When a vCenter Single Sign-On user account is disabled, the user cannot log in to the vCenter Single Sign-On server until an administrator enables the account. You can disable and enable accounts from one of the vCenter Single Sign-On management interfaces.

About this task

Disabled user accounts remain available in the vCenter Single Sign-On system, but the user cannot log in or perform operations on the server. Users with administrator privileges can disable and enable accounts from the vCenter Users and Groups page.

Prerequisites

You must be a member of the vCenter Single Sign-On Administrators group to disable and enable vCenter Single Sign-On users.

Procedure

  1. From a Web browser, connect to the vSphere Web Client or the Platform Services Controller.

    Option

    Description

    vSphere Web Client

    https://vc_hostname_or_IP/vsphere-client

    Platform Services Controller

    https://psc_hostname_or_IP/psc

    In an embedded deployment, the Platform Services Controller host name or IP address is the same as the vCenter Server host name or IP address.

  2. Specify the user name and password for administrator@vsphere.local or another member of the vCenter Single Sign-On Administrators group.

    If you specified a different domain during installation, log in as administrator@mydomain.

  3. Navigate to the vCenter Single Sign-On user configuration UI.

    Option

    Description

    vSphere Web Client

    1. From the Home menu, select Administration.

    2. Under Single Sign-On, click Users and Groups.

    Platform Services Controller

    Click Single Sign-On and click Users and Groups.

  4. Select a user account, click the Disable icon, and click Yes when prompted.
  5. To enable the user again, right-click the user name, select Enable, and click Yes when prompted.