/HCX Login error access denied using the default SSO administrator

HCX Login error access denied using the default SSO administrator

In this blog post, I will provide a tip for quick troubleshooting when after deploying the HCX Manager, or HCX Connector, you have an HCX Login error access denied using the default SSO administrator.

As we know, HCX uses vCenter SSO users/groups to login, and after a deployment, you try to login and get:  Access is denied.

HCX Login error access denied using the default SSO administrator

User administrator, SSO domain, and password are correct, so why are we getting this error? We can check that the administrator user uses an SSO Domain that is not the VMware default vsphere.local. It is a customize SSO domain, so this is the problem.

When you deploy the HCX Manager and Connector, the default HCX Role Placing is set to vsphere.local/Administrators, but since this is not a default SSO Domain, your credentials will not work unless you change the default settings.s

So this is not a huge technical solution that needs much troubleshooting to understand, but if you are unaware of that, you could spend some time on it to find the problem. I have seen some questions in VMware communities regarding this, and this is a simple and quick solution.

Login to your HCX Manager VAMI with https://IP-FQDN:9443 and go to the Configuration tab, then HCX Role Mapping option, and change the settings to your SSO Domain.

HCX Login error access denied using the default SSO administrator

In my case, I need to change to SSO Domain vCenter-vSAN-01.local and the group administrators.

Note: I set it to Administrator groups, but in your case, if you are not using the default, it can be a different group. Just use the group that you did set your vCenter to work with HCX.

After this, restart the Appliance services(or reboot), and you can now login without any issue.

As I said, this is a simple tip for a problem if you didn’t understand the requirements to implement HCX.

Share this article if you think it is worth sharing. If you have any questions or comments, comment here, or contact me on Twitter.

©2022 ProVirtualzone. All Rights Reserved
By | 2022-09-30T14:25:52+02:00 September 30th, 2022|HCX, vCenter, VMware Posts|0 Comments

About the Author:

I am over 20 years’ experience in the IT industry. Working with Virtualization for more than 10 years (mainly VMware). I am an MCP, VCP6.5-DCV, VMware vSAN Specialist, Veeam Vanguard 2018/2019, vExpert vSAN 2018/2019 and vExpert for the last 4 years. Specialties are Virtualization, Storage, and Virtual Backups. I am working for Elits a Swedish consulting company and allocated to a Swedish multinational networking and telecommunications company as a Teach Lead and acting as a Senior ICT Infrastructure Engineer. I am a blogger and owner of the blog ProVirtualzone.com

Leave A Comment