A vCenter Single Sign On user account might be locked when a user exceeds the allowed number of failed login attempts. After a user account is locked, the user cannot log in to the Single Sign On system until the account is unlocked, either manually or after a certain amount of time has elapsed.

You specify the conditions under which a user account is locked in the Single Sign On Lockout Policy. Locked user accounts appear on the Users and Groups administration page. Users with appropriate privileges can manually unlock Single Sign On user accounts before the specified amount of time has elapsed.

You must be a member of the Single Sign On Administrators group to unlock a Single Sign On user.

1

Browse to Administration > Access > SSO Users and Groups in the vSphere Web Client.

2

Click the Locked Users tab.

3

Right-click the user and select Unlock.

The Single Sign On user account is unlocked, and the user can log in to the Single Sign On server immediately.