You cannot log in to the vRealize Log Insight Web user interface when you use Active Directory credentials.
Problem
You cannot log in to vRealize Log Insight by using your Active Directory domain user credentials, despite that an administrator has added your Active Directory account to vRealize Log Insight.
Cause
The most common causes are expired passwords, incorrect credentials, connectivity problems, or lack of synch between the vRealize Log Insight virtual appliance and Active Directory clocks.
Solution
- Verify that your credentials are valid, your password has not expired, and your Active Directory account is not locked.
- If you have not specified a domain to use with Active Directory authentication, verify that you have an account on the default domain stored in the latest vRealize Log Insight configuration at /storage/core/loginsight/config/loginsight-config.xml#[number] where [number] is the largest.
- Find the latest configuration file: /storage/core/loginsight/config/loginsight-config.xml#[number] where [number] is the largest.
- Verify vRealize Log Insight has connectivity to the Active Directory server.
- Go to the Authentication section of the Administration tab of the vRealize Log Insight web user interface, fill in your user credentials, and click the Test Connection button.
- Check the vRealize Log Insight /var/log/vmware/loginsight/runtime.log for messages related to DNS problems.
- Verify that the vRealize Log Insight and Active Directory clocks are in synch.
- Check the vRealize Log Insight /var/log/vmware/loginsight/runtime.log for messages related to clock skew.
- Use an NTP server to synchronize the vRealize Log Insight and Active Directory clocks.
