AOMEI Cyber Backup
Solved: vCenter an error occurred during authentication
With vCenter Single Sign-On, an error occurred while sending an authentication request. This article will explain how to solve the VMware error 400.
By Crystal / Updated on February 2, 2023
Error: VMware vCenter an error occurred during authentication
vCenter Single Sign-On is an authentication broker and security token exchange infrastructure. When a user can authenticate to vCenter Single Sign-On, that user receives a SAML token that can be used to authenticate to vCenter services. The user can then perform the actions that user has privileges for.
Because traffic is encrypted for all communications, and because only authenticated users can perform the actions that they have privileges for. During the process, an error occurred while sending an authentication request to the vCenter Single Sign-On server.
An error occurred when processing meta data during vCenter Single Sign-On setup, the service provider validation failed. Some user reported that the issue is not observed when using the Fully Qualified Domain Name (FQDN) or IP address resolve reverse to the FQDN of the vCenter Server. You could verify that the server URL is correct and is in FQDN format, or that the host name is a trusted service alias.
This issue arises because the FQDN used to access the VMware vCenter is now incorrect. In order to resolve the issue, you could add an allowed alias to the vCenter. Next, I will focus on this issue and offer you the detailed steps to add a short name access to vCenter in this article.
Fix: An error occurred during authentication
VMware vSphere 7.0 enforce FQDN or IP address reverse resolvable to FQDN to allow authentication for Single-Sign on. To enable short name access to vCenter, add the desired shortname in webclient.properties file.
* Note: Ensure you have a backup of vCenter Server Appliance (vcsa) before making any changes.
1. Log in to the vCenter Server via SSH/PuTTY session as root, and enable shell
2. Stop the vSphere client service using below command
3. Navigate to the vsphere-ui location to edit webclient.properties
4. Before editing take a backup of webclient.properties using below command:
5. Add the desired shortname under the sso.serviceprovider.alias.whitelist
- vi webclient.properties
- Type i to enter insert mode
- Remove the comment (#) for sso.serviceprovider.alias.whitelist=
- Add the shortname (comma separated if there are multiple values)
- Save and exit the VI editor by pressing Esc to exit insert mode, then wq!
Example: sso.serviceprovider.alias.whitelist=vcsa70
6. Start the vSphere client service.
When you cannot log in to vSphere Client due to vCenter error, you are exposed to the danger of data loss. So vCenter backup is necessary. Besides, for better vSphere environment, vSphere backup solution is required to protect your virtual machine from security threats.
VMware Environment Protection with AOMEI Cyber Backup
A single vCenter Server instance can support a maximum of 1,000 hosts, 10,000 powered-on virtual machines, and 15,000 registered virtual machines. However, vCenter doesn't provide the feature of virtual machine backup. And that makes backup software a commonly accepted choice.
AOMEI Cyber Backup is an efficient and flexible VMware backup solution that ensures that your VMware virtual environment is fully protected with the help of VM backup and recovery.
AOMEI Cyber Backup is flexible for your IT infrastructure supporting ESXi 6.0 and its later versions.
✦ Agentless Backup: create complete and independent image-level backup for VMware ESXi and Hyper-V VMs from a central console.
✦ Flexible vSphere Backup: batch backup large numbers of VMs managed by vCenter Server, or multiple VMs on a standalone ESXi host.
✦ Multiple Storage Destinations: backup to local drive, or network destinations like Windows share or NAS.
✦ Automated Execution: schedule to automate backups daily, weekly, and monthly with email notifications.
AOMEI Cyber Backup simplifies a complete backup task, and next I will demonstrate how to create one. Please download and try the 30-day free trial:
4 Steps to batch backup VMs on vCenter Server
1. Bind Devices: Access to AOMEI Cyber Backup web client, navigate to Source Device > VMware > + Add VMware Device to Add vCenter or Standalone ESXi host. And then click … > Bind Device.
2. Create Backup Task: Navigate to Backup Task > + Create New Task, and select VMware ESXi Backup as the Backup Type.
3. Set Task Name, Device, Target, Schedule, and Cleanup as needed.
- Task Name: you can change the task name or use the default name with an ordinal.
- Device: batch select large numbers of VMs managed by vCenter Server for centralized backup.
- Target: select to back up to a local path, or to a network path. According to 3-2-1 backup rule, you should store VM files to different places in case of data failure.
- Schedule (optional): choose to perform full, differential or incremental backup, and automate execution according to the frequency you specified.
- Cleanup (optional): configure retention policy to auto delete the old backup files and save storage space.
4. Run Backup: Click Start Backup and select Add the schedule and start backup now, or Add the schedule only.
5. When necessary, click Restore to achieve fast recovery from any backed-up history version.
When restoring, you can also restore to new location to create a new VM in the same or another datastore/host directly from the backup, saving the trouble of re-configuring the new VM.
Summary
You may encounter that an error occurs during authentication request to the vCenter Single Sign-On server. This issue is resulted in an incorrect FQDN. When the domain in which the user you are attempting to log in does not exist as a VMware vCenter SSO identity source, this error may arise.
This article introduced the procedure to solve the VMware error 400, you can add the desired short name access to vCenter following these steps.
