Hide this message
Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.
Updated January 13, 2017
After configuring SSO, the following error displays:
Unable to authenticate on manager: example.dc.com Invalid login
Logging in with an Active Directory (AD) account from Windows works fine.
Logging in as adserver.local\username does not work, however, and the manager.log shows the following error:
Flex authentication failed: Authentication request not handheld
This error occurs when there is a time difference between the LEM VM and Active Directory (the LDAP server). To verify, check the watchlogs from cmc for errors related to Kerberos.
By default, all LEM deployments get their time-sync from the VM host computer.
If the host is VMware ESX(i), ESXi will get its time-sync from a local or Internet NTP server.
If the host is Hyper-V, and the Hyper-V server is a member of Active Directory, the VM host will get its time from Active Directory.
If the Hyper-V host is not a member of the domain, the host needs to get its time from an NTP server.
If time-sync from the host VM is not possible, be sure to clear the time-sync option on the VM host, and enable LEM to get its time directly from an NTP server.
To configure NTP time-sync: