In an attempt to start locking down accounts and providing a more secure environment we were trialing the use of the “Protected Users” group as a feature of Server 2012R2 in Active Directory.
After adding our privileged accounts to this group we could no longer authenticate with vCenter.
We are still investigating but we believe the issue is that we lost our secure connection with AD after the 6.5 upgrade. VMware has published a KB article about this. https://kb.vmware.com/s/article/2149697
A workaround that is listed (number three) is to go down to one Domain Controller and I will update this article when we figure out whether that fixed the issue.
More to come….