phatqThis error appeared after we did a rollback from a vCenter upgrade to 7.0U3a, coming from 7.0U2d.
After the restore logging in with our AD accounts was unsuccessful. Logging in was only possible with administrator@vsphere.local account, SSO seemed to have a problem.
Through the local admin account I checked the AD settings and noticed that the message stated that there was no connection with AD > Administration > Single Sign On > Configuration > Active Directory Domain.
Under “Identity Sources” however, the domain was present.
Within “Active Directory Domain” when selecting “JOIN AD” the following message appeared: Idm client exception: Error trying to join AD, error code [11].
To solve this joined the vCenter to AD through the cli.
This is how you would do it:
root@vcenter01 [ ~ ]# cd /opt/likewise/bin/
root@vcenter01 [ /opt/likewise/bin ]# ./domainjoin-cli join domain username password
Joining to AD Domain: your.domain
With Computer DNS Name: vcenter01.your.domain
SUCCESS
If you head back to your vCenter SSO configuration, you can see that this time around this section is filled with data from AD.
