When a vCenter Single Sign-On user account is deactivated, the user cannot log in to the vCenter Single Sign-On server until an administrator activates the account. You can deactivate and activate accounts from one of the vCenter Single Sign-On management interfaces.

Deactivated user accounts remain available in the vCenter Single Sign-On system, but the user cannot log in or perform operations on the server. Users with administrator privileges can deactivate and activate accounts from the vCenter Server Users and Groups page.

Prerequisites

You must be a member of the vCenter Single Sign-On Administrators group to deactivate and activate vCenter Single Sign-On users.

Procedure

  1. Log in with the vSphere Client to the vCenter Server.
  2. Specify the user name and password for administrator@vsphere.local or another member of the vCenter Single Sign-On Administrators group.
    If you specified a different domain during installation, log in as administrator@ mydomain.
  3. Navigate to the vCenter Single Sign-On user configuration UI.
    1. From the Home menu, select Administration.
    2. Under Single Sign On, click Users and Groups.
  4. Select a user name, click More, and click Disable.
  5. Click OK.
  6. To activate the user again, click More, click Enable, and click OK.