VMware vCenter 5.1 and before the default behavior was to allow all domain admins to login and administrate your ESXi hosts. Once the 5.5 vCenter installed if you try and connect using a domain account you will get the error :The vSphere Client could not connect to “FQDN / IP”. You do not have permission to login to the server: FQDN / IP

Permission error

 

To get domain credentials to work you need to login to the VMware vSphere Web Client and setup the relevant permissions.

So how to login to vCenter using web client if domain users are not allowed?

Well that will be the one you configured when you installed vCenter and known as the vCenter Single Sign on.

Install SSO

From my case the login would be administrator@vsphere.local and the password would be what I entered. Insert these details into the VMware vSphere Web Client and click Login.

login

Once logged in you will see the vCenter Home.Click on Administration

Under Single Sign-On , Select configuration , and select Identity Sources tab

Click on Add button (Plus icon), Select the Source type ( I choose AD integrated windows authentication), and click ok

image

Once it is configured properly , Go back to vCenter home

Click on vCenter on the left hand side , Then click on vCenter Servers

vCenterserver

Click on your vCenter server on the left. Then click manage on the right.
Click on the permissions button

permission

Then choose your added Domain add your relevant groups / users who you want to administrate your ESXi hosts.

add_user

Set the privileges to the user

user_role

Now you are allowed to login using that particular account to access vCenter Server