he migration of identity store fails because of incorrect Active Directory domain credentials or lack or user permission.


The migration of identity store to the VMware Identity Manager utility fails.


The credentials of the Active Directory domain are incorrect. The problem also occurs when the user does not have the permission to join the VMware Identity Manager utility to the Active Directory Domain.


  1. Log in the vRealize Automation appliance as a system administrator.
  2. Create a local user for the vsphere.local tenant.
  3. Assign the local user the Tenant Administrator privileges.
  4. Log out of the vRealize Automation appliance.
  5. Log in the tenant with the local user credentials.
  6. Select Administration > Directories Management > Connectors.
  7. Click Join Domain to join the connector to a specific Active Directory domain.

    The connector syncs user and group data between Active Directory and the Directories Management service

  8. Enter the domain, domain username, and password for the active directory domain.
  9. Click Save.

    The Join Domain page is refreshed and displays a message that you are currently joined to the domain.

What to do next

Start the migration process.