When on the 5.1 vcenter appliance, we had SSO configured to point to LDAP on a 389-directory server.
When we moved over to the 5.5 applicance, it would no longer recognize our usernames. It was only looking at our full names. This part seems to have been fixed with the 5.5a update, but we still cant add users or groups to the server. Users and groups show up in the list and when we click on "Check names" button, everything checks out. When I click on ok, to actually add the user/group it gives the error:
Add Principals: Not allowed: user@company.com's objectId is null
This is the error I get when I try to add an LDAP user to a SSO group on the vSphere Client. I am able to add the same users and groups when I go to Administration and then manage permissions. The LDAP users can then login, but they do not have admin access to the SSO settings in the web client.
We do have a test active directory setup and pointing to AD works fine.