watch?v=JSFnkLW1ve4 but the steps for using the domain for authentication are missed out.
thank you so much!!
Thanks for the instructions, I am able to login to my vcenter web client using my domain account. The problem I am having is that I am missing the permissions and resources that my email@example.com is able to see and get access to. I’ve been searching VMWARE’s KB but their explanation is very vague.