While upgrading from vCenter 5.1 to vCenter 5.1 Update 1 everything went fine (at least the installer). But when trying to logon in vCenter after half an hour I noticed it was only possible to login with a local account and not with a “domain” account.
While searching trough the SSO logs I saw some strange things like:
java.net.ConnectException: Connection timed out: connect
When logging in to the Webclient and watching the SSO settings, all the domains where tested successfully. So there is a connection, but I guess something during the upgrade or a change in the domains caused it to fail.
I used the command below to do a rediscover of the domains, 2 new domain resources where added. Unfortunately it still not worked properly. But this didn’t change the default domains.
Now I removed all the domains listed in the SSO and did another rediscover.
C:\Program Files\VMware\Infrastructure\SSOServer\utils>ssocli.cmd configure-riat -a discover-is -u admin -p masterPassword
Now I noticed that the log files changed and a lot of other information came trough the logs.
I normally use Baretail to follow tails in Windows log files.
When I saw a lot of “Success” logins in the logfiles I had a good feeling it was working again.
Login works fine now !
After 24 hours, it seemed to be failing again, now I removed everything again, waited a few minutes to be sure the DB has time to cleanup. Then I re-added the domains, according to the log files everything should be working again. But when I try to login I now received an error message that I don’t have any authorization. I noticed when I logged in locally the permissions are missing. So I needed to re-add them to the folders etc.
So be warned that permissions can be removed when waiting to long !