VMware IDM: Cannot login to VMware Identity Manager tenant using directory credentials


The error is observed when you try to log on to the VMware Identity Manager tenant either Saas or On premise using valid directory credentials.

The exact error is depicted as shown in the image below.




The reason why you might receive this error could be because of the following.

1. You are not using valid credentials to login.

2. You are trying to authenticate as a Local User, rather than to a domain.

3. You do not have the correct policies created and enabled within VMWare Identity Manager.

4. If leveraging the ACC to pull users from AirWatch to VMware Identity Manager using Directory sync, the ACC is not functioning/active.

5. The user is not synced/added to VMware Identity Manager from AirWatch.




1. Change the domain that you are trying to authenticate. The image below shows the domain highlighted. You can have the domain selected by clicking on the Change to different domain link as highlighted in the image below.



When you click on the Change to different domain you should see a prompt to select the domain name as shown in the image below.



Once you select your domain and click next you should find the image below.



You should be able to login as your domain is highlighted as shown in the above image.

2. Although you have the domain correct, but you  still cannot log in using your domain credentials. The image below shows the error.



You would have to verify if the ACC server is accessible and running. Try pinging the ACC server to confirm if the ACC service is running.

Check the policies within VMware Identity Manager and confirm if ACC-Password authentication is enabled for Identity Manager Client App and Web Browser as shown in the image below.



Confirm if the user has been synced to  VMWare Identity Manager from AirWatch, this is shown in the image below.


If the user is not synced to VMware Identity Manager, then check the directory integration settings in AirWatch. Confirm if the user is pulled into AirWatch. Also inspect the required attributes set for the user in VMware Identity Manager. If the user is missing any required attributes, it would be pulled into AirWatch but not VMware IDM.

The image below shows the location to check the required attributes in VMware Identity Manager.



Have more questions? Submit a request


Article is closed for comments.