Disabling Federated Login for vCenter is not a common workflow.

Federated Login for vCenter was designed to be a long-term replacement for the default vCenter login workflow in VMware Cloud on AWS. You must disable Federated Login for vCenter if you need to Configure SDDC Compliance Hardening in an SDDC where it has been enabled. Disabling Federated Login for vCenter requires you to reconfigure any Active Directory over LDAP settings you want to restore in vCenter.

Procedure

  1. Log in to VMware Cloud Services at https://vmc.vmware.com.
    You must have the VMware Cloud Services Organization Owner role to compete this workflow.
  2. Click Inventory > SDDCs, then pick an SDDC card and click VIEW DETAILS.
  3. Open the SDDC Settings tab.
  4. Navigate to Federated Login in the vCenter Information section. Verify that the feature is Enabled, then click DISABLE.
    You can click EMERGENCY ACCESS TO VCENTER if you want to try emergency access before you disable Federated Login. If you still want to disable Federated Login, confirm that you understand you'll need to reconfigure your Active Directory over LDAP settings after disablement completes, then click DISABLE.
    A "Disabling Federated Login for vCenter" message displays while disablement is in progress. When the feature has been disabled, the DISABLE button under Federated Login in the vCenter Information section changes to an ENABLE button, and the vSphere Client reverts to requiring a vmc.local identity.

What to do next

After the Disable Federated Login workflow completes, reconfigure the Active Directory over LDAP settings for this organization. Follow the procedures in Add or Edit a vCenter Single Sign-On Identity Source to restore the configuration that was in place before you configured the SDDC for enterprise federation.