VMware vCenter Single Sign-On – Invalid Credentials – Native Platform Error code 1765328360

Logging in to the vCenter Server Appliance fails with the error: Failed to authenticate user

or

Failed to authenticate principal for tenant vsphere.local 6.5 update1

KB on issue https://kb.vmware.com/s/article/2147174

Logging in to the vCenter Server Appliance Web Client and / or vSphere Client fails with the error:

Failed to authenticate user
/logs/sso/vmware-sts-idmd.log file, you see entries similar to:

 

  • [YYYY-MM-DDT<time> vsphere.local d5ee8f23-b216-4585-b829-6e4c671d6ede ERROR] [IdentityManager] Failed to authenticate principal [Username@DOMAIN] for tenant [vsphere.local]
    com.vmware.identity.interop.idm.IdmNativeException: Native platform error [code: -1765328347][null][null]

Trouble shoot

Login as administrator@vsphere.local

Open VCSA consoleCommand for the appliance

Check VCSA version

vpxd -v

We had : build-8024368

Which log to check :

Become an Expert on vCenter Server appliance Log File Location in 120 seconds


vCenter Server appliance log file location

Connect into vCenter Server appliance using SSH as root and browse towards the directory “/var/log/vmware” to see the list of all logs files of vCenter server appliance 6.5
Browse to the log and open file

To go back down a directory in VCSA

cd ../

to check the date and time on the VCSA

date      Note it is displayed in UTC time zone

They time on ours appears to be out of sync between the vCenter Server machine, and the domain controller

 

So we then set NTP on the vCenter Server Appliance 6.5

https://kb.vmware.com/s/article/2113610

Steps to enable and add NTP servers on the vCenter Server Appliance 6.5

To enable NTP on the vCenter Server Appliance 6.5:

  1. Open a console session to the vCenter Server Appliance and press ALT+F1
  2. Log in using the root user credentials.
  3. Run this command to view the current settings:
    ntp.get
  4. Run this command to add an NTP server:
    ntp.server.add –servers ntp_servername
  5. Run this command to verify the NTP server settings:
    ntp.get
  6. Get NTP ModeTimesync.getNTP Mode
  7. To remove an NTP server, run this command:
    ntp.server.delete –-servers ntp_servername 

     

    Cause

    This issue occurs when:

    • The time is out of Sync with the domain controller the appliance is joined to
    • No NTP time source
    • NTP status down

     

     

    VMware vCenter Server 6.5 Update 1 Release Notes

    https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-651-release-notes.html

     

    This blog is funded by AD clicks. See and AD of interest? Click it. 🙂