After you install vCenter Single Sign-On, confirm that any vCenter Server administrators in existing Active Directory (AD) domains are recognized by Single Sign-On.

If your administrators are AD users, they are migrated to Single Sign-On during a Single Sign On installation or upgrade, provided that Single Sign-On can find the AD domains. In the following circumstances, your local operating system users are not migrated to the new environment, and you will have to create new administrative users:

Single Sign-On is deployed on a different machine from vCenter Server.

Single Sign-On is deployed as a primary node in a high availability or multisite installation.

Install vCenter Single Sign-On.

Install or upgrade the vSphere Web Client to the current version.

1

Log in to the vSphere Web Client as the Single Sign-On administrator: admin@system-domain.

2

Make sure that you can access all the AD domains containing your vCenter Server administrators.

3

If you cannot access an AD domain, correct the problem and use the vSphere Web Client to add the AD domain.

See If Autodiscovery Fails During Single Sign-On Installation Manually Add Active Directory Domains and VMware Knowledge Base article http://kb.vmware.com/kb/2035934.

4

Assign one of the AD users as a Single Sign-On administrator.

5

Log out of the vSphere Web Client and log back in as the new Single Sign-On administrator user.

If you are able to connect successfully, you have configured Single Sign-On correctly.